SUSE Security Update: Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1272-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.74-92_32 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-878=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-878=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_74-92_32-default-9-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_74-92_32-default-9-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1269-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.74-60_64_60 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-866=1
– SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-866=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kgraft-patch-3_12_74-60_64_60-default-7-2.1
kgraft-patch-3_12_74-60_64_60-xen-7-2.1
– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kgraft-patch-3_12_74-60_64_60-default-7-2.1
kgraft-patch-3_12_74-60_64_60-xen-7-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 1 for SLE 12 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1270-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.82-6_3 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-887=1
Package List:
– SUSE Linux Enterprise Live Patching 12-SP3 (x86_64):
kgraft-patch-4_4_82-6_3-default-8-2.2
kgraft-patch-4_4_82-6_3-default-debuginfo-8-2.2
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1263-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.92-6_30 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-891=1
Package List:
– SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64):
kgraft-patch-4_4_92-6_30-default-5-2.2
kgraft-patch-4_4_92-6_30-default-debuginfo-5-2.2
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1264-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.74-60_64_45 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-868=1
– SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-868=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kgraft-patch-3_12_74-60_64_45-default-10-2.2
kgraft-patch-3_12_74-60_64_45-xen-10-2.2
– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kgraft-patch-3_12_74-60_64_45-default-10-2.2
kgraft-patch-3_12_74-60_64_45-xen-10-2.2
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 29 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1273-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_106 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-860=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_106-default-5-2.1
kgraft-patch-3_12_61-52_106-xen-5-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 9 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1262-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.59-92_24 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-886=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-886=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_59-92_24-default-10-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_59-92_24-default-10-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1268-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.74-92_38 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-880=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-880=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_74-92_38-default-8-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_74-92_38-default-8-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1266-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.74-60_64_40 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-870=1
– SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-870=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kgraft-patch-3_12_74-60_64_40-default-10-2.2
kgraft-patch-3_12_74-60_64_40-xen-10-2.2
– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kgraft-patch-3_12_74-60_64_40-default-10-2.2
kgraft-patch-3_12_74-60_64_40-xen-10-2.2
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 25 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1261-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_86 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-855=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_86-default-8-2.1
kgraft-patch-3_12_61-52_86-xen-8-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 27 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1267-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_92 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-853=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_92-default-7-2.1
kgraft-patch-3_12_61-52_92-xen-7-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 2 for SLE 12 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1260-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.82-6_6 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-889=1
Package List:
– SUSE Linux Enterprise Live Patching 12-SP3 (x86_64):
kgraft-patch-4_4_82-6_6-default-7-2.2
kgraft-patch-4_4_82-6_6-default-debuginfo-7-2.2
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 32 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1257-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_122 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-851=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_122-default-4-2.1
kgraft-patch-3_12_61-52_122-xen-4-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1259-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.74-60_64_54 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-872=1
– SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-872=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kgraft-patch-3_12_74-60_64_54-default-8-2.2
kgraft-patch-3_12_74-60_64_54-xen-8-2.2
– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kgraft-patch-3_12_74-60_64_54-default-8-2.2
kgraft-patch-3_12_74-60_64_54-xen-8-2.2
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1254-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.74-60_64_51 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-871=1
– SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-871=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kgraft-patch-3_12_74-60_64_51-default-8-2.1
kgraft-patch-3_12_74-60_64_51-xen-8-2.1
– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kgraft-patch-3_12_74-60_64_51-default-8-2.1
kgraft-patch-3_12_74-60_64_51-xen-8-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1258-1
Rating: important
References: #1090036
Cross-References: CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for the Linux Kernel 4.4.114-92_64 fixes one issue.
