SUSE Linux update for Linux Kernel Live Patch 20 for SLE 12
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2017-7533 CVE-2017-7645 CVE-2017-9242 |
| CWE-ID | CWE-362 CWE-20 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #1 is being exploited in the wild. |
| Vulnerable software Subscribe |
SUSE Linux Operating systems & Components / Operating system |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Race condition
EUVDB-ID: #VU7694
Risk: Medium
CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2017-7533
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to execute arbitrary code with escalated privileges.
The vulnerability exists due to a race condition in the fsnotify implementation in the Linux kernel through 4.12.4. A local user can create an application, which leverages simultaneous execution of the inotify_handle_event and vfs_rename functions and trigger memory corruption and denials of service attack or execute arbitrary code on the target system with root privileges.
Successful exploitation of this vulnerability may allow a local user to obtain elevated privileges on the system.
Note: this vulnerability is being active exploited in the wild for 32-bit systems in August 2017.
Update the affected packages.
SUSE Linux: 12
External linkshttp://lists.opensuse.org/opensuse-security-announce/2017-08/msg00029.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
2) Denial of service
EUVDB-ID: #VU6659
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-7645
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to a flaw in the NFSv2/NFSv3 server in the nfsd subsystem. A remote attacker can use a long RPC reply related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c. and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
SUSE Linux: 12
External linkshttp://lists.opensuse.org/opensuse-security-announce/2017-08/msg00029.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Denial of service
EUVDB-ID: #VU7250
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9242
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to an error in the __ip6_append_data function when checking whether an overwrite of an skb data structure may occur. A local attacker can use specially crafted system calls and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
SUSE Linux: 12
External linkshttp://lists.opensuse.org/opensuse-security-announce/2017-08/msg00029.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
