Security update for Linux Kernel Live Patch 8 for SLE 12 SP1
SUSE Patch
security@suse.de
SUSE Security Team
SUSE-SU-2017:0763-1
Final
1
1
2017-03-20T19:49:31Z
current
2017-03-20T19:49:31Z
2017-03-20T19:49:31Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for Linux Kernel Live Patch 8 for SLE 12 SP1
This update for the Linux Kernel 3.12.62-60_64_8 fixes one issue.
The following security bug was fixed:
- CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013).
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
SUSE-SLE-Live-Patching-12-2017-429
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://www.suse.com/support/update/announcement/2017/suse-su-20170763-1/
Link for SUSE-SU-2017:0763-1
https://lists.suse.com/pipermail/sle-security-updates/2017-March/002718.html
E-Mail link for SUSE-SU-2017:0763-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1025013
SUSE Bug 1025013
https://www.suse.com/security/cve/CVE-2017-5970/
SUSE CVE CVE-2017-5970 page
SUSE Linux Enterprise Live Patching 12
kgraft-patch-3_12_62-60_64_8-default-6-2.1
kgraft-patch-3_12_62-60_64_8-xen-6-2.1
kgraft-patch-3_12_62-60_64_8-default-6-2.1 as a component of SUSE Linux Enterprise Live Patching 12
kgraft-patch-3_12_62-60_64_8-xen-6-2.1 as a component of SUSE Linux Enterprise Live Patching 12
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
CVE-2017-5970
SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-6-2.1
SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-6-2.1
important
7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2017/suse-su-20170763-1/
https://www.suse.com/security/cve/CVE-2017-5970.html
CVE-2017-5970
https://bugzilla.suse.com/1024938
SUSE Bug 1024938
https://bugzilla.suse.com/1025013
SUSE Bug 1025013
https://bugzilla.suse.com/1115893
SUSE Bug 1115893