You are here
Home > Preporuke > Ranjivosti jezgre operacijskog sustava

Ranjivosti jezgre operacijskog sustava

openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2016:0280-1
Rating: important
References: #865096 #865259 #913996 #950178 #950998 #952621
#954324 #954532 #954647 #955422 #956708 #957152
#957988 #957990 #958439 #958463 #958504 #958510
#958886 #958951 #959190 #959399 #960021 #960710
#961263 #961509 #962075 #962597
Cross-References: CVE-2015-7550 CVE-2015-8539 CVE-2015-8543
CVE-2015-8550 CVE-2015-8551 CVE-2015-8552
CVE-2015-8569 CVE-2015-8575 CVE-2015-8767
CVE-2016-0728
Affected Products:
openSUSE Leap 42.1
______________________________________________________________________________

An update that solves 10 vulnerabilities and has 18 fixes
is now available.

Description:

The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable
release, and also includes security and bugfixes.

Following security bugs were fixed:
– CVE-2016-0728: A reference leak in keyring handling with
join_session_keyring() could lead to local attackers gain root
privileges. (bsc#962075).
– CVE-2015-7550: A local user could have triggered a race between read and
revoke in keyctl (bnc#958951).
– CVE-2015-8767: A case can occur when sctp_accept() is called by the user
during a heartbeat timeout event after the 4-way handshake. Since
sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the
bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the
listening socket but released with the new association socket. The
result is a deadlock on any future attempts to take the listening socket
lock. (bsc#961509)
– CVE-2015-8539: A negatively instantiated user key could have been used
by a local user to leverage privileges (bnc#958463).
– CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in
drivers/net/ppp/pptp.c in the Linux kernel did not verify an address
length, which allowed local users to obtain sensitive information from
kernel memory and bypass the KASLR protection mechanism via a crafted
application (bnc#959190).
– CVE-2015-8543: The networking implementation in the Linux kernel did not
validate protocol identifiers for certain protocol families, which
allowed local users to cause a denial of service (NULL function pointer
dereference and system crash) or possibly gain privileges by leveraging
CLONE_NEWUSER support to execute a crafted SOCK_RAW application
(bnc#958886).
– CVE-2015-8575: Validate socket address length in sco_sock_bind() to
prevent information leak (bsc#959399).
– CVE-2015-8551, CVE-2015-8552: xen/pciback: For
XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled
(bsc#957990).
– CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers
could have lead to double fetch vulnerabilities, causing denial of
service or arbitrary code execution (depending on the configuration)
(bsc#957988).

