SB2018031207 - SUSE Linux update for the Linux Kernel 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018031207

SB2018031207 - SUSE Linux update for the Linux Kernel

Published: March 12, 2018

Security Bulletin ID SB2018031207
Severity
Medium
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 13% Medium 50% Low 38%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Privilege escalation (CVE-ID: CVE-2017-13215)

The vulnerability allows a remote attacker to gain elevated privileges on the target system.

The weakness exists due to a flaw in the Upstream kernel skcipher. A remote attacker can trick the victim into opening a specially crafted application and execute arbitrary code with elevated privileges.

2) Out-of-bounds read (CVE-ID: CVE-2017-17741)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the KVM implementation in the Linux kernel. A local attacker can trigger write_mmio stack-based out-of-bounds read or possibly have unspecified other impact, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

3) Use-after-free error (CVE-ID: CVE-2017-18017)

The vulnerability allows a remote attacker to cause DoS condition no the target system.

The weakness exists in the tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel due to use-after-free error. A remote attacker can leverage the presence of xt_TCPMSS in an iptables action, trigger memory corruption and cause the system to crash.

4) Null pointer dereference (CVE-ID: CVE-2017-18079)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the drivers/input/serio/i8042.c due to the port->exists value can change after it is validated. A remote attacker can trigger NULL pointer dereference and cause the system to crash.

5) Information disclosure (CVE-ID: CVE-2017-5715)

The vulnerability allows a local attacker to obtain potentially sensitive information.

The vulnerability exists in Intel CPU hardware due to improper implementation of the speculative execution of instructions. A local attacker can utilize branch target injection, execute arbitrary code, perform a side-channel attack and read sensitive memory information.


6) Race condition (CVE-ID: CVE-2018-1000004)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to race condition in the sound system. A remote attacker can trigger deadlock and cause the system to crash.

7) Heap out-of-bounds write (CVE-ID: CVE-2018-5332)

The vulnerability allows a local attacker to  cause DoS condition on the target system.

The weakness exists in the rds_message_alloc_sgs() function due to improper validation of DMA page allocation values. A local attacker can trigger a heap-based out-of-bounds write and cause the system to crash.

8) Null pointer dereference (CVE-ID: CVE-2018-5333)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the rds_cmsg_atomic function due to insufficient handling of user-supplied input. A remote attacker can send a specially crafted HTTP request, trigger NULL pointer dereference and cause the system to crash.


Remediation

Install update from vendor's website.

References