SUSE-SU-2018:3865-1

Source
https://www.suse.com/support/update/announcement/2018/suse-su-20183865-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:3865-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2018:3865-1
Related
Published
2018-11-22T15:20:29Z
Modified
2018-11-22T15:20:29Z
Summary
Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP3)
Details

This update for the Linux Kernel 4.4.92-6_30 fixes several issues.

The following security issues were fixed:

  • CVE-2018-5391: Fixed a possible denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bsc#1103098).
  • CVE-2018-18386: The drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bsc#1112039).
References

Affected packages

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_6

Package

Name
kgraft-patch-SLE12-SP3_Update_6
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_103-6_33-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_7

Package

Name
kgraft-patch-SLE12-SP3_Update_7
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_103-6_38-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_5

Package

Name
kgraft-patch-SLE12-SP3_Update_5
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_92-6_30-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_6

Package

Name
kgraft-patch-SLE12-SP3_Update_6
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_103-6_33-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_7

Package

Name
kgraft-patch-SLE12-SP3_Update_7
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_103-6_38-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_5

Package

Name
kgraft-patch-SLE12-SP3_Update_5
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_92-6_30-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_6

Package

Name
kgraft-patch-SLE12-SP3_Update_6
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_103-6_33-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_7

Package

Name
kgraft-patch-SLE12-SP3_Update_7
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_103-6_38-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_5

Package

Name
kgraft-patch-SLE12-SP3_Update_5
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_92-6_30-default": "11-2.1"
        }
    ]
}