Security update for Linux Kernel Live Patch 3 for SLE 12 SP2
SUSE Patch
security@suse.de
SUSE Security Team
SUSE-SU-2017:1914-1
Final
1
1
2017-07-20T15:15:04Z
current
2017-07-20T15:15:04Z
2017-07-20T15:15:04Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for Linux Kernel Live Patch 3 for SLE 12 SP2
This update for the Linux Kernel 4.4.21-90 fixes several issues.
The following security bugs were fixed:
- CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
SUSE-SLE-Live-Patching-12-2017-1185
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://www.suse.com/support/update/announcement/2017/suse-su-20171914-1/
Link for SUSE-SU-2017:1914-1
https://lists.suse.com/pipermail/sle-security-updates/2017-July/003052.html
E-Mail link for SUSE-SU-2017:1914-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1019079
SUSE Bug 1019079
https://bugzilla.suse.com/1025013
SUSE Bug 1025013
https://bugzilla.suse.com/1025254
SUSE Bug 1025254
https://bugzilla.suse.com/1030575
SUSE Bug 1030575
https://bugzilla.suse.com/1031481
SUSE Bug 1031481
https://bugzilla.suse.com/1031660
SUSE Bug 1031660
https://bugzilla.suse.com/1039496
SUSE Bug 1039496
https://www.suse.com/security/cve/CVE-2017-1000364/
SUSE CVE CVE-2017-1000364 page
SUSE Linux Enterprise Live Patching 12
kgraft-patch-4_4_21-90-default-6-3.1
kgraft-patch-4_4_21-90-default-6-3.1 as a component of SUSE Linux Enterprise Live Patching 12
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
CVE-2017-1000364
SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-90-default-6-3.1
important
6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2017/suse-su-20171914-1/
https://www.suse.com/security/cve/CVE-2017-1000364.html
CVE-2017-1000364
https://bugzilla.suse.com/1039346
SUSE Bug 1039346
https://bugzilla.suse.com/1039348
SUSE Bug 1039348
https://bugzilla.suse.com/1042200
SUSE Bug 1042200
https://bugzilla.suse.com/1044985
SUSE Bug 1044985
https://bugzilla.suse.com/1071943
SUSE Bug 1071943
https://bugzilla.suse.com/1075506
SUSE Bug 1075506
https://bugzilla.suse.com/1077345
SUSE Bug 1077345
https://bugzilla.suse.com/1115893
SUSE Bug 1115893
https://bugzilla.suse.com/1149726
SUSE Bug 1149726