logo
DATABASE RESOURCES PRICING ABOUT US

Security update for the Linux Kernel (important)

Description

The openSUSE Leap 42.1 kernel to 4.1.38 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2017-5551: tmpfs: Fixed a bug that could have allowed users to set setgid bits on files they don't down (bsc#1021258). - CVE-2016-10147: crypto/mcryptd.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5) (bnc#1020381). - CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710). - CVE-2016-7917: The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel did not check whether a batch message's length field is large enough, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability (bnc#1010444). - CVE-2016-8645: The TCP stack in the Linux kernel mishandled skb truncation, which allowed local users to cause a denial of service (system crash) via a crafted application that made sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c (bnc#1009969). - CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bnc#1013540 1017589). - CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531 1013542). The following non-security bugs were fixed: - PCI: generic: Fix pci_remap_iospace() failure path (bsc#1019658). - bcache: partition support: add 16 minors per bcacheN device (bsc#1019784). - bnx2x: Correct ringparam estimate when DOWN (bsc#1020214). - clk: xgene: Do not call __pa on ioremaped address (bsc#1019660). - kABI workaround for 4.1.37 mount changes (stable-4.1.37). - kABI: reintroduce sk_filter (bsc#1009969). - kabi/severities: Ignore inode_change_ok change It's renamed in 4.1.37 to setattr_prepare() - mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820). - net: introduce __sock_queue_rcv_skb() function (bsc#1009969). - netback: correct array index (bsc#983348). - netfront: do not truncate grant references. - netfront: use correct linear area after linearizing an skb (bsc#1007886). - reiserfs: fix race in prealloc discard (bsc#987576). - rose: limit sk_filter trim to payload (bsc#1009969). - scsi: bfa: Increase requested firmware version to 3.2.5.1 (bsc#1013273). - xenbus: correctly signal errors from xenstored_local_init() (luckily none so far). - xenbus: do not invoke ->is_ready() for most device states (bsc#987333).


Affected Package


OS OS Version Package Name Package Version
openSUSE Leap 42.1 kernel-ec2-base 4.1.38-47.1
openSUSE Leap 42.1 kernel-pv-base 4.1.38-47.1
openSUSE Leap 42.1 kernel-vanilla-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-pv 4.1.38-47.1
openSUSE Leap 42.1 kernel-vanilla-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-default 4.1.38-47.1
openSUSE Leap 42.1 kernel-source 4.1.38-47.1
openSUSE Leap 42.1 kernel-xen-base 4.1.38-47.1
openSUSE Leap 42.1 kernel-ec2-base 4.1.38-47.1
openSUSE Leap 42.1 kernel-pv-base-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-default-base-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-docs-html 4.1.38-47.2
openSUSE Leap 42.1 kernel-debug-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-vanilla 4.1.38-47.1
openSUSE Leap 42.1 kernel-pae-debugsource 4.1.38-47.1
openSUSE Leap 42.1 kernel-default-base 4.1.38-47.1
openSUSE Leap 42.1 kernel-docs 4.1.38-47.2
openSUSE Leap 42.1 kernel-debug-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-debug-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-debug 4.1.38-47.1
openSUSE Leap 42.1 kernel-ec2-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-docs-pdf 4.1.38-47.2
openSUSE Leap 42.1 kernel-default 4.1.38-47.1
openSUSE Leap 42.1 kernel-debug-base 4.1.38-47.1
openSUSE Leap 42.1 kernel-pv-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-ec2-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-obs-build 4.1.38-47.3
openSUSE Leap 42.1 kernel-pae-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-obs-qa 4.1.38-47.1
openSUSE Leap 42.1 kernel-ec2-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-pv-debugsource 4.1.38-47.1
openSUSE Leap 42.1 kernel-ec2-base-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-xen-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-pv 4.1.38-47.1
openSUSE Leap 42.1 kernel-ec2 4.1.38-47.1
openSUSE Leap 42.1 kernel-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-pae-base 4.1.38-47.1
openSUSE Leap 42.1 kernel-pv-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-default-debugsource 4.1.38-47.1
openSUSE Leap 42.1 kernel-pae 4.1.38-47.1
openSUSE Leap 42.1 kernel-xen-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-xen-debugsource 4.1.38-47.1
openSUSE Leap 42.1 kernel-ec2-debugsource 4.1.38-47.1
openSUSE Leap 42.1 kernel-default-debugsource 4.1.38-47.1
openSUSE Leap 42.1 kernel-pv-debugsource 4.1.38-47.1
openSUSE Leap 42.1 kernel-xen 4.1.38-47.1
openSUSE Leap 42.1 kernel-xen 4.1.38-47.1
openSUSE Leap 42.1 kernel-debug-base 4.1.38-47.1
openSUSE Leap 42.1 kernel-default-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-debug 4.1.38-47.1
openSUSE Leap 42.1 kernel-vanilla 4.1.38-47.1
openSUSE Leap 42.1 kernel-default-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-source-vanilla 4.1.38-47.1
openSUSE Leap 42.1 kernel-ec2-base-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-debug-debugsource 4.1.38-47.1
openSUSE Leap 42.1 kernel-ec2 4.1.38-47.1
openSUSE Leap 42.1 kernel-xen-base 4.1.38-47.1
openSUSE Leap 42.1 kernel-vanilla-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-xen-base-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-default-base-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-pv-base-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-pae-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-ec2-debugsource 4.1.38-47.1
openSUSE Leap 42.1 kernel-pae-base-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-ec2-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-vanilla-debugsource 4.1.38-47.1
openSUSE Leap 42.1 kernel-macros 4.1.38-47.1
openSUSE Leap 42.1 kernel-xen-debugsource 4.1.38-47.1
openSUSE Leap 42.1 kernel-pv-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-syms 4.1.38-47.1
openSUSE Leap 42.1 kernel-obs-qa 4.1.38-47.1
openSUSE Leap 42.1 kernel-debug-base-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-default-base 4.1.38-47.1
openSUSE Leap 42.1 kernel-obs-build-debugsource 4.1.38-47.3
openSUSE Leap 42.1 kernel-debug-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-syms 4.1.38-47.1
openSUSE Leap 42.1 kernel-debug-debugsource 4.1.38-47.1
openSUSE Leap 42.1 kernel-xen-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-obs-build 4.1.38-47.3
openSUSE Leap 42.1 kernel-vanilla-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-default-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-debug-base-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-debug-devel-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-debug-devel-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-default-devel 4.1.38-47.1
openSUSE Leap 42.1 kernel-pv-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-obs-build-debugsource 4.1.38-47.3
openSUSE Leap 42.1 kernel-xen-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-xen-base-debuginfo 4.1.38-47.1
openSUSE Leap 42.1 kernel-pv-base 4.1.38-47.1
openSUSE Leap 42.1 kernel-vanilla-debugsource 4.1.38-47.1

Related