SUSE-SU-2017:2778-1
- Source
- https://www.suse.com/support/update/announcement/2017/suse-su-20172778-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2778-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2017:2778-1
- Related
- Published
- 2017-10-19T11:48:40Z
- Modified
- 2017-10-19T11:48:40Z
- Summary
- Security update for Linux Kernel Live Patch 9 for SLE 12 SP1
- Details
-
This update for the Linux Kernel 3.12.67-606418 fixes one issue.
The following security bugs were fixed:
- CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call (bsc#1045327).
- CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel (BlueZ) was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space (bsc#1057950).
- References
Affected packages
SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kgraft-patch-SLE12-SP1_Update_9
Package
- Name
- kgraft-patch-SLE12-SP1_Update_9
- Purl
- purl:rpm/suse/kgraft-patch-SLE12-SP1_Update_9&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1