You are here
Home > Preporuke > Sigurnosni nedostaci Live Patching servisa

Sigurnosni nedostaci Live Patching servisa

by ncert - 0

SUSE Security Update: Security update for Linux Kernel Live Patch 13 for SLE 12
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1299-1
Rating: important
References: #1030467 #1030575 #1031660
Cross-References: CVE-2017-7308
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has two fixes
is now available.

Description:

This update for the Linux Kernel 3.12.55-52_45 fixes several issues.

The following security bugs were fixed:

– CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in
the Linux kernel did not properly validate certain block-size data,
which allowed local users to cause a denial of service (overflow) or
possibly have unspecified other impact via crafted system calls
(bsc#1030575, bsc#1031660).
– bsc#1030467: Updated Dirty COW fix. The former patch caused some apps to
freeze in rare circumstances

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-782=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-782=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_55-52_45-default-9-2.1
kgraft-patch-3_12_55-52_45-xen-9-2.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_55-52_45-default-9-2.1
kgraft-patch-3_12_55-52_45-xen-9-2.1

References:

https://www.suse.com/security/cve/CVE-2017-7308.html
https://bugzilla.suse.com/1030467
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031660


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 15 for SLE 12
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1300-1
Rating: important
References: #1030467 #1030575 #1031660
Cross-References: CVE-2017-7308
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has two fixes
is now available.

Description:

This update for the Linux Kernel 3.12.60-52_54 fixes several issues.

The following security bugs were fixed:

– CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in
the Linux kernel did not properly validate certain block-size data,
which allowed local users to cause a denial of service (overflow) or
possibly have unspecified other impact via crafted system calls
(bsc#1030575, bsc#1031660).
– bsc#1030467: Updated Dirty COW fix. The former patch caused some apps to
freeze in rare circumstances

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-768=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-768=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_60-52_54-default-9-2.1
kgraft-patch-3_12_60-52_54-xen-9-2.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_60-52_54-default-9-2.1
kgraft-patch-3_12_60-52_54-xen-9-2.1

References:

https://www.suse.com/security/cve/CVE-2017-7308.html
https://bugzilla.suse.com/1030467
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031660


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 16 for SLE 12
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1291-1
Rating: important
References: #1030575 #1031660
Cross-References: CVE-2017-7308
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:

This update for the Linux Kernel 3.12.60-52_57 fixes several issues.

The following security bugs were fixed:

– CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in
the Linux kernel did not properly validate certain block-size data,
which allowed local users to cause a denial of service (overflow) or
possibly have unspecified other impact via crafted system calls
(bsc#1030575, bsc#1031660).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-767=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-767=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_60-52_57-default-6-2.1
kgraft-patch-3_12_60-52_57-xen-6-2.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_60-52_57-default-6-2.1
kgraft-patch-3_12_60-52_57-xen-6-2.1

References:

https://www.suse.com/security/cve/CVE-2017-7308.html
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031660


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 17 for SLE 12
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1278-1
Rating: important
References: #1030575 #1031660
Cross-References: CVE-2017-7308
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:

This update for the Linux Kernel 3.12.60-52_60 fixes several issues.

The following security bugs were fixed:

– CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in
the Linux kernel did not properly validate certain block-size data,
which allowed local users to cause a denial of service (overflow) or
possibly have unspecified other impact via crafted system calls
(bsc#1030575, bsc#1031660).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-766=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-766=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_60-52_60-default-5-2.1
kgraft-patch-3_12_60-52_60-xen-5-2.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_60-52_60-default-5-2.1
kgraft-patch-3_12_60-52_60-xen-5-2.1

References:

https://www.suse.com/security/cve/CVE-2017-7308.html
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031660


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 18 for SLE 12
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1287-1
Rating: important
References: #1030575 #1031660
Cross-References: CVE-2017-7308
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:

This update for the Linux Kernel 3.12.60-52_63 fixes several issues.

The following security bugs were fixed:

– CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in
the Linux kernel did not properly validate certain block-size data,
which allowed local users to cause a denial of service (overflow) or
possibly have unspecified other impact via crafted system calls
(bsc#1030575, bsc#1031660).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-765=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-765=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_60-52_63-default-5-2.1
kgraft-patch-3_12_60-52_63-xen-5-2.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_60-52_63-default-5-2.1
kgraft-patch-3_12_60-52_63-xen-5-2.1

References:

https://www.suse.com/security/cve/CVE-2017-7308.html
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031660


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 19 for SLE 12
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1302-1
Rating: important
References: #1030575 #1031660
Cross-References: CVE-2017-7308
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:

This update for the Linux Kernel 3.12.61-52_66 fixes several issues.

The following security bugs were fixed:

– CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in
the Linux kernel did not properly validate certain block-size data,
which allowed local users to cause a denial of service (overflow) or
possibly have unspecified other impact via crafted system calls
(bsc#1030575, bsc#1031660).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-764=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-764=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_61-52_66-default-4-2.1
kgraft-patch-3_12_61-52_66-xen-4-2.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_61-52_66-default-4-2.1
kgraft-patch-3_12_61-52_66-xen-4-2.1

References:

https://www.suse.com/security/cve/CVE-2017-7308.html
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031660


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

ncert
Top
More in Preporuke
Sigurnosni nedostaci Live Patching servisa

Izdana je nadogradnja za Live Patching servis za operacijski sustav SUSE. Otkriveni nedostaci potencijalnim lokalnim napadačima omogućuju izvršavanje napada uskraćivanja...

Close