| Revision Date: | 2016-12-07 | Version: | 1 |
| Title: | Security update for the Linux Kernel (Important) |
| Description: |
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive critical security fixes.
The following security bugs were fixed:
- CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012754). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1008831
1011685
1012754
CVE-2016-8632
CVE-2016-8655
CVE-2016-9555
SUSE-SU-2016:3049-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 12 SP2
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information
kernel-default-4.4.21-84.1 is installed
OR kernel-default-devel-4.4.21-84.1 is installed
OR kernel-default-extra-4.4.21-84.1 is installed
OR kernel-devel-4.4.21-84.1 is installed
OR kernel-macros-4.4.21-84.1 is installed
OR kernel-source-4.4.21-84.1 is installed
OR kernel-syms-4.4.21-84.1 is installed
|