ALT-BU-2017-3124-1
Branch p8 update bulletin.
Package kernel-image-std-def updated to version 4.4.68-alt0.M80P.2 for branch p8 in task 182987.
Closed vulnerabilities
BDU:2017-02026
Уязвимость функции sanity_check_raw_super операционной системы Linux, позволяющая нарушителю повысить свои привилегии
Modified: 2024-11-21
CVE-2017-10662
The sanity_check_raw_super function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9dd46188edc2f0d1f37328637860bb65a771124
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9dd46188edc2f0d1f37328637860bb65a771124
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.1
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.1
- 100215
- 100215
- https://bugzilla.redhat.com/show_bug.cgi?id=1481146
- https://bugzilla.redhat.com/show_bug.cgi?id=1481146
- https://github.com/torvalds/linux/commit/b9dd46188edc2f0d1f37328637860bb65a771124
- https://github.com/torvalds/linux/commit/b9dd46188edc2f0d1f37328637860bb65a771124
- https://source.android.com/security/bulletin/2017-08-01
- https://source.android.com/security/bulletin/2017-08-01
Package kernel-image-un-def updated to version 4.9.28-alt0.M80P.1 for branch p8 in task 182992.
Closed vulnerabilities
BDU:2017-01146
Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
BDU:2017-02026
Уязвимость функции sanity_check_raw_super операционной системы Linux, позволяющая нарушителю повысить свои привилегии
Modified: 2024-11-21
CVE-2017-10662
The sanity_check_raw_super function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9dd46188edc2f0d1f37328637860bb65a771124
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9dd46188edc2f0d1f37328637860bb65a771124
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.1
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.1
- 100215
- 100215
- https://bugzilla.redhat.com/show_bug.cgi?id=1481146
- https://bugzilla.redhat.com/show_bug.cgi?id=1481146
- https://github.com/torvalds/linux/commit/b9dd46188edc2f0d1f37328637860bb65a771124
- https://github.com/torvalds/linux/commit/b9dd46188edc2f0d1f37328637860bb65a771124
- https://source.android.com/security/bulletin/2017-08-01
- https://source.android.com/security/bulletin/2017-08-01
Modified: 2024-11-21
CVE-2017-7477
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function.
- 98014
- 98014
- 1038500
- 1038500
- RHSA-2017:1615
- RHSA-2017:1615
- RHSA-2017:1616
- RHSA-2017:1616
- https://bugzilla.redhat.com/show_bug.cgi?id=1445207
- https://bugzilla.redhat.com/show_bug.cgi?id=1445207
- https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee
- https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee
- https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5294b83086cc1c35b4efeca03644cf9d12282e5b
- https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5294b83086cc1c35b4efeca03644cf9d12282e5b