You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa Linux Kernel

Sigurnosni nedostaci programskog paketa Linux Kernel

openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:0547-1
Rating: important
References: #1005666 #1015787 #1018100 #1023762 #1023888
#1024081 #1024234 #1024508 #1024938 #1025047
#1025048 #1025049 #1025050 #1025051 #1025053
#1025055 #1025057 #1025058 #1025059 #1025060
#1025061 #1025062 #1025063 #1025064 #1025065
#1025066 #1025067 #1025069 #1025070 #1025071
#1025072 #1025073 #1025074 #1025075 #1025076
#1025077 #1025079 #1025080 #1025081 #1025235
#1026024 #865869 #904489 #927455 #929871
#935087 #935088 #936445 #937609 #937612 #937616
#938550 #938891 #938892 #942512 #942685 #942925
#944001 #945649 #946057 #946902 #949440 #949472
#951615 #951844 #957805 #960300 #963193 #965344
#966278 #966910 #968230 #972844 #972951 #972993
#973855 #975596 #977685 #981038 #981709 #983087
#984779 #985562 #985850 #987192 #989953 #990384
#992712 #993841 #994881
Cross-References: CVE-2017-5897 CVE-2017-5970 CVE-2017-5986
CVE-2017-6074
Affected Products:
openSUSE Leap 42.1
______________________________________________________________________________

An update that solves four vulnerabilities and has 86 fixes
is now available.

Description:

The openSUSE Leap 42.1 kernel was updated to receive various security and
bugfixes.

The following security bugs were fixed:

– CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c
in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures
in the LISTEN state, which allowed local users to cause a denial of
service (invalid free) or possibly have unspecified other impact via an
application that made an IPV6_RECVPKTINFO setsockopt system call
(bnc#1026024).
– CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in
net/sctp/socket.c in the Linux kernel allowed local users to cause a
denial of service (assertion failure and panic) via a multithreaded
application that peels off an association in a certain buffer-full state
(bnc#1025235).
– CVE-2017-5970: The ipv4_pktinfo_prepare function in
net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a
denial of service (system crash) via (1) an application that made
crafted system calls or possibly (2) IPv4 traffic with invalid IP
options (bnc#1024938).
– CVE-2017-5897: A potential remote denial of service within the IPv6 GRE
protocol was fixed. (bsc#1023762)

The following non-security bugs were fixed:

