Test Kennung:	1.3.6.1.4.1.25623.1.0.851548
Kategorie:	SuSE Local Security Checks
Titel:	openSUSE: Security Advisory for kernel (openSUSE-SU-2017:1215-1)
Zusammenfassung:	The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the referenced advisory. Vulnerability Insight: The openSUSE Leap 42.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-7618: crypto/ahash.c in the Linux kernel allowed attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue (bnc#1033340). - CVE-2016-10318: A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel allowed a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service (bnc#1032435). - CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bnc#1033336). - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579). - CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440). - CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052). - CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a lar ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: Linux Kernel on openSUSE Leap 42.1 Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-2671 BugTraq ID: 97407 http://www.securityfocus.com/bid/97407 https://www.exploit-db.com/exploits/42135/ https://github.com/danieljiang0415/android_kernel_crash_poc https://twitter.com/danieljiang0415/status/845116665184497664 http://openwall.com/lists/oss-security/2017/04/04/8 RedHat Security Advisories: RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842 RedHat Security Advisories: RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077 RedHat Security Advisories: RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2017:2669 RedHat Security Advisories: RHSA-2018:1854 https://access.redhat.com/errata/RHSA-2018:1854 https://usn.ubuntu.com/3754-1/ Common Vulnerability Exposure (CVE) ID: CVE-2017-7187 BugTraq ID: 96989 http://www.securityfocus.com/bid/96989 https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes&id=bf33f87dd04c371ea33feb821b60d63d754e3124 http://www.securitytracker.com/id/1038086 Common Vulnerability Exposure (CVE) ID: CVE-2017-7261 BugTraq ID: 97096 http://www.securityfocus.com/bid/97096 http://marc.info/?t=149037004200005&r=1&w=2 https://bugzilla.redhat.com/show_bug.cgi?id=1435719 https://lists.freedesktop.org/archives/dri-devel/2017-March/136814.html Common Vulnerability Exposure (CVE) ID: CVE-2017-7294 BugTraq ID: 97177 http://www.securityfocus.com/bid/97177 https://bugzilla.redhat.com/show_bug.cgi?id=1436798 https://lists.freedesktop.org/archives/dri-devel/2017-March/137094.html RedHat Security Advisories: RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676 RedHat Security Advisories: RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062 Common Vulnerability Exposure (CVE) ID: CVE-2017-7308 BugTraq ID: 97234 http://www.securityfocus.com/bid/97234 https://www.exploit-db.com/exploits/41994/ https://www.exploit-db.com/exploits/44654/ https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html RedHat Security Advisories: RHSA-2017:1297 https://access.redhat.com/errata/RHSA-2017:1297 RedHat Security Advisories: RHSA-2017:1298 https://access.redhat.com/errata/RHSA-2017:1298 RedHat Security Advisories: RHSA-2017:1308 https://access.redhat.com/errata/RHSA-2017:1308 Common Vulnerability Exposure (CVE) ID: CVE-2017-7616 BugTraq ID: 97527 http://www.securityfocus.com/bid/97527 http://www.securitytracker.com/id/1038503 Common Vulnerability Exposure (CVE) ID: CVE-2017-7618 BugTraq ID: 97534 http://www.securityfocus.com/bid/97534 http://marc.info/?l=linux-crypto-vger&m=149181655623850&w=2
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.