Security update for the Linux Kernel (Live Patch 30 for SLE 12) (important)

ID SUSE-SU-2018:0233-1
Type suse
Reporter Suse
Modified 2018-01-26T15:08:07


This update for the Linux Kernel 3.12.61-52_111 fixes one issue.

The following security issue was fixed:

  • CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free. This fixes the earlier kgraft update, that could have caused crashes when trying to exploit this vulnerability after applying the kgraft update (bsc#1064392, bsc#1064388).