SB2017060815 - OpenSUSE Linux update for the Linux Kernel
Published: June 8, 2017
Security Bulletin ID
SB2017060815
Severity
Medium
Patch available
YES
Number of vulnerabilities
8
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 8 secuirty vulnerabilities.
1) Use-after-free error (CVE-ID: CVE-2017-7487)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists due to use-after-free error the ipxitf_ioctl function in net/ipx/af_ipx.c. A local attacker can use a failed SIOCGIFADDR ioctl call for an IPX interface to trigger memory corruption and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
2) Denial of service (CVE-ID: CVE-2017-7645)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to a flaw in the NFSv2/NFSv3 server in the nfsd subsystem. A remote attacker can use a long RPC reply related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c. and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
3) Double free error (CVE-ID: CVE-2017-8890)
The vulnerability allows a remote attacker to perform a denial of service attack.The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.
4) Out-of-bounds read (CVE-ID: CVE-2017-9074)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists due to the the failure to consider that the nexthdr field may be associated with an invalid option by the IPv6 fragmentation implementation. A local attacker can use a specially-crafted socket or system call to trigger out-of-bounds read and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
5) Denial of service (CVE-ID: CVE-2017-9075)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists due to an error in sctp_v6_create_accept_sk function in net/sctp/ipv6.c.A local attacker can use specially crafted system calls and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
6) Denial of service (CVE-ID: CVE-2017-9076)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists due to an error in the dccp_v6_request_recv_sock function in net/dccp/ipv6.c.A local attacker can use specially crafted system calls and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
7) Denial of service (CVE-ID: CVE-2017-9077)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists due to an error in the tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c. A local attacker can use specially crafted system calls to cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
8) Information disclosure (CVE-ID: CVE-2017-9150)
The vulnerability allows a local attacker to obtain sensitive information.The weakness exists due to the failure to make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function the do_check function in kernel/bpf/verifier.c. A local attacker can use specially-crafted bpf system calls to read arbitrary files on the target system.
Successful exploitation of the vulnerability results in information disclosure.
Remediation
Install update from vendor's website.