– btrfs: support NFSv2 export (bnc#929871).
– btrfs: Direct I/O: Fix space accounting (bsc#1025058).
– btrfs: add RAID 5/6 BTRFS_RBIO_REBUILD_MISSING operation (bsc#1025069).
– btrfs: bail out if block group has different mixed flag (bsc#1025072).
– btrfs: be more precise on errors when getting an inode from disk
(bsc#981038).
– btrfs: check pending chunks when shrinking fs to avoid corruption
(bnc#936445).
– btrfs: check prepare_uptodate_page() error code earlier (bnc#966910).
– btrfs: do not BUG() during drop snapshot (bsc#1025076).
– btrfs: do not collect ordered extents when logging that inode exists
(bsc#977685).
– btrfs: do not initialize a space info as full to prevent ENOSPC
(bnc#944001).
– btrfs: do not leak reloc root nodes on error (bsc#1025074).
– btrfs: fix block group ->space_info null pointer dereference
(bnc#935088).
– btrfs: fix chunk allocation regression leading to transaction abort
(bnc#938550).
– btrfs: fix crash on close_ctree() if cleaner starts new transaction
(bnc#938891).
– btrfs: fix deadlock between direct IO reads and buffered writes
(bsc#973855).
– btrfs: fix deadlock between direct IO write and defrag/readpages
(bnc#965344).
– btrfs: fix device replace of a missing RAID 5/6 device (bsc#1025057).
– btrfs: fix empty symlink after creating symlink and fsync parent dir
(bsc#977685).
– btrfs: fix extent accounting for partial direct IO writes (bsc#1025062).
– btrfs: fix file corruption after cloning inline extents (bnc#942512).
– btrfs: fix file loss on log replay after renaming a file and fsync
(bsc#977685).
– btrfs: fix file read corruption after extent cloning and fsync
(bnc#946902).
– btrfs: fix fitrim discarding device area reserved for boot loader’s use
(bsc#904489).
– btrfs: fix for incorrect directory entries after fsync log replay
(bsc#957805, bsc#977685).
– btrfs: fix hang when failing to submit bio of directIO (bnc#942685).
– btrfs: fix incremental send failure caused by balance (bsc#985850).
– btrfs: fix invalid page accesses in extent_same (dedup) ioctl
(bnc#968230).
– btrfs: fix listxattrs not listing all xattrs packed in the same item
(bsc#1025063).
– btrfs: fix loading of orphan roots leading to BUG_ON (bsc#972844).
– btrfs: fix memory corruption on failure to submit bio for direct IO
(bnc#942685).
– btrfs: fix memory leak in do_walk_down (bsc#1025075).
– btrfs: fix memory leak in reading btree blocks (bsc#1025071).
– btrfs: fix order by which delayed references are run (bnc#949440).
– btrfs: fix page reading in extent_same ioctl leading to csum errors
(bnc#968230).
– btrfs: fix qgroup rescan worker initialization (bsc#1025077).
– btrfs: fix qgroup sanity tests (bnc#951615).
– btrfs: fix race between balance and unused block group deletion
(bnc#938892).
– btrfs: fix race between fsync and lockless direct IO writes (bsc#977685).
– btrfs: fix race waiting for qgroup rescan worker (bnc#960300).
– btrfs: fix regression running delayed references when using qgroups
(bnc#951615).
– btrfs: fix regression when running delayed references (bnc#951615).
– btrfs: fix relocation incorrectly dropping data references (bsc#990384).
– btrfs: fix shrinking truncate when the no_holes feature is enabled
(bsc#1025053).
– btrfs: fix sleeping inside atomic context in qgroup rescan worker
(bnc#960300).
– btrfs: fix stale dir entries after removing a link and fsync
(bnc#942925).
– btrfs: fix unreplayable log after snapshot delete + parent dir fsync
(bsc#977685).
– btrfs: fix warning in backref walking (bnc#966278).
– btrfs: fix warning of bytes_may_use (bsc#1025065).
– btrfs: fix wrong check for btrfs_force_chunk_alloc() (bnc#938550).
– btrfs: handle quota reserve failure properly (bsc#1005666).
– btrfs: incremental send, check if orphanized dir inode needs delayed
rename (bsc#1025049).
– btrfs: incremental send, do not delay directory renames unnecessarily
(bsc#1025048).
– btrfs: incremental send, fix clone operations for compressed extents
(fate#316463).
– btrfs: incremental send, fix premature rmdir operations (bsc#1025064).
– btrfs: keep dropped roots in cache until transaction commit (bnc#935087,
bnc#945649, bnc#951615).
