ALT-PU-2017-1890-1
Package kernel-image-std-def updated to version 4.4.77-alt0.M80P.1 for branch p8 in task 185478.
Closed vulnerabilities
BDU:2017-01673
Уязвимость функции virtio_gpu_object_create операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2017-01686
Уязвимость функции mq_notify операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
Modified: 2024-11-21
CVE-2017-10810
Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=385aee965b4e4c36551c362a334378d2985b722a
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=385aee965b4e4c36551c362a334378d2985b722a
- DSA-3927
- DSA-3927
- 99433
- 99433
- https://github.com/torvalds/linux/commit/385aee965b4e4c36551c362a334378d2985b722a
- https://github.com/torvalds/linux/commit/385aee965b4e4c36551c362a334378d2985b722a
- https://lkml.org/lkml/2017/4/6/668
- https://lkml.org/lkml/2017/4/6/668
Modified: 2024-11-21
CVE-2017-11176
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1
- DSA-3927
- DSA-3927
- DSA-3945
- DSA-3945
- 99919
- 99919
- RHSA-2017:2918
- RHSA-2017:2918
- RHSA-2017:2930
- RHSA-2017:2930
- RHSA-2017:2931
- RHSA-2017:2931
- RHSA-2018:0169
- RHSA-2018:0169
- RHSA-2018:3822
- RHSA-2018:3822
- https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1
- https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- 45553
- 45553
Modified: 2024-11-21
CVE-2017-12146
The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6265539776a0810b7ce6398c27866ddb9c6bd154
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6265539776a0810b7ce6398c27866ddb9c6bd154
- DSA-3981
- DSA-3981
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.1
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.1
- 100651
- 100651
- https://bugzilla.redhat.com/show_bug.cgi?id=1489078
- https://bugzilla.redhat.com/show_bug.cgi?id=1489078
- https://bugzilla.suse.com/show_bug.cgi?id=1057474
- https://bugzilla.suse.com/show_bug.cgi?id=1057474
- https://github.com/torvalds/linux/commit/6265539776a0810b7ce6398c27866ddb9c6bd154
- https://github.com/torvalds/linux/commit/6265539776a0810b7ce6398c27866ddb9c6bd154
- https://source.android.com/security/bulletin/2017-09-01
- https://source.android.com/security/bulletin/2017-09-01