SUSE-SU-2018:3860-1

Details

This update for the Linux Kernel 4.4.114-94_14 fixes one issue.

The following security issue was fixed:

CVE-2018-5391: Fixed a possible denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bsc#1103098).

Affected Packages(16 packages)

kgraft-patch-4_4_114-94_11-default

SUSE Linux Enterprise Live Patching 12 SP3

Fixed in:

9-2.1

kgraft-patch-4_4_114-94_14-default

SUSE Linux Enterprise Live Patching 12 SP3

Fixed in:

9-2.1

kgraft-patch-4_4_120-94_17-default

SUSE Linux Enterprise Live Patching 12 SP3

Fixed in:

8-2.1

kgraft-patch-4_4_126-94_22-default

SUSE Linux Enterprise Live Patching 12 SP3

Fixed in:

8-2.1

kgraft-patch-4_4_131-94_29-default

SUSE Linux Enterprise Live Patching 12 SP3

Fixed in:

6-2.1

kgraft-patch-4_4_132-94_33-default

SUSE Linux Enterprise Live Patching 12 SP3

Fixed in:

6-2.1

kgraft-patch-4_4_138-94_39-default

SUSE Linux Enterprise Live Patching 12 SP3

Fixed in:

5-2.1

kgraft-patch-4_4_140-94_42-default

SUSE Linux Enterprise Live Patching 12 SP3

Fixed in:

5-2.1

kgraft-patch-SLE12-SP3_Update_10

SUSE Linux Enterprise Live Patching 12 SP3

Fixed in:

8-2.1

kgraft-patch-SLE12-SP3_Update_11

SUSE Linux Enterprise Live Patching 12 SP3

Fixed in:

8-2.1

References

REPORT

https://bugzilla.suse.com/1103098

WEB

https://www.suse.com/security/cve/CVE-2018-5391

ADVISORY

https://www.suse.com/support/update/announcement/2018/suse-su-20183860-1/