Security update for kernel live patch 6 (important)

2016-03-14T18:16:48
ID SUSE-SU-2016:0753-1
Type suse
Reporter Suse
Modified 2016-03-14T18:16:48

Description

This kernel live patch for Linux Kernel 3.12.44-52.10.1 fixes two security issues:

Fixes: - CVE-2016-0728: A reference leak in keyring handling with join_session_keyring() could lead to local attackers gain root privileges. (bsc#962078). - CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. (bsc#955837)