SUSE-SU-2018:3865-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:3865-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2018:3865-1

Related

Published

2018-11-22T15:20:29Z

Modified

2018-11-22T15:20:29Z

Summary

Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP3)

Details

This update for the Linux Kernel 4.4.92-6_30 fixes several issues.

The following security issues were fixed:

CVE-2018-5391: Fixed a possible denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bsc#1103098).
CVE-2018-18386: The drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bsc#1112039).

References

Affected packages

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_6

Package

Name: kgraft-patch-SLE12-SP3_Update_6
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_103-6_33-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_7

Package

Name: kgraft-patch-SLE12-SP3_Update_7
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_103-6_38-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_5

Package

Name: kgraft-patch-SLE12-SP3_Update_5
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_92-6_30-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_6

Package

Name: kgraft-patch-SLE12-SP3_Update_6
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_103-6_33-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_7

Package

Name: kgraft-patch-SLE12-SP3_Update_7
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_103-6_38-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_5

Package

Name: kgraft-patch-SLE12-SP3_Update_5
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_92-6_30-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_6

Package

Name: kgraft-patch-SLE12-SP3_Update_6
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_103-6_33-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_7

Package

Name: kgraft-patch-SLE12-SP3_Update_7
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_103-6_38-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_5

Package

Name: kgraft-patch-SLE12-SP3_Update_5
Purl: purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_92-6_30-default": "11-2.1"
        }
    ]
}