Lucene search

HistoryMay 23, 2016 - 4:08 p.m.

Security update for the Linux Kernel (important)






The openSUSE Leap 42.1 kernel was updated to receive various security and

The following security bugs were fixed:

  • CVE-2016-2847: Limit the per-user amount of pages allocated in pipes
  • CVE-2016-3136: mct_u232: add sanity checking in probe (bnc#970955).
  • CVE-2016-2188: iowarrior: fix oops with malicious USB descriptors
  • CVE-2016-3138: cdc-acm: more sanity checking (bnc#970911).
  • CVE-2016-3137: cypress_m8: add endpoint sanity check (bnc#970970).
  • CVE-2016-3951: cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind
  • CVE-2016-3140: digi_acceleport: do sanity checking for the number of
    ports (bnc#970892).
  • CVE-2016-2186: powermate: fix oops with malicious USB descriptors
  • CVE-2016-2185: usb_driver_claim_interface: add sanity checking
  • CVE-2016-3689: ims-pcu: sanity check against missing interfaces
  • CVE-2016-3156: ipv4: Do not do expensive useless work during inetdev
    destroy (bsc#971360).

The following non-security bugs were fixed:

  • ALSA: timer: Call notifier in the same spinlock (bsc#973378).
  • ALSA: timer: Protect the whole snd_timer_close() with open race
  • ALSA: timer: Sync timer deletion at closing the system timer
  • ALSA: timer: Use mod_timer() for rearming the system timer (bsc#973378).
  • Backport arm64 patches from SLE12-SP1-ARM
  • Fix kABI additions for pipe: limit the per-user amount of pages
    allocated in pipes.
  • Revert "drm/radeon: call hpd_irq_event on resume" (boo#975868).
  • Update config files. Enable RTC_HCTOSYS, build I2C_XGENE_SLIMPRO as a
  • backends: guarantee one time reads of shared ring contents (bsc#957988).
  • ext4: fix races between buffered IO and collapse / insert range
  • ext4: fix races between page faults and hole punching (bsc#972174).
  • ext4: fix races of writeback with punch hole and zero range (bsc#972174).
  • ext4: move unlocked dio protection from ext4_alloc_file_blocks()
  • net: thunderx: Use napi_schedule_irqoff()
  • netback: do not use last request to determine minimum Tx credit