Security update for Linux Kernel Live Patch 16 for SLE 12
SUSE Patch
security@suse.de
SUSE Security Team
SUSE-SU-2017:1905-1
Final
1
1
2017-07-20T08:05:12Z
current
2017-07-20T08:05:12Z
2017-07-20T08:05:12Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for Linux Kernel Live Patch 16 for SLE 12
This update for the Linux Kernel 3.12.60-52_57 fixes several issues.
The following security bugs were fixed:
- CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
SUSE-SLE-SAP-12-2017-1178,SUSE-SLE-SERVER-12-2017-1178
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://www.suse.com/support/update/announcement/2017/suse-su-20171905-1/
Link for SUSE-SU-2017:1905-1
https://lists.suse.com/pipermail/sle-security-updates/2017-July/003043.html
E-Mail link for SUSE-SU-2017:1905-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1012183
SUSE Bug 1012183
https://bugzilla.suse.com/1012759
SUSE Bug 1012759
https://bugzilla.suse.com/1012852
SUSE Bug 1012852
https://bugzilla.suse.com/1013543
SUSE Bug 1013543
https://bugzilla.suse.com/1014271
SUSE Bug 1014271
https://bugzilla.suse.com/1017589
SUSE Bug 1017589
https://bugzilla.suse.com/1025013
SUSE Bug 1025013
https://bugzilla.suse.com/1030575
SUSE Bug 1030575
https://bugzilla.suse.com/1039496
SUSE Bug 1039496
https://www.suse.com/security/cve/CVE-2017-1000364/
SUSE CVE CVE-2017-1000364 page
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for SAP Applications 12
kgraft-patch-3_12_60-52_57-default-7-3.1
kgraft-patch-3_12_60-52_57-xen-7-3.1
kgraft-patch-3_12_60-52_57-default-7-3.1 as a component of SUSE Linux Enterprise Server 12-LTSS
kgraft-patch-3_12_60-52_57-xen-7-3.1 as a component of SUSE Linux Enterprise Server 12-LTSS
kgraft-patch-3_12_60-52_57-default-7-3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12
kgraft-patch-3_12_60-52_57-xen-7-3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
CVE-2017-1000364
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-7-3.1
SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-7-3.1
SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-7-3.1
SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-7-3.1
important
6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2017/suse-su-20171905-1/
https://www.suse.com/security/cve/CVE-2017-1000364.html
CVE-2017-1000364
https://bugzilla.suse.com/1039346
SUSE Bug 1039346
https://bugzilla.suse.com/1039348
SUSE Bug 1039348
https://bugzilla.suse.com/1042200
SUSE Bug 1042200
https://bugzilla.suse.com/1044985
SUSE Bug 1044985
https://bugzilla.suse.com/1071943
SUSE Bug 1071943
https://bugzilla.suse.com/1075506
SUSE Bug 1075506
https://bugzilla.suse.com/1077345
SUSE Bug 1077345
https://bugzilla.suse.com/1115893
SUSE Bug 1115893
https://bugzilla.suse.com/1149726
SUSE Bug 1149726