Oval Definition:oval:org.opensuse.security:def:81498
Revision Date:2018-08-16Version:1
Title:Security update for the Linux Kernel (Live Patch 14 for SLE 12 SP2) (Important)
Description:

This update for the Linux Kernel 4.4.90-92_45 fixes several issues.

The following security issues were fixed:

- CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data, even from other virtual machines or the host system (bsc#1099306). - CVE-2017-18344: The timer_create syscall implementation in kernel/time/posix-timers.c didn't properly validate the sigevent->sigev_notify field, which lead to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allowed userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE) (bsc#1103203). before 4.14.8 - CVE-2018-10853: A flaw was found in kvm. In which certain instructions such as sgdt/sidt call segmented_write_std didn't propagate access correctly. As such, during userspace induced exception, the guest can incorrectly assume that the exception happened in the kernel and panic. (bsc#1097108).
Family:unixClass:patch
Status:Reference(s):1097108
1099306
1103203
CVE-2017-18344
CVE-2018-10853
CVE-2018-3646
Platform(s):SUSE Linux Enterprise Server 12 SP2-LTSS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND kgraft-patch-4_4_90-92_45-default-9-2.1 is installed
  • BACK