Deepin Sicherheitsupdates (CVE-2017-12134 &CVE-2017-12153 &CVE-2017-12154 …&CVE-2017-1000252)

Deepin Sicherheitsupdates (CVE-2017-12134 &CVE-2017-12153 &CVE-2017-12154 …&CVE-2017-1000252)

Sicherheitsupdates von systemd und dem Linux-Kernel. Information zur Verwundbarkeit CVE-2017-12134—Sicherheitsupdates Details aus der Security-Datenbank: The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation. CVE-2017-12153—Sicherheitsupdates Details aus der Security-Datenbank: A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer deference and system crash. CVE-2017-12154—SicherheitsupdatesDetails aus der Security-Datenbank: This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2017-14051—Sicherheitsupdates Details aus der Security-Datenbank: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access. CVE-2017-14140 The move_pages system call in mm/migrate.c in ...Read more