SB2018032315 - OpenSUSE Linux update for the Linux Kernel
Published: March 23, 2018
Security Bulletin ID
SB2018032315
Severity
Medium
Patch available
YES
Number of vulnerabilities
11
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 11 secuirty vulnerabilities.
1) Privilege escalation (CVE-ID: CVE-2017-13166)
The vulnerability allows a local attacker to gain elevated privileges on the target system.The weakness exists in the V4L2 video driver component of the Google Android kernel due to insufficient validation of user-supplied input. A local attacker can use a specially crafted application and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
2) Race condition (CVE-ID: CVE-2017-15951)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists due to the KEYS subsystem does not correctly synchronize the actions of updating versus finding a key in the "negative" state. A local attacker can make a specially crafted system calls, trigger race condition and cause the service to crash.
Successful exploitation of the vulnerability results in denial of service.
3) Error handling (CVE-ID: CVE-2017-16644)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists due to an error in the hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger improper error handling and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
4) Out-of-bounds read (CVE-ID: CVE-2017-16912)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists in the "get_pipe()" function (drivers/usb/usbip/stub_rx.c) due to out-of-bounds read. A local attacker can supply specially crafted USB over IP packet, trigger memory corruption and cause the service to crash.
5) Memory corruption (CVE-ID: CVE-2017-16913)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists in the "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) due to boundary error when handling CMD_SUBMIT packets. A local attacker can supply specially crafted USB over IP packet, trigger memory corruption and cause the service to crash.
6) Use-after-free error (CVE-ID: CVE-2017-17975)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c due to use-after-free error. A local attacker can trigger failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure.
7) Double free error (CVE-ID: CVE-2017-18174)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists in the amd_gpio_remove function due to double free when calling the pinctrl_unregister function. A local attacker can trigger memory corruption and cause the service to crash.
8) Infinite loop (CVE-ID: CVE-2017-18208)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists in the madvise_willneed function due to infinite loop. A local attacker can trigger use of MADVISE_WILLNEED for a DAX mapping and cause the service to crash.
9) Improper input validation (CVE-ID: CVE-2018-1000026)
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.The weakness exists in the bnx2x network card driver due to insufficient validation of user-supplied input. A remote attacker can submit a specially crafted packet to the affected network card and cause the system to crash.
10) Privilege escalation (CVE-ID: CVE-2018-1068)
The vulnerability allows a local attacker to gain elevated privileges on the target system.The weakness exists due to an error in the implementation of 32 bit syscall interface. A local attacker can gain root privileges.
11) Memory corruption (CVE-ID: CVE-2018-8087)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists in the hwsim_new_radio_nl function due to memory leak. A local attacker can trigger memory corruption and cause the service the crash.
Remediation
Install update from vendor's website.