Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:Update
patchinfo.7083
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.7083
<patchinfo incident="7083"> <issue id="1073230" tracker="bnc">VUL-0: CVE-2017-17712: kernel live patch: The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6has a race condition in inet->hdrincl that leads to uninitialized stack pointerusage; this allows a local user to execute</issue> <issue id="1076017" tracker="bnc">VUL-0: CVE-2018-1000004: kernel-source: ALSA: sequencer use-after-free / deadlock</issue> <issue id="1083488" tracker="bnc">VUL-0: CVE-2018-7566: kernel live patch: race condition in snd_seq_write() may lead to UAF or OOB-access</issue> <issue id="1085114" tracker="bnc">VUL-0: CVE-2018-1068: kernel live patch: netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets</issue> <issue id="1085447" tracker="bnc">VUL-0: CVE-2017-13166: kernel live patch: An elevation of privilege vulnerability in the kernel v4l2 video driver.Product: Android. Versions: Android kernel. Android ID A-34624167.</issue> <issue id="2017-13166" tracker="cve" /> <issue id="2018-1000004" tracker="cve" /> <issue id="2018-1068" tracker="cve" /> <issue id="2018-7566" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>mbenes</packager> <description>This update for the Linux Kernel 4.4.74-92_35 fixes several issues. The following security issues were fixed: - CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2 video driver (bsc#1085447). - CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface for bridging allowed a privileged user to arbitrarily write to a limited range of kernel memory (bsc#1085114). - CVE-2018-7566: Prevent buffer overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user (bsc#1083488). - CVE-2018-1000004: Prevent race condition in the sound system that could have lead to a deadlock and denial of service condition (bsc#1076017). </description> <summary>Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP2)</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor