Overview

File _patchinfo of Package patchinfo.5829

<patchinfo incident="5829">
  <issue id="1052368" tracker="bnc">VUL-0: CVE-2017-1000112: kernel live patch: udp: consistently apply ufo or fragmentation</issue>
  <issue id="1053150" tracker="bnc">VUL-0: CVE-2017-12762: kernel live patch: /drivers/isdn/i4l/isdn_net.c: user-controlled buffer is copied into a localbuffer of constant size using strcpy without a length check which can cause abuffer overflow. This affects the Linux ker</issue>
  <issue id="2017-1000112" tracker="cve" />
  <issue id="2017-100012" tracker="cve" />
  <issue id="2017-12762" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>mbenes</packager>
  <description>This update for the Linux Kernel 4.4.74-92_38 fixes several issues.

The following security bugs were fixed:

- CVE-2017-1000112: Updated patch for this issue to be in sync with the other livepatches. Description of the issue: Prevent race condition in net-packet code that could have been exploited by unprivileged users to gain root access (bsc#1052368, bsc#1052311).
- CVE-2017-12762: In drivers/isdn/i4l/isdn_net.c a user-controlled buffer was copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow (bsc#1053150).
</description>
<summary>Security update for Linux Kernel Live Patch 13 for SLE 12 SP2</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places