The following security issue was fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-883=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-883=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_114-92_64-default-3-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_114-92_64-default-3-2.1
References:
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 10 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1253-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.74-92_29 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-879=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-879=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_74-92_29-default-10-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_74-92_29-default-10-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1256-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.103-92_56 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-876=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-876=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_103-92_56-default-5-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_103-92_56-default-5-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1255-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.74-60_64_85 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-861=1
– SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-861=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kgraft-patch-3_12_74-60_64_85-default-3-2.1
kgraft-patch-3_12_74-60_64_85-xen-3-2.1
– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kgraft-patch-3_12_74-60_64_85-default-3-2.1
kgraft-patch-3_12_74-60_64_85-xen-3-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 4 for SLE 12 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1252-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.90-6_12 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-890=1
Package List:
– SUSE Linux Enterprise Live Patching 12-SP3 (x86_64):
kgraft-patch-4_4_92-6_18-default-6-2.2
kgraft-patch-4_4_92-6_18-default-debuginfo-6-2.2
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1251-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.74-60_64_57 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-867=1
– SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-867=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kgraft-patch-3_12_74-60_64_57-default-8-2.1
kgraft-patch-3_12_74-60_64_57-xen-8-2.1
– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kgraft-patch-3_12_74-60_64_57-default-8-2.1
kgraft-patch-3_12_74-60_64_57-xen-8-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1250-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.103-92_53 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-877=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-877=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_103-92_53-default-5-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_103-92_53-default-5-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 3 for SLE 12 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1248-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.82-6_9 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-888=1
Package List:
– SUSE Linux Enterprise Live Patching 12-SP3 (x86_64):
kgraft-patch-4_4_82-6_9-default-7-2.2
kgraft-patch-4_4_82-6_9-default-debuginfo-7-2.2
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1249-1
Rating: important
References: #1090036
Cross-References: CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for the Linux Kernel 4.4.114-94_11 fixes one issue.
The following security issue was fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-895=1
Package List:
– SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64):
kgraft-patch-4_4_114-94_11-default-3-2.2
kgraft-patch-4_4_114-94_11-default-debuginfo-3-2.2
References:
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1246-1
Rating: important
References: #1090036
Cross-References: CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for the Linux Kernel 4.4.126-94_22 fixes one issue.
The following security issue was fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-897=1
Package List:
– SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64):
kgraft-patch-4_4_126-94_22-default-2-2.2
kgraft-patch-4_4_126-94_22-default-debuginfo-2-2.2
References:
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 21 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1243-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_72 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-859=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_72-default-10-2.1
kgraft-patch-3_12_61-52_72-xen-10-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 30 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1247-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_111 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-849=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_111-default-4-2.1
kgraft-patch-3_12_61-52_111-xen-4-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1241-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.90-92_50 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-874=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-874=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_90-92_50-default-6-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_90-92_50-default-6-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 14 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1245-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.90-92_45 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-875=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-875=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_90-92_45-default-6-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_90-92_45-default-6-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 22 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1244-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_77 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-856=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_77-default-10-2.1
kgraft-patch-3_12_61-52_77-xen-10-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1242-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.59-92_20 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-885=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-885=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_59-92_20-default-11-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_59-92_20-default-11-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1240-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.103-6_33 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-893=1
Package List:
– SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64):
kgraft-patch-4_4_103-6_33-default-5-2.2
kgraft-patch-4_4_103-6_33-default-debuginfo-5-2.2
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 9 for SLE 12 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1238-1
Rating: important
References: #1090036
Cross-References: CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for the Linux Kernel 4.4.114-94_14 fixes one issue.
The following security issue was fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-894=1
Package List:
– SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64):
kgraft-patch-4_4_114-94_14-default-3-2.2
kgraft-patch-4_4_114-94_14-default-debuginfo-3-2.2
References:
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1239-1
Rating: important
References: #1090036
Cross-References: CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for the Linux Kernel 4.4.120-92_70 fixes one issue.