The following non-security bugs were fixed:
– ALSA: hda – Add a fixup for Thinkpad X1 Carbon 2nd (bsc#958439).
– ALSA: hda – Apply click noise workaround for Thinkpads generically
(bsc#958439).
– ALSA: hda – Fix noise problems on Thinkpad T440s (boo#958504).
– ALSA: hda – Flush the pending probe work at remove (boo#960710).
– ALSA: hda – Set codec to D3 at reboot/shutdown on Thinkpads (bsc#958439).
– Add Cavium Thunderx network enhancements
– Add RHEL to kernel-obs-build
– Backport amd xgbe fixes and features
– Backport arm64 patches from SLE12-SP1-ARM.
– Btrfs: fix the number of transaction units needed to remove a block
group (bsc#950178).
– Btrfs: use global reserve when deleting unused block group after ENOSPC
(bsc#950178).
– Documentation: nousb is a module parameter (bnc#954324).
– Driver for IBM System i/p VNIC protocol.
– Enable CONFIG_PINCTRL_CHERRYVIEW (boo#954532) Needed for recent
tablets/laptops. CONFIG_PINCTRL_BAYTRAIL is still disabled as it can’t
be built as a module.
– Fix PCI generic host controller
– Fix kABI breakage for max_dev_sectors addition to queue_limits
(boo#961263).
– HID: multitouch: Fetch feature reports on demand for Win8 devices
(boo#954532).
– HID: multitouch: fix input mode switching on some Elan panels
(boo#954532).
– Implement enable/disable for Display C6 state (boo#960021).
– Input: aiptek – fix crash on detecting device without endpoints
(bnc#956708).
– Linux 4.1.15 (boo#954647 bsc#955422).
– Move kabi patch to patches.kabi directory
– Obsolete compat-wireless, rts5229 and rts_pstor KMPs These are found in
SLE11-SP3, now replaced with the upstream drivers.
– PCI: generic: Pass starting bus number to pci_scan_root_bus().
– Revert “block: remove artifical max_hw_sectors cap” (boo#961263).
– Set system time through RTC device
– Update arm64 config files. Enabled DRM_AST in the vanilla kernel since
it is now enabled in the default kernel.
– Update config files: CONFIG_IBMVNIC=m
– block/sd: Fix device-imposed transfer length limits (boo#961263).
– block: bump BLK_DEF_MAX_SECTORS to 2560 (boo#961263).
– drm/i915/skl: Add DC5 Trigger Sequence (boo#960021).
– drm/i915/skl: Add DC6 Trigger sequence (boo#960021).
– drm/i915/skl: Add support to load SKL CSR firmware (boo#960021).
– drm/i915/skl: Add the INIT power domain to the MISC I/O power well
(boo#960021).
– drm/i915/skl: Deinit/init the display at suspend/resume (boo#960021).
– drm/i915/skl: Fix DMC API version in firmware file name (boo#960021).
– drm/i915/skl: Fix WaDisableChickenBitTSGBarrierAckForFFSliceCS
(boo#960021).
– drm/i915/skl: Fix stepping check for a couple of W/As (boo#960021).
– drm/i915/skl: Fix the CTRL typo in the DPLL_CRTL1 defines (boo#960021).
– drm/i915/skl: Implement WaDisableVFUnitClockGating (boo#960021).
– drm/i915/skl: Implement enable/disable for Display C5 state (boo#960021).
– drm/i915/skl: Make the Misc I/O power well part of the PLLS domain
(boo#960021).
– drm/i915/skl: add F0 stepping ID (boo#960021).
– drm/i915/skl: enable WaForceContextSaveRestoreNonCoherent (boo#960021).
– drm/i915: Clear crtc atomic flags at beginning of transaction
(boo#960021).
– drm/i915: Fix CSR MMIO address check (boo#960021).
– drm/i915: Switch to full atomic helpers for plane updates/disable, take
two (boo#960021).
– drm/i915: set CDCLK if DPLL0 enabled during resuming from S3
(boo#960021).
– ethernet/atheros/alx: sanitize buffer sizing and padding (boo#952621).
– genksyms: Handle string literals with spaces in reference files
(bsc#958510).
– group-source-files: mark module.lds as devel file ld: cannot open linker
script file /usr/src/linux-4.2.5-1/arch/arm/kernel/module.lds: No such
file or directory
– hwrng: core – sleep interruptible in read (bnc#962597).
– ipv6: distinguish frag queues by device for multicast and link-local
packets (bsc#955422).
– kABI fixes for linux-4.1.15.
– rpm/compute-PATCHVERSION.sh: Skip stale directories in the package dir
– rpm/constraints.in: Bump disk space requirements up a bit Require 10GB
on s390x, 20GB elsewhere.
– rpm/constraints.in: Require 14GB worth of disk space on POWER The builds
started to fail randomly due to ENOSPC errors.
– rpm/kernel-binary.spec.in: Do not explicitly set DEBUG_SECTION_MISMATCH
CONFIG_DEBUG_SECTION_MISMATCH is a selectable Kconfig option since
2.6.39 and is enabled in our configs.
– rpm/kernel-binary.spec.in: Do not obsolete ocfs2-kmp (bnc#865259)865259
– rpm/kernel-binary.spec.in: Fix build if no UEFI certs are installed
– rpm/kernel-binary.spec.in: Install libopenssl-devel for newer sign-file
– rpm/kernel-binary.spec.in: No scriptlets in kernel-zfcpdump The kernel
should not be added to the bootloader nor are there any KMPs.
– rpm/kernel-binary.spec.in: Obsolete the -base package from SLE11
(bnc#865096)
– rpm/kernel-binary.spec.in: Use parallel make in all invocations Also,
remove the lengthy comment, since we are using a standard rpm macro now.
– thinkpad_acpi: Do not yell on unsupported brightness interfaces
(boo#957152).
– usb: make “nousb” a clear module parameter (bnc#954324).
– usbvision fix overflow of interfaces array (bnc#950998).
– x86/microcode/amd: Do not overwrite final patch levels (bsc#913996).
– x86/microcode/amd: Extract current patch level read to a function
(bsc#913996).
– xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set
(bsc#957990 XSA-157).
– xhci: refuse loading if nousb is used (bnc#954324).

