openSUSE Leap 42.1 Important Kernel Security Update Details
opensuse
January 29, 2016
An update that solves 10 vulnerabilities and has 18 fixes An update that solves 10 vulnerabilities and has 18 fixes An update that solves 10 vulnerabilities and has 18 fixes is now...
Description
The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable
release, and also includes security and bugfixes.
Following security bugs were fixed:
- CVE-2016-0728: A reference leak in keyring handling with
join_session_keyring() could lead to local attackers gain root
privileges. (bsc#962075).
- CVE-2015-7550: A local user could have triggered a race between read and
revoke in keyctl (bnc#958951).
- CVE-2015-8767: A case can occur when sctp_accept() is called by the user
during a heartbeat timeout event after the 4-way handshake. Since
sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the
bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the
listening socket but released with the new association socket. The
result is a deadlock on any future attempts to take the listening socket
lock. (bsc#961509)
- CVE-2015-8539: A negatively instantiated user key could have been used
...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2016-116=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE Leap 42.1 (i586 x86_64):
kernel-default-4.1.15-8.1
kernel-default-base-4.1.15-8.1
kernel-default-base-debuginfo-4.1.15-8.1
kernel-default-debuginfo-4.1.15-8.1
kernel-default-debugsource-4.1.15-8.1
kernel-default-devel-4.1.15-8.1
kernel-obs-build-4.1.15-8.2
kernel-obs-build-debugsource-4.1.15-8.2
kernel-obs-qa-4.1.15-8.1
kernel-obs-qa-xen-4.1.15-8.1
kernel-syms-4.1.15-8.1
- openSUSE Leap 42.1 (i686 x86_64):
kernel-debug-4.1.15-8.1
kernel-debug-base-4.1.15-8.1
kernel-debug-base-debuginfo-4.1.15-8.1
kernel-debug-debuginfo-4.1.15-8.1
kernel-debug-debugsource-4.1.15-8.1
kernel-debug-devel-4.1.15-8.1
kernel-debug-devel-debuginfo-4.1.15-8.1
kernel-ec2-4.1.15-8.1
kernel-ec2-base-4.1.15-8.1
kernel-ec2-base-debuginfo-4.1.15-8.1
kernel-ec2-debuginfo-4.1.15-8.1
kernel-ec2-debugsource-4.1.15-8.1
kernel-ec2-devel-4.1.15-8.1
kernel-pv-4.1.15-8.1
kernel-pv-base-4.1.15-8.1
kernel-pv-base-debuginfo-4.1.15-8.1
kernel-pv-debuginfo-4.1.15-8.1
kernel-pv-debugsource-4.1.15-8.1
kernel-pv-devel-4.1.15-8.1
kernel-vanilla-4.1.15-8.1...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2015-7550.html
https://www.suse.com/security/cve/CVE-2015-8539.html
https://www.suse.com/security/cve/CVE-2015-8543.html
https://www.suse.com/security/cve/CVE-2015-8550.html
https://www.suse.com/security/cve/CVE-2015-8551.html
https://www.suse.com/security/cve/CVE-2015-8552.html
https://www.suse.com/security/cve/CVE-2015-8569.html
https://www.suse.com/security/cve/CVE-2015-8575.html
https://www.suse.com/security/cve/CVE-2015-8767.html
https://www.suse.com/security/cve/CVE-2016-0728.html
https://bugzilla.suse.com/show_bug.cgi?id=865096
https://bugzilla.suse.com/show_bug.cgi?id=865259
https://bugzilla.suse.com/show_bug.cgi?id=913996
https://bugzilla.suse.com/show_bug.cgi?id=950178
https://bugzilla.suse.com/show_bug.cgi?id=950998
https://bugzilla.suse.com/show_bug.cgi?id=952621
https://bugzilla.suse.com/show_bug.cgi?id=954324
https://bugzilla.suse.com/show_bug.cgi?id=954532
https://bugzilla.suse.com/show_bug.cgi?id=954647
https://bugzilla.suse.com/show_bug.cgi?id=955422...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2016:0280-1
Rating: important
Affected Products:
openSUSE Leap 42.1
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!