Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[security-announce] openSUSE-SU-2016:1382-1: important: Security update for the Linux Kernel

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

openSUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

 

Announcement ID: openSUSE-SU-2016:1382-1

Rating: important

References: #957988 #970892 #970911 #970948 #970955 #970956

#970958 #970970 #971124 #971360 #971628 #972174

#973378 #974418 #975868

Cross-References: CVE-2016-2185 CVE-2016-2186 CVE-2016-2188

CVE-2016-2847 CVE-2016-3136 CVE-2016-3137

CVE-2016-3138 CVE-2016-3140 CVE-2016-3156

CVE-2016-3689 CVE-2016-3951

Affected Products:

openSUSE Leap 42.1

______________________________________________________________________________

 

An update that solves 11 vulnerabilities and has four fixes

is now available.

 

Description:

 

The openSUSE Leap 42.1 kernel was updated to receive various security and

bugfixes.

 

The following security bugs were fixed:

- CVE-2016-2847: Limit the per-user amount of pages allocated in pipes

(bsc#970948).

- CVE-2016-3136: mct_u232: add sanity checking in probe (bnc#970955).

- CVE-2016-2188: iowarrior: fix oops with malicious USB descriptors

(bnc#970956).

- CVE-2016-3138: cdc-acm: more sanity checking (bnc#970911).

- CVE-2016-3137: cypress_m8: add endpoint sanity check (bnc#970970).

- CVE-2016-3951: cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind

(bnc#974418).

- CVE-2016-3140: digi_acceleport: do sanity checking for the number of

ports (bnc#970892).

- CVE-2016-2186: powermate: fix oops with malicious USB descriptors

(bnc#970958).

- CVE-2016-2185: usb_driver_claim_interface: add sanity checking

(bnc#971124).

- CVE-2016-3689: ims-pcu: sanity check against missing interfaces

(bnc#971628).

- CVE-2016-3156: ipv4: Do not do expensive useless work during inetdev

destroy (bsc#971360).

 

The following non-security bugs were fixed:

- ALSA: timer: Call notifier in the same spinlock (bsc#973378).

- ALSA: timer: Protect the whole snd_timer_close() with open race

(bsc#973378).

- ALSA: timer: Sync timer deletion at closing the system timer

(bsc#973378).

- ALSA: timer: Use mod_timer() for rearming the system timer (bsc#973378).

- Backport arm64 patches from SLE12-SP1-ARM

- Fix kABI additions for pipe: limit the per-user amount of pages

allocated in pipes.

- Revert "drm/radeon: call hpd_irq_event on resume" (boo#975868).

- Update config files. Enable RTC_HCTOSYS, build I2C_XGENE_SLIMPRO as a

module.

- backends: guarantee one time reads of shared ring contents (bsc#957988).

- ext4: fix races between buffered IO and collapse / insert range

(bsc#972174).

- ext4: fix races between page faults and hole punching (bsc#972174).

- ext4: fix races of writeback with punch hole and zero range (bsc#972174).

- ext4: move unlocked dio protection from ext4_alloc_file_blocks()

(bsc#972174).

- net: thunderx: Use napi_schedule_irqoff()

- netback: do not use last request to determine minimum Tx credit

(bsc#957988).

 

 

Patch Instructions:

 

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

 

- openSUSE Leap 42.1:

 

zypper in -t patch openSUSE-2016-629=1

 

To bring your system up-to-date, use "zypper patch".

