Lucene search

K
suseSuseSUSE-SU-2017:2476-1
HistorySep 15, 2017 - 12:10 a.m.

Security update for Linux Kernel Live Patch 26 for SLE 12 (important)

2017-09-1500:10:13
lists.opensuse.org
209
linux kernel live patch
sle 12
cve-2017-9242
cve-2017-7645
denial of service

EPSS

0.263

Percentile

96.8%

This update for the Linux Kernel 3.12.61-52_89 fixes several issues.

The following security bugs were fixed:

  • CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c
    in the Linux kernel was too late in checking whether an overwrite of an
    skb data structure may occur, which allowed local users to cause a
    denial of service (system crash) via crafted system calls (bsc#1042892).
  • CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux
    kernel allowed remote attackers to cause a denial of service (system
    crash) via a long RPC reply (bsc#1046191).