Lucene search

HistoryJan 29, 2016 - 2:11 p.m.

Security update for the Linux Kernel (important)






The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable
release, and also includes security and bugfixes.

Following security bugs were fixed:

  • CVE-2016-0728: A reference leak in keyring handling with
    join_session_keyring() could lead to local attackers gain root
    privileges. (bsc#962075).
  • CVE-2015-7550: A local user could have triggered a race between read and
    revoke in keyctl (bnc#958951).
  • CVE-2015-8767: A case can occur when sctp_accept() is called by the user
    during a heartbeat timeout event after the 4-way handshake. Since
    sctp_assoc_migrate() changes both assoc-> and assoc->ep, the
    bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the
    listening socket but released with the new association socket. The
    result is a deadlock on any future attempts to take the listening socket
    lock. (bsc#961509)
  • CVE-2015-8539: A negatively instantiated user key could have been used
    by a local user to leverage privileges (bnc#958463).
  • CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in
    drivers/net/ppp/pptp.c in the Linux kernel did not verify an address
    length, which allowed local users to obtain sensitive information from
    kernel memory and bypass the KASLR protection mechanism via a crafted
    application (bnc#959190).
  • CVE-2015-8543: The networking implementation in the Linux kernel did not
    validate protocol identifiers for certain protocol families, which
    allowed local users to cause a denial of service (NULL function pointer
    dereference and system crash) or possibly gain privileges by leveraging
    CLONE_NEWUSER support to execute a crafted SOCK_RAW application
  • CVE-2015-8575: Validate socket address length in sco_sock_bind() to
    prevent information leak (bsc#959399).
  • CVE-2015-8551, CVE-2015-8552: xen/pciback: For
    XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled
  • CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers
    could have lead to double fetch vulnerabilities, causing denial of
    service or arbitrary code execution (depending on the configuration)

The following non-security bugs were fixed:

  • ALSA: hda - Add a fixup for Thinkpad X1 Carbon 2nd (bsc#958439).
  • ALSA: hda - Apply click noise workaround for Thinkpads generically
  • ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).
  • ALSA: hda - Flush the pending probe work at remove (boo#960710).
  • ALSA: hda - Set codec to D3 at reboot/shutdown on Thinkpads (bsc#958439).
  • Add Cavium Thunderx network enhancements
  • Add RHEL to kernel-obs-build
  • Backport amd xgbe fixes and features
  • Backport arm64 patches from SLE12-SP1-ARM.
  • Btrfs: fix the number of transaction units needed to remove a block
    group (bsc#950178).
  • Btrfs: use global reserve when deleting unused block group after ENOSPC
  • Documentation: nousb is a module parameter (bnc#954324).
  • Driver for IBM System i/p VNIC protocol.
  • Enable CONFIG_PINCTRL_CHERRYVIEW (boo#954532) Needed for recent
    tablets/laptops. CONFIG_PINCTRL_BAYTRAIL is still disabled as it can’t
    be built as a module.
  • Fix PCI generic host controller
  • Fix kABI breakage for max_dev_sectors addition to queue_limits
  • HID: multitouch: Fetch feature reports on demand for Win8 devices
  • HID: multitouch: fix input mode switching on some Elan panels
  • Implement enable/disable for Display C6 state (boo#960021).
  • Input: aiptek - fix crash on detecting device without endpoints
  • Linux 4.1.15 (boo#954647 bsc#955422).
  • Move kabi patch to patches.kabi directory
  • Obsolete compat-wireless, rts5229 and rts_pstor KMPs These are found in
    SLE11-SP3, now replaced with the upstream drivers.
  • PCI: generic: Pass starting bus number to pci_scan_root_bus().
  • Revert "block: remove artifical max_hw_sectors cap" (boo#961263).
  • Set system time through RTC device
  • Update arm64 config files. Enabled DRM_AST in the vanilla kernel since
    it is now enabled in the default kernel.
  • Update config files: CONFIG_IBMVNIC=m
  • block/sd: Fix device-imposed transfer length limits (boo#961263).
  • block: bump BLK_DEF_MAX_SECTORS to 2560 (boo#961263).
  • drm/i915/skl: Add DC5 Trigger Sequence (boo#960021).
  • drm/i915/skl: Add DC6 Trigger sequence (boo#960021).
  • drm/i915/skl: Add support to load SKL CSR firmware (boo#960021).
  • drm/i915/skl: Add the INIT power domain to the MISC I/O power well
  • drm/i915/skl: Deinit/init the display at suspend/resume (boo#960021).
  • drm/i915/skl: Fix DMC API version in firmware file name (boo#960021).
  • drm/i915/skl: Fix WaDisableChickenBitTSGBarrierAckForFFSliceCS
  • drm/i915/skl: Fix stepping check for a couple of W/As (boo#960021).
  • drm/i915/skl: Fix the CTRL typo in the DPLL_CRTL1 defines (boo#960021).
  • drm/i915/skl: Implement WaDisableVFUnitClockGating (boo#960021).
  • drm/i915/skl: Implement enable/disable for Display C5 state (boo#960021).
  • drm/i915/skl: Make the Misc I/O power well part of the PLLS domain
  • drm/i915/skl: add F0 stepping ID (boo#960021).
  • drm/i915/skl: enable WaForceContextSaveRestoreNonCoherent (boo#960021).
  • drm/i915: Clear crtc atomic flags at beginning of transaction
  • drm/i915: Fix CSR MMIO address check (boo#960021).
  • drm/i915: Switch to full atomic helpers for plane updates/disable, take
    two (boo#960021).
  • drm/i915: set CDCLK if DPLL0 enabled during resuming from S3
  • ethernet/atheros/alx: sanitize buffer sizing and padding (boo#952621).
  • genksyms: Handle string literals with spaces in reference files
  • group-source-files: mark as devel file ld: cannot open linker
    script file /usr/src/linux-4.2.5-1/arch/arm/kernel/ No such
    file or directory
  • hwrng: core - sleep interruptible in read (bnc#962597).
  • ipv6: distinguish frag queues by device for multicast and link-local
    packets (bsc#955422).
  • kABI fixes for linux-4.1.15.
  • rpm/ Skip stale directories in the package dir
  • rpm/ Bump disk space requirements up a bit Require 10GB
    on s390x, 20GB elsewhere.
  • rpm/ Require 14GB worth of disk space on POWER The builds
    started to fail randomly due to ENOSPC errors.
  • rpm/ Do not explicitly set DEBUG_SECTION_MISMATCH
    CONFIG_DEBUG_SECTION_MISMATCH is a selectable Kconfig option since
    2.6.39 and is enabled in our configs.
  • rpm/ Do not obsolete ocfs2-kmp (bnc#865259)865259
  • rpm/ Fix build if no UEFI certs are installed
  • rpm/ Install libopenssl-devel for newer sign-file
  • rpm/ No scriptlets in kernel-zfcpdump The kernel
    should not be added to the bootloader nor are there any KMPs.
  • rpm/ Obsolete the -base package from SLE11
  • rpm/ Use parallel make in all invocations Also,
    remove the lengthy comment, since we are using a standard rpm macro now.
  • thinkpad_acpi: Do not yell on unsupported brightness interfaces
  • usb: make "nousb" a clear module parameter (bnc#954324).
  • usbvision fix overflow of interfaces array (bnc#950998).
  • x86/microcode/amd: Do not overwrite final patch levels (bsc#913996).
  • x86/microcode/amd: Extract current patch level read to a function
  • xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set
    (bsc#957990 XSA-157).
  • xhci: refuse loading if nousb is used (bnc#954324).