Overview

File _patchinfo of Package patchinfo.5384

<patchinfo incident="5384">
  <issue id="1052311" tracker="bnc">CVE-2017-1000112: kernel: udp: consistently apply ufo or fragmentation</issue>
  <issue id="1052365" tracker="bnc">CVE-2017-1000111: kernel: heap out-of-bounds in AF_PACKET sockets</issue>
  <issue id="2017-1000111" tracker="cve" />
  <issue id="2017-1000112" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>alnovak</packager>
  <reboot_needed/>
  <description>
The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.74 to the following security updates:

- CVE-2017-1000111: fix race condition in net-packet code that could be
  exploited to cause out-of-bounds memory access (bsc#1052365).
- CVE-2017-1000112: fix race condition in net-packet code that could have been
  exploited by unprivileged users to gain root access. (bsc#1052311).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places