ID de Prueba:	1.3.6.1.4.1.25623.1.1.4.2018.3787.1
Categoría:	SuSE Local Security Checks
Título:	SUSE: Security Advisory (SUSE-SU-2018:3787-1)
Resumen:	The remote host is missing an update for the 'Linux Kernel (Live Patch 17 for SLE 12 SP2)' package(s) announced via the SUSE-SU-2018:3787-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'Linux Kernel (Live Patch 17 for SLE 12 SP2)' package(s) announced via the SUSE-SU-2018:3787-1 advisory. Vulnerability Insight: This update for the Linux Kernel 4.4.103-92_56 fixes several issues. The following security issues were fixed: CVE-2018-5391: Fixed a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may have caused a denial of service condition by sending specially crafted IP fragments. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bsc#1103098). CVE-2018-18386: The drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bsc#1112039). Affected Software/OS: 'Linux Kernel (Live Patch 17 for SLE 12 SP2)' package(s) on SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP2. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-5391 BugTraq ID: 105108 http://www.securityfocus.com/bid/105108 CERT/CC vulnerability note: VU#641765 https://www.kb.cert.org/vuls/id/641765 Debian Security Information: DSA-4272 (Google Search) https://www.debian.org/security/2018/dsa-4272 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 RedHat Security Advisories: RHSA-2018:2785 https://access.redhat.com/errata/RHSA-2018:2785 RedHat Security Advisories: RHSA-2018:2791 https://access.redhat.com/errata/RHSA-2018:2791 RedHat Security Advisories: RHSA-2018:2846 https://access.redhat.com/errata/RHSA-2018:2846 RedHat Security Advisories: RHSA-2018:2924 https://access.redhat.com/errata/RHSA-2018:2924 RedHat Security Advisories: RHSA-2018:2925 https://access.redhat.com/errata/RHSA-2018:2925 RedHat Security Advisories: RHSA-2018:2933 https://access.redhat.com/errata/RHSA-2018:2933 RedHat Security Advisories: RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948 RedHat Security Advisories: RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3083 RedHat Security Advisories: RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2018:3096 RedHat Security Advisories: RHSA-2018:3459 https://access.redhat.com/errata/RHSA-2018:3459 RedHat Security Advisories: RHSA-2018:3540 https://access.redhat.com/errata/RHSA-2018:3540 RedHat Security Advisories: RHSA-2018:3586 https://access.redhat.com/errata/RHSA-2018:3586 RedHat Security Advisories: RHSA-2018:3590 https://access.redhat.com/errata/RHSA-2018:3590 http://www.securitytracker.com/id/1041476 http://www.securitytracker.com/id/1041637 https://usn.ubuntu.com/3740-1/ https://usn.ubuntu.com/3740-2/ https://usn.ubuntu.com/3741-1/ https://usn.ubuntu.com/3741-2/ https://usn.ubuntu.com/3742-1/ https://usn.ubuntu.com/3742-2/
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.