Lucene search

K
suseSuseOPENSUSE-SU-2015:1842-1
HistoryOct 29, 2015 - 5:52 p.m.

Security update for the Linux Kernel (important)

2015-10-2917:52:39
lists.opensuse.org
34

EPSS

0.028

Percentile

90.6%

The openSUSE 13.2 kernel was updated to receive various security and
bugfixes.

Following security bugs were fixed:

  • CVE-2015-3290: arch/x86/entry/entry_64.S in the Linux kernel on the
    x86_64 platform improperly relied on espfix64 during nested NMI
    processing, which allowed local users to gain privileges by triggering
    an NMI within a certain instruction window (bnc#937969)
  • CVE-2015-0272: It was reported that it’s possible to craft a Router
    Advertisement message which will bring the receiver in a state where new
    IPv6 connections will not be accepted until correct Router Advertisement
    message received. (bsc#944296).
  • CVE-2015-5283: The sctp_init function in net/sctp/protocol.c in the
    Linux kernel had an incorrect sequence of protocol-initialization steps,
    which allowed local users to cause a denial of service (panic or memory
    corruption) by creating SCTP sockets before all of the steps have
    finished (bnc#947155).
  • CVE-2015-1333: Memory leak in the __key_link_end function in
    security/keys/keyring.c in the Linux kernel allowed local users to cause
    a denial of service (memory consumption) via many add_key system calls
    that refer to existing keys. (bsc#938645)
  • CVE-2015-5707: Integer overflow in the sg_start_req function in
    drivers/scsi/sg.c in the Linux kernel allowed local users to cause a
    denial of service or possibly have unspecified other impact via a large
    iov_count value in a write request. (bsc#940338)
  • CVE-2015-2925: An attacker could potentially break out of a namespace
    or container, depending on if he had specific rights in these
    containers. (bsc#926238).
  • CVE-2015-7872: A vulnerability in keyrings garbage collector allowed a
    local user to trigger an oops was found, caused by using request_key()
    or keyctl request2. (bsc#951440)

The following non-security bugs were fixed:

  • input: evdev - do not report errors form flush() (bsc#939834).
  • NFSv4: Recovery of recalled read delegations is broken (bsc#942178).
  • apparmor: temporary work around for bug while unloading policy
    (boo#941867).
  • config/x86_64/ec2: Align CONFIG_STRICT_DEVMEM CONFIG_STRICT_DEVMEM is
    enabled in every other kernel flavor, so enable it for x86_64/ec2 as
    well.
  • kernel-obs-build: add btrfs to initrd This is needed for kiwi builds.
  • mmc: card: Do not access RPMB partitions for normal read/write
    (bnc#941104).
  • netback: coalesce (guest) RX SKBs as needed (bsc#919154).
  • rpm/kernel-obs-build.spec.in: Add virtio_rng to the initrd. This allows
    to feed some randomness to the OBS workers.
  • xfs: Fix file type directory corruption for btree directories
    (bsc#941305).
  • xfs: ensure buffer types are set correctly (bsc#941305).
  • xfs: inode unlink does not set AGI buffer type (bsc#941305).
  • xfs: set buf types when converting extent formats (bsc#941305).
  • xfs: set superblock buffer type correctly (bsc#941305).
  • xhci: Add spurious wakeup quirk for LynxPoint-LP controllers
    (bnc#951195).