– btrfs: remove misleading handling of missing device scrub (bsc#1025055).
– btrfs: remove unnecessary locking of cleaner_mutex to avoid deadlock
(bsc#904489).
– btrfs: return gracefully from balance if fs tree is corrupted
(bsc#1025073).
– btrfs: send, do not bug on inconsistent snapshots (bsc#985850).
– btrfs: send, fix corner case for reference overwrite detection
(bsc#1025080).
– btrfs: send, fix file corruption due to incorrect cloning operations
(bsc#1025060).
– btrfs: set UNWRITTEN for prealloc’ed extents in fiemap (bsc#1025047).
– btrfs: test_check_exists: Fix infinite loop when searching for free
space entries (bsc#987192).
– btrfs: use btrfs_get_fs_root in resolve_indirect_ref (bnc#935087,
bnc#945649).
– btrfs: use received_uuid of parent during send (bsc#1025051).
– btrfs: wake up extent state waiters on unlock through clear_extent_bits
(bsc#1025050).
– btrfs: Add handler for invalidate page (bsc#963193).
– btrfs: Add qgroup tracing (bnc#935087, bnc#945649).
– btrfs: Avoid truncate tailing page if fallocate range does not exceed
inode size (bsc#1025059).
– btrfs: Continue write in case of can_not_nocow (bsc#1025070).
– btrfs: Ensure proper sector alignment for btrfs_free_reserved_data_space
(bsc#1005666).
– btrfs: Export and move leaf/subtree qgroup helpers to qgroup.c
(bsc#983087).
– btrfs: Fix a data space underflow warning (bsc#985562, bsc#975596,
bsc#984779).
– btrfs: Handle unaligned length in extent_same (bsc#937609).
– btrfs: abort transaction on btrfs_reloc_cow_block() (bsc#1025081).
– btrfs: add missing discards when unpinning extents with -o discard
(bsc#904489).
– btrfs: advertise which crc32c implementation is being used on mount
(bsc#946057).
– btrfs: allow dedupe of same inode (bsc#1025067).
– btrfs: backref: Add special time_seq == (u64)-1 case for
btrfs_find_all_roots() (bnc#935087, bnc#945649).
– btrfs: backref: Do not merge refs which are not for same block
(bnc#935087, bnc#945649).
– btrfs: btrfs_issue_discard ensure offset/length are aligned to sector
boundaries (bsc#904489).
– btrfs: change max_inline default to 2048 (bsc#949472).
– btrfs: delayed-ref: Cleanup the unneeded functions (bnc#935087,
bnc#945649).
– btrfs: delayed-ref: Use list to replace the ref_root in ref_head
(bnc#935087, bnc#945649).
– btrfs: delayed-ref: double free in btrfs_add_delayed_tree_ref()
(bsc#1025079).
– btrfs: delayed_ref: Add new function to record reserved space into
delayed ref (bsc#963193).
– btrfs: delayed_ref: release and free qgroup reserved at proper timing
(bsc#963193).
– btrfs: disable defrag of tree roots.
– btrfs: do not create or leak aliased root while cleaning up orphans
(bsc#994881).
– btrfs: do not update mtime/ctime on deduped inodes (bsc#937616).
– btrfs: explictly delete unused block groups in close_ctree and
ro-remount (bsc#904489).
– btrfs: extent-tree: Add new version of btrfs_check_data_free_space and
btrfs_free_reserved_data_space (bsc#963193).
– btrfs: extent-tree: Add new version of
btrfs_delalloc_reserve/release_space (bsc#963193).
– btrfs: extent-tree: Switch to new check_data_free_space and
free_reserved_data_space (bsc#963193).
– btrfs: extent-tree: Switch to new delalloc space reserve and release
(bsc#963193).
– btrfs: extent-tree: Use ref_node to replace unneeded parameters in
__inc_extent_ref() and __free_extent() (bnc#935087, bnc#945649).
– btrfs: extent_io: Introduce needed structure for recoding set/clear bits
(bsc#963193).
– btrfs: extent_io: Introduce new function clear_record_extent_bits()
(bsc#963193).
– btrfs: extent_io: Introduce new function set_record_extent_bits
(bsc#963193).
– btrfs: fallocate: Add support to accurate qgroup reserve (bsc#963193).
– btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls
(bsc#1018100).
– btrfs: fix clone / extent-same deadlocks (bsc#937612).
– btrfs: fix deadlock with extent-same and readpage (bsc#937612).
– btrfs: fix resending received snapshot with parent (bsc#1025061).
– btrfs: handle non-fatal errors in btrfs_qgroup_inherit() (bsc#972951).
– btrfs: increment ctx->pos for every emitted or skipped dirent in
readdir (bsc#981709).
