Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

Vulnerability IntelligenceSUSE-SU-2018:0586-1

SUSE-SU-2018:0586-1

UNKNOWN

Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP2)

Published Mar 2, 2018

Modified 8 years ago

Fix available

Details

This update for the Linux Kernel 4.4.74-92_35 fixes several issues.

The following security issue was fixed:

CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls (bsc#1077404).

Non security issue fixed:

btrfs: account for pinned bytes in should_alloc_chunk (bsc#1077268)

Affected Packages

kgraft-patch-4_4_74-92_35-default

SUSE Linux Enterprise Live Patching 12

Fixed in:

7-2.1

kgraft-patch-SLE12-SP2_Update_12

SUSE Linux Enterprise Live Patching 12

Fixed in:

7-2.1

References

https://bugzilla.suse.com/1077268

https://bugzilla.suse.com/1077404

https://www.suse.com/security/cve/CVE-2017-18075

https://www.suse.com/support/update/announcement/2018/suse-su-20180586-1/

Upstream

Related

Ecosystems

SUSE Linux Enterprise Live Patching 12

Timeline

PublishedMar 2, 2018

ModifiedMar 2, 2018

SUSE-SU-2018:0586-1 | Mondoo Vulnerability Intelligence