The following security issue was fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-873=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-873=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_120-92_70-default-2-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_120-92_70-default-2-2.1
References:
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1237-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.74-60_64_66 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-864=1
– SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-864=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kgraft-patch-3_12_74-60_64_66-default-4-2.1
kgraft-patch-3_12_74-60_64_66-xen-4-2.1
– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kgraft-patch-3_12_74-60_64_66-default-4-2.1
kgraft-patch-3_12_74-60_64_66-xen-4-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1236-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.59-92_17 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-884=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-884=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_59-92_17-default-11-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_59-92_17-default-11-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 31 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1235-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_119 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-848=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_119-default-4-2.1
kgraft-patch-3_12_61-52_119-xen-4-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 23 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1233-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_80 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-857=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_80-default-9-2.1
kgraft-patch-3_12_61-52_80-xen-9-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 28 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1234-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_101 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-858=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_101-default-5-2.1
kgraft-patch-3_12_61-52_101-xen-5-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1232-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.74-60_64_69 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-863=1
– SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-863=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kgraft-patch-3_12_74-60_64_69-default-3-2.1
kgraft-patch-3_12_74-60_64_69-xen-3-2.1
– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kgraft-patch-3_12_74-60_64_69-default-3-2.1
kgraft-patch-3_12_74-60_64_69-xen-3-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1231-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.74-60_64_48 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-869=1
– SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-869=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kgraft-patch-3_12_74-60_64_48-default-9-2.1
kgraft-patch-3_12_74-60_64_48-xen-9-2.1
– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kgraft-patch-3_12_74-60_64_48-default-9-2.1
kgraft-patch-3_12_74-60_64_48-xen-9-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1230-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.74-92_35 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-881=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-881=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_74-92_35-default-9-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_74-92_35-default-9-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1229-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.74-60_64_63 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-865=1
– SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-865=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kgraft-patch-3_12_74-60_64_63-default-5-2.1
kgraft-patch-3_12_74-60_64_63-xen-5-2.1
– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kgraft-patch-3_12_74-60_64_63-default-5-2.1
kgraft-patch-3_12_74-60_64_63-xen-5-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1228-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 4.4.103-6_38 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-892=1
Package List:
– SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64):
kgraft-patch-4_4_103-6_38-default-5-2.2
kgraft-patch-4_4_103-6_38-default-debuginfo-5-2.2
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP1)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1227-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.74-60_64_82 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-862=1
– SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-862=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kgraft-patch-3_12_74-60_64_82-default-3-2.1
kgraft-patch-3_12_74-60_64_82-xen-3-2.1
– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kgraft-patch-3_12_74-60_64_82-default-3-2.1
kgraft-patch-3_12_74-60_64_82-xen-3-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 24 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1226-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_83 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-854=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_83-default-8-2.1
kgraft-patch-3_12_61-52_83-xen-8-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 10 for SLE 12 SP3)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1225-1
Rating: important
References: #1090036
Cross-References: CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Live Patching 12-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for the Linux Kernel 4.4.120-94_17 fixes one issue.
The following security issue was fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-896=1
Package List:
– SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64):
kgraft-patch-4_4_120-94_17-default-2-2.2
kgraft-patch-4_4_120-94_17-default-debuginfo-2-2.2
References:
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 33 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1224-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_125 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-850=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_125-default-3-2.1
kgraft-patch-3_12_61-52_125-xen-3-2.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP2)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1223-1
Rating: important
References: #1090036
Cross-References: CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for the Linux Kernel 4.4.114-92_67 fixes one issue.
The following security issue was fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-882=1
– SUSE Linux Enterprise Server 12-SP2-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-882=1
Package List:
– SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
kgraft-patch-4_4_114-92_67-default-3-2.1
– SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
kgraft-patch-4_4_114-92_67-default-3-2.1
References:
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
SUSE Security Update: Security update for the Linux Kernel (Live Patch 26 for SLE 12)
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1222-1
Rating: important
References: #1088268 #1090036
Cross-References: CVE-2017-0861 CVE-2018-1000199
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for the Linux Kernel 3.12.61-52_89 fixes several issues.
The following security issues were fixed:
– CVE-2018-1000199: A bug in x86 debug register handling of ptrace() could
lead to memory corruption, possibly a denial of service or privilege
escalation (bsc#1090036).
– CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem in the Linux kernel allowed attackers to gain
privileges via unspecified vectors (bsc#1088268).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2018-852=1
Package List:
– SUSE Linux Enterprise Server 12-LTSS (x86_64):
kgraft-patch-3_12_61-52_89-default-8-2.2
kgraft-patch-3_12_61-52_89-xen-8-2.2
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2018-1000199.html
https://bugzilla.suse.com/1088268
https://bugzilla.suse.com/1090036
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
