Lucene search

K
suseSuseSUSE-SU-2017:3300-1
HistoryDec 14, 2017 - 3:20 p.m.

Security update for the Linux Kernel (Live Patch 10 for SLE 12 SP2) (important)

2017-12-1415:20:54
lists.opensuse.org
38

EPSS

0.002

Percentile

55.2%

This update for the Linux Kernel 4.4.74-92_29 fixes several issues.

The following security issues were fixed:

  • CVE-2017-1000405: Problematic use of pmd_mkdirty() in the touch_pmd()
    function allowed users to overwrite read-only huge pages (e.g. the zero
    huge page and sealed shmem files) (bsc#1070307).
  • CVE-2017-16939: The XFRM dump policy implementation in
    net/xfrm/xfrm_user.c kernel allowed local users to gain privileges or
    cause a denial of service (use-after-free) via a crafted SO_RCVBUF
    setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink
    messages (bsc#1069708).

This non-security issue was fixed:

  • bsc#1062847: Enable proper shut down if NIC teaming is enabled