Security update for the Linux Kernel
Announcement ID: |
SUSE-SU-2017:2389-1 |
Rating: |
important |
References: |
|
Cross-References:
|
|
CVSS scores: |
-
CVE-2014-9922
(
SUSE
):
7.0
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2016-10277
(
NVD
):
7.8
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
-
CVE-2017-1000363
(
SUSE
):
6.8
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-1000363
(
NVD
):
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-1000363
(
NVD
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-1000365
(
SUSE
):
2.9
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
-
CVE-2017-1000365
(
NVD
):
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-1000365
(
NVD
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-1000380
(
SUSE
):
4.0
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-
CVE-2017-1000380
(
NVD
):
5.5
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
-
CVE-2017-11176
(
SUSE
):
7.3
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
-
CVE-2017-11176
(
NVD
):
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-11176
(
NVD
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-11473
(
SUSE
):
6.4
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-11473
(
NVD
):
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-11473
(
NVD
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-2647
(
SUSE
):
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-2647
(
NVD
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-6951
(
SUSE
):
5.5
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
-
CVE-2017-6951
(
NVD
):
5.5
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
-
CVE-2017-7482
(
SUSE
):
6.6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
-
CVE-2017-7482
(
NVD
):
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-7482
(
NVD
):
7.1
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
-
CVE-2017-7487
(
SUSE
):
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
-
CVE-2017-7487
(
NVD
):
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-7487
(
NVD
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-7533
(
SUSE
):
7.4
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-7533
(
NVD
):
7.0
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-7533
(
NVD
):
7.0
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-7542
(
SUSE
):
6.2
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
-
CVE-2017-7542
(
NVD
):
5.5
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
-
CVE-2017-8890
(
SUSE
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-8890
(
NVD
):
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-8890
(
NVD
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-8924
(
SUSE
):
4.0
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-
CVE-2017-8924
(
NVD
):
4.6
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
-
CVE-2017-8925
(
SUSE
):
4.0
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
-
CVE-2017-8925
(
NVD
):
5.5
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
-
CVE-2017-9074
(
SUSE
):
5.5
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
-
CVE-2017-9074
(
NVD
):
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-9074
(
NVD
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-9075
(
SUSE
):
5.5
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
-
CVE-2017-9075
(
NVD
):
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-9075
(
NVD
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-9076
(
SUSE
):
6.2
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
-
CVE-2017-9076
(
NVD
):
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-9076
(
NVD
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-9077
(
SUSE
):
5.5
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
-
CVE-2017-9077
(
NVD
):
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-9077
(
NVD
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-9242
(
SUSE
):
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-
CVE-2017-9242
(
NVD
):
5.5
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
Affected Products: |
- SLES for SAP Applications 11-SP4
- SUSE Linux Enterprise High Availability Extension 11 SP4
- SUSE Linux Enterprise Real Time Extension 11 SP4
- SUSE Linux Enterprise Server 11 SP4
- SUSE Linux Enterprise Software Development Kit 11 SP4
|
An update that solves 21 vulnerabilities and has 92 security fixes can now be installed.
Description:
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-7482: Several missing length checks ticket decode allowing for information leak or potentially code execution (bsc#1046107).
- CVE-2016-10277: Potential privilege escalation due to a missing bounds check in the lp driver. A kernel command-line adversary can overflow the parport_nr array to execute code (bsc#1039456).
- CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/