– btrfs: iterate over unused chunk space in FITRIM (bsc#904489).
– btrfs: make btrfs_issue_discard return bytes discarded (bsc#904489).
– btrfs: make file clone aware of fatal signals (bsc#1015787).
– btrfs: pass unaligned length to btrfs_cmp_data() (bsc#937609).
– btrfs: properly track when rescan worker is running (bsc#989953).
– btrfs: provide super_operations->inode_get_dev (bsc#927455).
– btrfs: qgroup: Add function qgroup_update_counters() (bnc#935087,
bnc#945649).
– btrfs: qgroup: Add function qgroup_update_refcnt() (bnc#935087,
bnc#945649).
– btrfs: qgroup: Add handler for NOCOW and inline (bsc#963193).
– btrfs: qgroup: Add new function to record old_roots (bnc#935087,
bnc#945649).
– btrfs: qgroup: Add new qgroup calculation function
btrfs_qgroup_account_extents() (bnc#935087, bnc#945649).
– btrfs: qgroup: Add new trace point for qgroup data reserve (bsc#963193).
– btrfs: qgroup: Add the ability to skip given qgroup for old/new_roots
(bnc#935087, bnc#945649).
– btrfs: qgroup: Avoid calling btrfs_free_reserved_data_space in
clear_bit_hook (bsc#963193).
– btrfs: qgroup: Check if qgroup reserved space leaked (bsc#963193).
– btrfs: qgroup: Cleanup old inaccurate facilities (bsc#963193).
– btrfs: qgroup: Cleanup open-coded old/new_refcnt update and read
(bnc#935087, bnc#945649).
– btrfs: qgroup: Cleanup the old ref_node-oriented mechanism (bnc#935087,
bnc#945649).
– btrfs: qgroup: Do not copy extent buffer to do qgroup rescan
(bnc#960300).
– btrfs: qgroup: Fix a race in delayed_ref which leads to abort trans
(bsc#963193).
– btrfs: qgroup: Fix a rebase bug which will cause qgroup double free
(bsc#963193).
– btrfs: qgroup: Fix a regression in qgroup reserved space (bnc#935087,
bnc#945649).
– btrfs: qgroup: Fix qgroup accounting when creating snapshot (bsc#972993).
– btrfs: qgroup: Fix qgroup data leaking by using subtree tracing
(bsc#983087).
– btrfs: qgroup: Introduce btrfs_qgroup_reserve_data function (bsc#963193).
– btrfs: qgroup: Introduce functions to release/free qgroup reserve data
space (bsc#963193).
– btrfs: qgroup: Introduce new functions to reserve/free metadata
(bsc#963193).
– btrfs: qgroup: Make snapshot accounting work with new extent-oriented
qgroup (bnc#935087, bnc#945649).
– btrfs: qgroup: Record possible quota-related extent for qgroup
(bnc#935087, bnc#945649).
– btrfs: qgroup: Switch rescan to new mechanism (bnc#935087, bnc#945649).
– btrfs: qgroup: Switch self test to extent-oriented qgroup mechanism
(bnc#935087, bnc#945649).
– btrfs: qgroup: Switch to new extent-oriented qgroup mechanism
(bnc#935087, bnc#945649).
– btrfs: qgroup: Use new metadata reservation (bsc#963193).
– btrfs: qgroup: account shared subtree during snapshot delete
(bnc#935087, bnc#945649).
– btrfs: qgroup: exit the rescan worker during umount (bnc#960300).
– btrfs: qgroup: fix quota disable during rescan (bnc#960300).
– btrfs: remove old tree_root dirent processing in btrfs_real_readdir()
(bsc#981709).
– btrfs: serialize subvolume mounts with potentially mismatching rw flags
(bsc#951844).
– btrfs: skip superblocks during discard (bsc#904489).
– btrfs: syslog when quota is disabled.
– btrfs: syslog when quota is enabled
– btrfs: ulist: Add ulist_del() function (bnc#935087, bnc#945649).
– btrfs: use the new VFS super_block_dev (bnc#865869).
– btrfs: waiting on qgroup rescan should not always be interruptible
(bsc#992712).
– fs/super.c: add new super block sub devices super_block_dev (bnc#865869).
– fs/super.c: fix race between freeze_super() and thaw_super()
(bsc#1025066).
– kabi: only use sops->get_inode_dev with proper fsflag (bsc#927455).
– qgroup: Prevent qgroup->reserved from going subzero (bsc#993841).
– vfs: add super_operations->get_inode_dev (bsc#927455).
– xfs: do not allow di_size with high bit set (bsc#1024234).
– xfs: exclude never-released buffers from buftarg I/O accounting
(bsc#1024508).
– xfs: fix broken multi-fsb buffer logging (bsc#1024081).
– xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).
– xfs: track and serialize in-flight async buffers against unmount – kABI
(bsc#1024508).
– xfs: track and serialize in-flight async buffers against unmount
(bsc#1024508).