 

 

Package List:

 

- openSUSE Leap 42.1 (i686 x86_64):

 

kernel-debug-4.1.21-14.2

kernel-debug-base-4.1.21-14.2

kernel-debug-base-debuginfo-4.1.21-14.2

kernel-debug-debuginfo-4.1.21-14.2

kernel-debug-debugsource-4.1.21-14.2

kernel-debug-devel-4.1.21-14.2

kernel-debug-devel-debuginfo-4.1.21-14.2

kernel-ec2-4.1.21-14.2

kernel-ec2-base-4.1.21-14.2

kernel-ec2-base-debuginfo-4.1.21-14.2

kernel-ec2-debuginfo-4.1.21-14.2

kernel-ec2-debugsource-4.1.21-14.2

kernel-ec2-devel-4.1.21-14.2

kernel-pv-4.1.21-14.2

kernel-pv-base-4.1.21-14.2

kernel-pv-base-debuginfo-4.1.21-14.2

kernel-pv-debuginfo-4.1.21-14.2

kernel-pv-debugsource-4.1.21-14.2

kernel-pv-devel-4.1.21-14.2

kernel-vanilla-4.1.21-14.2

kernel-vanilla-debuginfo-4.1.21-14.2

kernel-vanilla-debugsource-4.1.21-14.2

kernel-vanilla-devel-4.1.21-14.2

kernel-xen-4.1.21-14.2

kernel-xen-base-4.1.21-14.2

kernel-xen-base-debuginfo-4.1.21-14.2

kernel-xen-debuginfo-4.1.21-14.2

kernel-xen-debugsource-4.1.21-14.2

kernel-xen-devel-4.1.21-14.2

 

- openSUSE Leap 42.1 (i586 x86_64):

 

kernel-default-4.1.21-14.2

kernel-default-base-4.1.21-14.2

kernel-default-base-debuginfo-4.1.21-14.2

kernel-default-debuginfo-4.1.21-14.2

kernel-default-debugsource-4.1.21-14.2

kernel-default-devel-4.1.21-14.2

kernel-obs-build-4.1.21-14.4

kernel-obs-build-debugsource-4.1.21-14.4

kernel-obs-qa-4.1.21-14.2

kernel-obs-qa-xen-4.1.21-14.2

kernel-syms-4.1.21-14.2

 

- openSUSE Leap 42.1 (noarch):

 

kernel-devel-4.1.21-14.2

kernel-docs-4.1.21-14.5

kernel-docs-html-4.1.21-14.5

kernel-docs-pdf-4.1.21-14.5

kernel-macros-4.1.21-14.2

kernel-source-4.1.21-14.2

kernel-source-vanilla-4.1.21-14.2

 

- openSUSE Leap 42.1 (i686):

 

kernel-pae-4.1.21-14.2

kernel-pae-base-4.1.21-14.2

kernel-pae-base-debuginfo-4.1.21-14.2

kernel-pae-debuginfo-4.1.21-14.2

kernel-pae-debugsource-4.1.21-14.2

kernel-pae-devel-4.1.21-14.2

 

 

References:

 

https://www.suse.com/security/cve/CVE-2016-2185.html

https://www.suse.com/security/cve/CVE-2016-2186.html

https://www.suse.com/security/cve/CVE-2016-2188.html

https://www.suse.com/security/cve/CVE-2016-2847.html

https://www.suse.com/security/cve/CVE-2016-3136.html

https://www.suse.com/security/cve/CVE-2016-3137.html

https://www.suse.com/security/cve/CVE-2016-3138.html

https://www.suse.com/security/cve/CVE-2016-3140.html

https://www.suse.com/security/cve/CVE-2016-3156.html

https://www.suse.com/security/cve/CVE-2016-3689.html

https://www.suse.com/security/cve/CVE-2016-3951.html

https://bugzilla.suse.com/957988

https://bugzilla.suse.com/970892

https://bugzilla.suse.com/970911

https://bugzilla.suse.com/970948

https://bugzilla.suse.com/970955

https://bugzilla.suse.com/970956

https://bugzilla.suse.com/970958

https://bugzilla.suse.com/970970

https://bugzilla.suse.com/971124

https://bugzilla.suse.com/971360

https://bugzilla.suse.com/971628

https://bugzilla.suse.com/972174

https://bugzilla.suse.com/973378

https://bugzilla.suse.com/974418

https://bugzilla.suse.com/975868

 

--

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org

For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

 

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×