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE Leap 42.1:

zypper in -t patch openSUSE-2016-116=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE Leap 42.1 (i586 x86_64):

kernel-default-4.1.15-8.1
kernel-default-base-4.1.15-8.1
kernel-default-base-debuginfo-4.1.15-8.1
kernel-default-debuginfo-4.1.15-8.1
kernel-default-debugsource-4.1.15-8.1
kernel-default-devel-4.1.15-8.1
kernel-obs-build-4.1.15-8.2
kernel-obs-build-debugsource-4.1.15-8.2
kernel-obs-qa-4.1.15-8.1
kernel-obs-qa-xen-4.1.15-8.1
kernel-syms-4.1.15-8.1

– openSUSE Leap 42.1 (i686 x86_64):

kernel-debug-4.1.15-8.1
kernel-debug-base-4.1.15-8.1
kernel-debug-base-debuginfo-4.1.15-8.1
kernel-debug-debuginfo-4.1.15-8.1
kernel-debug-debugsource-4.1.15-8.1
kernel-debug-devel-4.1.15-8.1
kernel-debug-devel-debuginfo-4.1.15-8.1
kernel-ec2-4.1.15-8.1
kernel-ec2-base-4.1.15-8.1
kernel-ec2-base-debuginfo-4.1.15-8.1
kernel-ec2-debuginfo-4.1.15-8.1
kernel-ec2-debugsource-4.1.15-8.1
kernel-ec2-devel-4.1.15-8.1
kernel-pv-4.1.15-8.1
kernel-pv-base-4.1.15-8.1
kernel-pv-base-debuginfo-4.1.15-8.1
kernel-pv-debuginfo-4.1.15-8.1
kernel-pv-debugsource-4.1.15-8.1
kernel-pv-devel-4.1.15-8.1
kernel-vanilla-4.1.15-8.1
kernel-vanilla-debuginfo-4.1.15-8.1
kernel-vanilla-debugsource-4.1.15-8.1
kernel-vanilla-devel-4.1.15-8.1
kernel-xen-4.1.15-8.1
kernel-xen-base-4.1.15-8.1
kernel-xen-base-debuginfo-4.1.15-8.1
kernel-xen-debuginfo-4.1.15-8.1
kernel-xen-debugsource-4.1.15-8.1
kernel-xen-devel-4.1.15-8.1

– openSUSE Leap 42.1 (noarch):

kernel-devel-4.1.15-8.1
kernel-docs-4.1.15-8.3
kernel-docs-html-4.1.15-8.3
kernel-docs-pdf-4.1.15-8.3
kernel-macros-4.1.15-8.1
kernel-source-4.1.15-8.1
kernel-source-vanilla-4.1.15-8.1

– openSUSE Leap 42.1 (i686):

kernel-pae-4.1.15-8.1
kernel-pae-base-4.1.15-8.1
kernel-pae-base-debuginfo-4.1.15-8.1
kernel-pae-debuginfo-4.1.15-8.1
kernel-pae-debugsource-4.1.15-8.1
kernel-pae-devel-4.1.15-8.1

References:

https://www.suse.com/security/cve/CVE-2015-7550.html
https://www.suse.com/security/cve/CVE-2015-8539.html
https://www.suse.com/security/cve/CVE-2015-8543.html
https://www.suse.com/security/cve/CVE-2015-8550.html
https://www.suse.com/security/cve/CVE-2015-8551.html
https://www.suse.com/security/cve/CVE-2015-8552.html
https://www.suse.com/security/cve/CVE-2015-8569.html
https://www.suse.com/security/cve/CVE-2015-8575.html
https://www.suse.com/security/cve/CVE-2015-8767.html
https://www.suse.com/security/cve/CVE-2016-0728.html
https://bugzilla.suse.com/865096
https://bugzilla.suse.com/865259
https://bugzilla.suse.com/913996
https://bugzilla.suse.com/950178
https://bugzilla.suse.com/950998
https://bugzilla.suse.com/952621
https://bugzilla.suse.com/954324
https://bugzilla.suse.com/954532
https://bugzilla.suse.com/954647
https://bugzilla.suse.com/955422
https://bugzilla.suse.com/956708
https://bugzilla.suse.com/957152
https://bugzilla.suse.com/957988
https://bugzilla.suse.com/957990
https://bugzilla.suse.com/958439
https://bugzilla.suse.com/958463
https://bugzilla.suse.com/958504
https://bugzilla.suse.com/958510
https://bugzilla.suse.com/958886
https://bugzilla.suse.com/958951
https://bugzilla.suse.com/959190
https://bugzilla.suse.com/959399
https://bugzilla.suse.com/960021
https://bugzilla.suse.com/960710
https://bugzilla.suse.com/961263
https://bugzilla.suse.com/961509
https://bugzilla.suse.com/962075
https://bugzilla.suse.com/962597


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
7e

Top
More in Preporuke
Nadogradnja za mysql

Izdana je nadogradnja koja sadrži zakrpe za višestruke ranjivosti programskog paketa mysql Debian. Radi se o nespecificiranim ranjivostima u MySQL...

Close