Lucene search

K
suseSuseSUSE-SU-2017:3304-1
HistoryDec 14, 2017 - 3:23 p.m.

Security update for the Linux Kernel (Live Patch 18 for SLE 12) (important)

2017-12-1415:23:06
lists.opensuse.org
50

EPSS

0.001

Percentile

36.1%

This update for the Linux Kernel 3.12.60-52_63 fixes several issues.

The following security issues were fixed:

  • CVE-2017-16939: The XFRM dump policy implementation in
    net/xfrm/xfrm_user.c allowed local users to gain privileges or cause a
    denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt
    system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages
    (bsc#1069708).
  • CVE-2017-10661: Race condition in fs/timerfd.c allowed local users to
    gain privileges or cause a denial of service (list corruption or
    use-after-free) via simultaneous file-descriptor operations that
    leverage improper might_cancel queueing (bsc#1053153).