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE Leap 42.1:

zypper in -t patch openSUSE-2017-287=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE Leap 42.1 (i586 x86_64):

kernel-default-4.1.38-50.1
kernel-default-base-4.1.38-50.1
kernel-default-base-debuginfo-4.1.38-50.1
kernel-default-debuginfo-4.1.38-50.1
kernel-default-debugsource-4.1.38-50.1
kernel-default-devel-4.1.38-50.1
kernel-obs-build-4.1.38-50.2
kernel-obs-build-debugsource-4.1.38-50.2
kernel-obs-qa-4.1.38-50.1
kernel-syms-4.1.38-50.1

– openSUSE Leap 42.1 (i686 x86_64):

kernel-debug-4.1.38-50.1
kernel-debug-base-4.1.38-50.1
kernel-debug-base-debuginfo-4.1.38-50.1
kernel-debug-debuginfo-4.1.38-50.1
kernel-debug-debugsource-4.1.38-50.1
kernel-debug-devel-4.1.38-50.1
kernel-debug-devel-debuginfo-4.1.38-50.1
kernel-ec2-4.1.38-50.1
kernel-ec2-base-4.1.38-50.1
kernel-ec2-base-debuginfo-4.1.38-50.1
kernel-ec2-debuginfo-4.1.38-50.1
kernel-ec2-debugsource-4.1.38-50.1
kernel-ec2-devel-4.1.38-50.1
kernel-pv-4.1.38-50.1
kernel-pv-base-4.1.38-50.1
kernel-pv-base-debuginfo-4.1.38-50.1
kernel-pv-debuginfo-4.1.38-50.1
kernel-pv-debugsource-4.1.38-50.1
kernel-pv-devel-4.1.38-50.1
kernel-vanilla-4.1.38-50.1
kernel-vanilla-debuginfo-4.1.38-50.1
kernel-vanilla-debugsource-4.1.38-50.1
kernel-vanilla-devel-4.1.38-50.1
kernel-xen-4.1.38-50.1
kernel-xen-base-4.1.38-50.1
kernel-xen-base-debuginfo-4.1.38-50.1
kernel-xen-debuginfo-4.1.38-50.1
kernel-xen-debugsource-4.1.38-50.1
kernel-xen-devel-4.1.38-50.1

– openSUSE Leap 42.1 (noarch):

kernel-devel-4.1.38-50.1
kernel-docs-4.1.38-50.3
kernel-docs-html-4.1.38-50.3
kernel-docs-pdf-4.1.38-50.3
kernel-macros-4.1.38-50.1
kernel-source-4.1.38-50.1
kernel-source-vanilla-4.1.38-50.1

– openSUSE Leap 42.1 (i686):

kernel-pae-4.1.38-50.1
kernel-pae-base-4.1.38-50.1
kernel-pae-base-debuginfo-4.1.38-50.1
kernel-pae-debuginfo-4.1.38-50.1
kernel-pae-debugsource-4.1.38-50.1
kernel-pae-devel-4.1.38-50.1

References:

https://www.suse.com/security/cve/CVE-2017-5897.html
https://www.suse.com/security/cve/CVE-2017-5970.html
https://www.suse.com/security/cve/CVE-2017-5986.html
https://www.suse.com/security/cve/CVE-2017-6074.html
https://bugzilla.suse.com/1005666
https://bugzilla.suse.com/1015787
https://bugzilla.suse.com/1018100
https://bugzilla.suse.com/1023762
https://bugzilla.suse.com/1023888
https://bugzilla.suse.com/1024081
https://bugzilla.suse.com/1024234
https://bugzilla.suse.com/1024508
https://bugzilla.suse.com/1024938
https://bugzilla.suse.com/1025047
https://bugzilla.suse.com/1025048
https://bugzilla.suse.com/1025049
https://bugzilla.suse.com/1025050
https://bugzilla.suse.com/1025051
https://bugzilla.suse.com/1025053
https://bugzilla.suse.com/1025055
https://bugzilla.suse.com/1025057
https://bugzilla.suse.com/1025058
https://bugzilla.suse.com/1025059
https://bugzilla.suse.com/1025060
https://bugzilla.suse.com/1025061
https://bugzilla.suse.com/1025062
https://bugzilla.suse.com/1025063
https://bugzilla.suse.com/1025064
https://bugzilla.suse.com/1025065
https://bugzilla.suse.com/1025066
https://bugzilla.suse.com/1025067
https://bugzilla.suse.com/1025069
https://bugzilla.suse.com/1025070
https://bugzilla.suse.com/1025071
https://bugzilla.suse.com/1025072
https://bugzilla.suse.com/1025073
https://bugzilla.suse.com/1025074
https://bugzilla.suse.com/1025075
https://bugzilla.suse.com/1025076
https://bugzilla.suse.com/1025077
https://bugzilla.suse.com/1025079
https://bugzilla.suse.com/1025080
https://bugzilla.suse.com/1025081
https://bugzilla.suse.com/1025235
https://bugzilla.suse.com/1026024
https://bugzilla.suse.com/865869
https://bugzilla.suse.com/904489
https://bugzilla.suse.com/927455
https://bugzilla.suse.com/929871
https://bugzilla.suse.com/935087
https://bugzilla.suse.com/935088
https://bugzilla.suse.com/936445
https://bugzilla.suse.com/937609
https://bugzilla.suse.com/937612
https://bugzilla.suse.com/937616
https://bugzilla.suse.com/938550
https://bugzilla.suse.com/938891
https://bugzilla.suse.com/938892
https://bugzilla.suse.com/942512
https://bugzilla.suse.com/942685
https://bugzilla.suse.com/942925
https://bugzilla.suse.com/944001
https://bugzilla.suse.com/945649
https://bugzilla.suse.com/946057
https://bugzilla.suse.com/946902
https://bugzilla.suse.com/949440
https://bugzilla.suse.com/949472
https://bugzilla.suse.com/951615
https://bugzilla.suse.com/951844
https://bugzilla.suse.com/957805
https://bugzilla.suse.com/960300
https://bugzilla.suse.com/963193
https://bugzilla.suse.com/965344
https://bugzilla.suse.com/966278
https://bugzilla.suse.com/966910
https://bugzilla.suse.com/968230
https://bugzilla.suse.com/972844
https://bugzilla.suse.com/972951
https://bugzilla.suse.com/972993
https://bugzilla.suse.com/973855
https://bugzilla.suse.com/975596
https://bugzilla.suse.com/977685
https://bugzilla.suse.com/981038
https://bugzilla.suse.com/981709
https://bugzilla.suse.com/983087
https://bugzilla.suse.com/984779
https://bugzilla.suse.com/985562
https://bugzilla.suse.com/985850
https://bugzilla.suse.com/987192
https://bugzilla.suse.com/989953
https://bugzilla.suse.com/990384
https://bugzilla.suse.com/992712
https://bugzilla.suse.com/993841
https://bugzilla.suse.com/994881


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:0541-1
Rating: important
References: #1012382 #1018100 #1019168 #1020048 #1021082
#1022181 #1022304 #1023762 #1023884 #1023888
#1024081 #1024234 #1024508 #1024938 #1025235
#1026024 #969479 #982783 #989056 #998106

Cross-References: CVE-2017-5897 CVE-2017-5970 CVE-2017-5986
CVE-2017-6074
Affected Products:
openSUSE Leap 42.2
______________________________________________________________________________

An update that solves four vulnerabilities and has 16 fixes
is now available.

Description:

The openSUSE Leap 42.2 kernel was updated to 4.4.49 to receive various
security and bugfixes.

The following security bugs were fixed:

– CVE-2017-5986: A userlevel triggerable BUG_ON on sctp_wait_for_sndbuf
was fixed. (bsc#1025235)
– CVE-2017-5970: The ipv4_pktinfo_prepare function in
net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a
denial of service (system crash) via (1) an application that made
crafted system calls or possibly (2) IPv4 traffic with invalid IP
options (bnc#1024938).
– CVE-2017-5897: A potential remote denial of service within the IPv6 GRE
protocol was fixed. (bsc#1023762)
– CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c
in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures
in the LISTEN state, which allowed local users to cause a denial of
service (invalid free) or possibly have unspecified other impact via an
application that makes an IPV6_RECVPKTINFO setsockopt system call.
(bsc#1026024).

