 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.851573 |
| Category: | SuSE Local Security Checks |
| Title: | openSUSE: Security Advisory for kernel (openSUSE-SU-2017:1685-1) |
| Summary: | The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory. |
| Description: | Summary: The remote host is missing an update for the 'kernel' package(s) announced via the referenced advisory. Vulnerability Insight: The openSUSE Leap 42.2 kernel was updated to 4.4.73 to receive security and bugfixes. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010) (bnc#1039348). The previous fix caused some Java applications to crash and has been replaced by the upstream fix. The following non-security bugs were fixed: - md: fix a null dereference (bsc#1040351). - net/mlx5e: Fix timestamping capabilities reporting (bsc#966170, bsc#1015342) - reiserfs: don't preallocate blocks for extended attributes (bsc#990682) - ibmvnic: Fix error handling when registering long-term-mapped buffers (bsc#1045568). - Fix kabi after adding new field to struct mddev (bsc#1040351). - Fix soft lockup in svc_rdma_send (bsc#729329). - IB/addr: Fix setting source address in addr6_resolve() (bsc#1044082). - IB/ipoib: Fix memory leak in create child syscall (bsc#1022595 FATE#322350). - IB/mlx5: Assign DSCP for R-RoCE QPs Address Path (bsc#966170 bsc#966172 bsc#966191). - IB/mlx5: Check supported flow table size (bsc#966170 bsc#966172 bsc#966191). - IB/mlx5: Enlarge autogroup flow table (bsc#966170 bsc#966172 bsc#966191). - IB/mlx5: Fix kernel to user leak prevention logic (bsc#966170 bsc#966172 bsc#966191). - NFSv4: do not let hanging mounts block other mounts (bsc#1040364). - [v2, 2/3] powerpc/fadump: avoid holes in boot memory area when fadump is registered (bsc#1037669). - [v2, 1/3] powerpc/fadump: avoid duplicates in crash memory ranges (bsc#1037669). - [v2, 3/3] powerpc/fadump: provide a helpful error message (bsc#1037669). - dm: remove dummy dm_table definition (bsc#1045307) - ibmvnic: Activate disabled RX buffer pools on reset (bsc#1044767). - ibmvnic: Client-initiated failover (bsc#1043990). - ibmvnic: Correct return code checking for ibmvnic_init during probe (bsc#1045286). - ibmvnic: Ensure that TX queues are disabled in __ibmvnic_close (bsc#1044767). - ibmvnic: Exit polling routine correctly during adapter reset (bsc#1044767). - ibmvnic: Fix incorrectly defined ibmvnic_request_map_rsp structure (bsc#1045568). - ibmvnic: Remove VNIC_CLOSING check from pending_scrq (bsc#1044767). - ibmvnic: Remove module author mailing address (bsc#1045467). - ibmvnic: Remove netdev notify for failover resets (bsc#1044120). - ibmvnic: Return from ibmvn ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: Kernel on openSUSE Leap 42.2 Solution: Please install the updated package(s). CVSS Score: 6.2 CVSS Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-1000364 BugTraq ID: 99130 http://www.securityfocus.com/bid/99130 Debian Security Information: DSA-3886 (Google Search) http://www.debian.org/security/2017/dsa-3886 https://www.exploit-db.com/exploits/45625/ https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt RedHat Security Advisories: RHSA-2017:1482 https://access.redhat.com/errata/RHSA-2017:1482 RedHat Security Advisories: RHSA-2017:1483 https://access.redhat.com/errata/RHSA-2017:1483 RedHat Security Advisories: RHSA-2017:1484 https://access.redhat.com/errata/RHSA-2017:1484 RedHat Security Advisories: RHSA-2017:1485 https://access.redhat.com/errata/RHSA-2017:1485 RedHat Security Advisories: RHSA-2017:1486 https://access.redhat.com/errata/RHSA-2017:1486 RedHat Security Advisories: RHSA-2017:1487 https://access.redhat.com/errata/RHSA-2017:1487 RedHat Security Advisories: RHSA-2017:1488 https://access.redhat.com/errata/RHSA-2017:1488 RedHat Security Advisories: RHSA-2017:1489 https://access.redhat.com/errata/RHSA-2017:1489 RedHat Security Advisories: RHSA-2017:1490 https://access.redhat.com/errata/RHSA-2017:1490 RedHat Security Advisories: RHSA-2017:1491 https://access.redhat.com/errata/RHSA-2017:1491 RedHat Security Advisories: RHSA-2017:1567 https://access.redhat.com/errata/RHSA-2017:1567 RedHat Security Advisories: RHSA-2017:1616 https://access.redhat.com/errata/RHSA-2017:1616 RedHat Security Advisories: RHSA-2017:1647 https://access.redhat.com/errata/RHSA-2017:1647 RedHat Security Advisories: RHSA-2017:1712 https://access.redhat.com/errata/RHSA-2017:1712 http://www.securitytracker.com/id/1038724 |
| Copyright | Copyright (C) 2017 Greenbone Networks GmbH |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |