SUSE-SU-2018:0574-1

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2017-18075

Published: 01 Mar 2018, 16:28

Last modified:04 Feb 2026, 04:16

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

01 Mar 2018, 16:28

Published

Vulnerability first disclosed

04 Feb 2026, 04:16

Last Modified

Vulnerability information updated

Description

Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP2) This update for the Linux Kernel 4.4.59-92_20 fixes one issue. The following security issue was fixed: - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls (bsc#1077404).

Affected Systems

suse•kgraft-patch-SLE12-SP2_Update_8&distro=SUSE Linux Enterprise Live Patching 12
< 9-2.1

SUSE-SU-2018:0574-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)