SUSE-SU-2017:1279-1 Security update for Linux Kernel Live Patch 1 for SLE 12 SP2

This update for the Linux Kernel 4.4.21-81 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packetsetring function in net/packet/afpacket.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of servi...

SUSE-SU-2017:0869-1 Security update for Linux Kernel Live Patch 2 for SLE 12 SP2

This update for the Linux Kernel 4.4.21-84 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access via an integer overflow, a...

SUSE-SU-2017:0866-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 kernel was updated to fix the following security bugs: - CVE-2017-7184: The Linux kernel allowed local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access via unspecified vectors, as demonstrated during a Pwn2Own competition at...

SUSE-SU-2017:0777-1 Security update for Linux Kernel Live Patch 1 for SLE 12 SP2

This update for the Linux Kernel 4.4.21-81 fixes several issues. The following security bug was fixed: - CVE-2017-5970: The ipv4pktinfoprepare function in net/ipv4/ipsockglue.c in the Linux kernel allowed attackers to cause a denial of service system crash via 1 an application that made crafted...

SUSE-SU-2016:3146-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP 2 kernel was updated to fix two security issues. The following security bugs were fixed: - CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg or /dev/bsg to elevate their privileges bsc1013604. -...

CVE-2016-7910

Use-after-free vulnerability in the diskseqfstop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed...

SUSE-SU-2016:2637-1 Security update for Linux Kernel Live Patch 6 for SLE 12 SP1

This update for the Linux Kernel 3.12.59-6045 fixes several issues. The following security bugs were fixed: - CVE-2016-5195: A local privilege escalation using MAPPRIVATE was fixed, which is reportedly exploited in the wild bsc1004419. - CVE-2016-8666: The IP stack in the Linux kernel allowed...

SUSE-SU-2016:2634-1 Security update for Linux Kernel Live Patch 3 for SLE 12 SP1

This update for the Linux Kernel 3.12.53-6030 fixes several issues. The following security bugs were fixed: - CVE-2016-5195: A local privilege escalation using MAPPRIVATE was fixed, which is reportedly exploited in the wild bsc1004419. - CVE-2016-8666: The IP stack in the Linux kernel allowed...

SUSE-SU-2016:2631-1 Security update for Linux Kernel Live Patch 0 for SLE 12 SP1

This update for the Linux Kernel 3.12.49-11 fixes several issues. The following security bugs were fixed: - CVE-2016-5195: A local privilege escalation using MAPPRIVATE was fixed, which is reportedly exploited in the wild bsc1004419. - CVE-2016-8666: The IP stack in the Linux kernel allowed remot...

SUSE-SU-2016:2005-1 Security update for Linux Kernel Live Patch 8 for SLE 12

This update for the Linux Kernel 3.12.48-5227 fixes several issues. The following security bugs were fixed: - CVE-2016-4470: The keyrejectandlink function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a...

CVE-2016-3134

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service heap memory corruption via an IPTSOSETREPLACE setsockopt call...

CVE-2016-2550

The Linux kernel before 4.5 allows local users to bypass file-descriptor limits and cause a denial of service memory consumption by leveraging incorrect tracking of descriptor ownership and sending each descriptor over a UNIX socket before closing it. NOTE: this vulnerability exists because of an...

CVE-2015-8844

The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service TM Bad Thing exception and panic via a crafted application...

SUSE-SU-2016:0755-1 Security update for kernel live patch 1

This kernel live patch for Linux Kernel 3.12.51-60.20.2 fixes three security issues: Fixes: - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc962078. - CVE-2015-8660: The ovlsetattr function in fs/overlayfs/inode.c...

SUSE-SU-2016:0751-1 Security update for kernel live patch 0

This kernel live patch for Linux Kernel 3.12.49-11.1 fixes three security issues: Fixes: - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc962078. - CVE-2015-8660: The ovlsetattr function in fs/overlayfs/inode.c in...

CVE-2015-4004

The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service out-of-bounds read and system crash via a crafted packet...

CVE-2014-8133

arch/x86/kernel/tls.c in the Thread Local Storage TLS implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

CVE-2014-5207

fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, ...

CVE-2014-4943

The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket...