Lucene search

K
suseSuseOPENSUSE-SU-2016:1798-1
HistoryJul 14, 2016 - 2:08 p.m.

Security update for the Linux Kernel (important)

2016-07-1414:08:15
lists.opensuse.org
14

0.0005 Low

EPSS

Percentile

17.1%

The openSUSE Leap 42.1 was updated to 4.1.27 to receive various security
and bugfixes.

The following security bugs were fixed:

  • CVE-2016-4997: A buffer overflow in 32bit compat_setsockopt iptables
    handling could lead to a local privilege escalation. (bsc#986362)
  • CVE-2016-5829: Multiple heap-based buffer overflows in the
    hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
    kernel allow local users to cause a denial of service or possibly have
    unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
    HIDIOCSUSAGES ioctl call (bnc#986572).
  • CVE-2016-4470: The key_reject_and_link function in security/keys/key.c
    in the Linux kernel did not ensure that a certain data structure is
    initialized, which allowed local users to cause a denial of service
    (system crash) via vectors involving a crafted keyctl request2 command
    (bnc#984755).
  • CVE-2016-4794: Use-after-free vulnerability in mm/percpu.c in the Linux
    kernel allowed local users to cause a denial of service (BUG)
    or possibly have unspecified other impact via crafted use of the mmap
    and bpf system calls (bnc#980265).

The following non-security bugs were fixed:

  • Refresh patches.xen/xen-netback-coalesce: Restore copying of SKBs with
    head exceeding page size (bsc#978469).
  • Refresh patches.xen/xen3-patch-2.6.26 (fix PAT initialization).
  • Refresh patches.xen/xen3-patch-2.6.39 (fix ia32_compat inheritance).
  • Refresh patches.xen/xen3-patch-3.14: Suppress atomic file position
    updates for /proc/xen/xenbus (bsc#970275).
  • Refresh patches.xen/xen3-patch-3.16 (drop redundant addition of a
    comment).
  • Refresh patches.xen/xen3-patch-4.1.7-8.
  • base: make module_create_drivers_dir race-free (bnc#983977).
  • ipvs: count pre-established TCP states as active (bsc#970114).
  • net: thunderx: Fix TL4 configuration for secondary Qsets (bsc#986530).
  • net: thunderx: Fix link status reporting (bsc#986530).