The following non-security bugs were fixed:

– btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls
(bsc#1018100).
– iwlwifi: Expose the default fallback ucode API to module info
(boo#1021082, boo#1023884).
– kabi: protect struct tcp_fastopen_cookie (kabi).
– md: ensure md devices are freed before module is unloaded (bsc#1022304).
– md: Fix a regression reported by bsc#1020048 in
patches.fixes/0003-md-lockless-I-O-submission-for-RAID1.patch
(bsc#982783,bsc#998106,bsc#1020048).
– net: ethtool: Initialize buffer when querying device channel settings
(bsc#969479 FATE#320634).
– net: implement netif_cond_dbg macro (bsc#1019168).
– sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).
– sfc: refactor debug-or-warnings printks (bsc#1019168).
– xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056).
– xfs: do not allow di_size with high bit set (bsc#1024234).
– xfs: exclude never-released buffers from buftarg I/O accounting
(bsc#1024508).
– xfs: fix broken multi-fsb buffer logging (bsc#1024081).
– xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).
– xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).
– xfs: track and serialize in-flight async buffers against unmount
(bsc#1024508).
– xfs: track and serialize in-flight async buffers against unmount – kABI
(bsc#1024508).

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-286=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE Leap 42.2 (noarch):

kernel-devel-4.4.49-16.1
kernel-docs-4.4.49-16.2
kernel-docs-html-4.4.49-16.2
kernel-docs-pdf-4.4.49-16.2
kernel-macros-4.4.49-16.1
kernel-source-4.4.49-16.1
kernel-source-vanilla-4.4.49-16.1

– openSUSE Leap 42.2 (x86_64):

kernel-debug-4.4.49-16.1
kernel-debug-base-4.4.49-16.1
kernel-debug-base-debuginfo-4.4.49-16.1
kernel-debug-debuginfo-4.4.49-16.1
kernel-debug-debugsource-4.4.49-16.1
kernel-debug-devel-4.4.49-16.1
kernel-debug-devel-debuginfo-4.4.49-16.1
kernel-default-4.4.49-16.1
kernel-default-base-4.4.49-16.1
kernel-default-base-debuginfo-4.4.49-16.1
kernel-default-debuginfo-4.4.49-16.1
kernel-default-debugsource-4.4.49-16.1
kernel-default-devel-4.4.49-16.1
kernel-obs-build-4.4.49-16.1
kernel-obs-build-debugsource-4.4.49-16.1
kernel-obs-qa-4.4.49-16.1
kernel-syms-4.4.49-16.1
kernel-vanilla-4.4.49-16.1
kernel-vanilla-base-4.4.49-16.1
kernel-vanilla-base-debuginfo-4.4.49-16.1
kernel-vanilla-debuginfo-4.4.49-16.1
kernel-vanilla-debugsource-4.4.49-16.1
kernel-vanilla-devel-4.4.49-16.1

References:

https://www.suse.com/security/cve/CVE-2017-5897.html
https://www.suse.com/security/cve/CVE-2017-5970.html
https://www.suse.com/security/cve/CVE-2017-5986.html
https://www.suse.com/security/cve/CVE-2017-6074.html
https://bugzilla.suse.com/1012382
https://bugzilla.suse.com/1018100
https://bugzilla.suse.com/1019168
https://bugzilla.suse.com/1020048
https://bugzilla.suse.com/1021082
https://bugzilla.suse.com/1022181
https://bugzilla.suse.com/1022304
https://bugzilla.suse.com/1023762
https://bugzilla.suse.com/1023884
https://bugzilla.suse.com/1023888
https://bugzilla.suse.com/1024081
https://bugzilla.suse.com/1024234
https://bugzilla.suse.com/1024508
https://bugzilla.suse.com/1024938
https://bugzilla.suse.com/1025235
https://bugzilla.suse.com/1026024
https://bugzilla.suse.com/969479
https://bugzilla.suse.com/982783
https://bugzilla.suse.com/989056
https://bugzilla.suse.com/998106


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa imagemagick

Otkriven je sigurnosni nedostatak u programskom paketu imagemagick za operacijski sustav Ubuntu. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje napada uskraćivanjem...

Close