openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2016:0280-1
Rating:             important
References:         #865096 #865259 #913996 #950178 #950998 #952621 
                    #954324 #954532 #954647 #955422 #956708 #957152 
                    #957988 #957990 #958439 #958463 #958504 #958510 
                    #958886 #958951 #959190 #959399 #960021 #960710 
                    #961263 #961509 #962075 #962597 
Cross-References:   CVE-2015-7550 CVE-2015-8539 CVE-2015-8543
                    CVE-2015-8550 CVE-2015-8551 CVE-2015-8552
                    CVE-2015-8569 CVE-2015-8575 CVE-2015-8767
                    CVE-2016-0728
Affected Products:
                    openSUSE Leap 42.1
______________________________________________________________________________

   An update that solves 10 vulnerabilities and has 18 fixes
   is now available.

Description:


   The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable
   release, and also includes security and bugfixes.

   Following security bugs were fixed:
   - CVE-2016-0728: A reference leak in keyring handling with
     join_session_keyring() could lead to local attackers gain root
     privileges. (bsc#962075).
   - CVE-2015-7550: A local user could have triggered a race between read and
     revoke in keyctl (bnc#958951).
   - CVE-2015-8767: A case can occur when sctp_accept() is called by the user
     during a heartbeat timeout event after the 4-way handshake. Since
     sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the
     bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the
     listening socket but released with the new association socket. The
     result is a deadlock on any future attempts to take the listening socket
     lock. (bsc#961509)
   - CVE-2015-8539: A negatively instantiated user key could have been used
     by a local user to leverage privileges (bnc#958463).
   - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in
     drivers/net/ppp/pptp.c in the Linux kernel did not verify an address
     length, which allowed local users to obtain sensitive information from
     kernel memory and bypass the KASLR protection mechanism via a crafted
     application (bnc#959190).
   - CVE-2015-8543: The networking implementation in the Linux kernel did not
     validate protocol identifiers for certain protocol families, which
     allowed local users to cause a denial of service (NULL function pointer
     dereference and system crash) or possibly gain privileges by leveraging
     CLONE_NEWUSER support to execute a crafted SOCK_RAW application
     (bnc#958886).
   - CVE-2015-8575: Validate socket address length in sco_sock_bind() to
     prevent information leak (bsc#959399).
   - CVE-2015-8551, CVE-2015-8552: xen/pciback: For
     XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled
     (bsc#957990).
   - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers     could have lead to double fetch vulnerabilities, causing denial of
     service or arbitrary code execution (depending on the configuration)
     (bsc#957988).

   The following non-security bugs were fixed:
   - ALSA: hda - Add a fixup for Thinkpad X1 Carbon 2nd (bsc#958439).
   - ALSA: hda - Apply click noise workaround for Thinkpads generically
     (bsc#958439).
   - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).
   - ALSA: hda - Flush the pending probe work at remove (boo#960710).
   - ALSA: hda - Set codec to D3 at reboot/shutdown on Thinkpads (bsc#958439).
   - Add Cavium Thunderx network enhancements
   - Add RHEL to kernel-obs-build
   - Backport amd xgbe fixes and features
   - Backport arm64 patches from SLE12-SP1-ARM.
   - Btrfs: fix the number of transaction units needed to remove a block
     group (bsc#950178).
   - Btrfs: use global reserve when deleting unused block group after ENOSPC
     (bsc#950178).
   - Documentation: nousb is a module parameter (bnc#954324).
   - Driver for IBM System i/p VNIC protocol.
   - Enable CONFIG_PINCTRL_CHERRYVIEW (boo#954532) Needed for recent
     tablets/laptops. CONFIG_PINCTRL_BAYTRAIL is still disabled as it can't
     be built as a module.
   - Fix PCI generic host controller
   - Fix kABI breakage for max_dev_sectors addition to queue_limits
     (boo#961263).
   - HID: multitouch: Fetch feature reports on demand for Win8 devices
     (boo#954532).
   - HID: multitouch: fix input mode switching on some Elan panels
     (boo#954532).
   - Implement enable/disable for Display C6 state (boo#960021).
   - Input: aiptek - fix crash on detecting device without endpoints
     (bnc#956708).
   - Linux 4.1.15 (boo#954647 bsc#955422).
   - Move kabi patch to patches.kabi directory
   - Obsolete compat-wireless, rts5229 and rts_pstor KMPs These are found in
     SLE11-SP3, now replaced with the upstream drivers.
   - PCI: generic: Pass starting bus number to pci_scan_root_bus().
   - Revert "block: remove artifical max_hw_sectors cap" (boo#961263).
   - Set system time through RTC device
   - Update arm64 config files. Enabled DRM_AST in the vanilla kernel since
     it is now enabled in the default kernel.
   - Update config files: CONFIG_IBMVNIC=m
   - block/sd: Fix device-imposed transfer length limits (boo#961263).
   - block: bump BLK_DEF_MAX_SECTORS to 2560 (boo#961263).
   - drm/i915/skl: Add DC5 Trigger Sequence (boo#960021).
   - drm/i915/skl: Add DC6 Trigger sequence (boo#960021).
   - drm/i915/skl: Add support to load SKL CSR firmware (boo#960021).
   - drm/i915/skl: Add the INIT power domain to the MISC I/O power well
     (boo#960021).
   - drm/i915/skl: Deinit/init the display at suspend/resume (boo#960021).
   - drm/i915/skl: Fix DMC API version in firmware file name (boo#960021).
   - drm/i915/skl: Fix WaDisableChickenBitTSGBarrierAckForFFSliceCS
     (boo#960021).
   - drm/i915/skl: Fix stepping check for a couple of W/As (boo#960021).
   - drm/i915/skl: Fix the CTRL typo in the DPLL_CRTL1 defines (boo#960021).
   - drm/i915/skl: Implement WaDisableVFUnitClockGating (boo#960021).
   - drm/i915/skl: Implement enable/disable for Display C5 state (boo#960021).
   - drm/i915/skl: Make the Misc I/O power well part of the PLLS domain
     (boo#960021).
   - drm/i915/skl: add F0 stepping ID (boo#960021).
   - drm/i915/skl: enable WaForceContextSaveRestoreNonCoherent (boo#960021).
   - drm/i915: Clear crtc atomic flags at beginning of transaction
     (boo#960021).
   - drm/i915: Fix CSR MMIO address check (boo#960021).
   - drm/i915: Switch to full atomic helpers for plane updates/disable, take
     two (boo#960021).
   - drm/i915: set CDCLK if DPLL0 enabled during resuming from S3
     (boo#960021).
   - ethernet/atheros/alx: sanitize buffer sizing and padding (boo#952621).
   - genksyms: Handle string literals with spaces in reference files
     (bsc#958510).
   - group-source-files: mark module.lds as devel file ld: cannot open linker
     script file /usr/src/linux-4.2.5-1/arch/arm/kernel/module.lds: No such
     file or directory
   - hwrng: core - sleep interruptible in read (bnc#962597).
   - ipv6: distinguish frag queues by device for multicast and link-local
     packets (bsc#955422).
   - kABI fixes for linux-4.1.15.
   - rpm/compute-PATCHVERSION.sh: Skip stale directories in the package dir
   - rpm/constraints.in: Bump disk space requirements up a bit Require 10GB
     on s390x, 20GB elsewhere.
   - rpm/constraints.in: Require 14GB worth of disk space on POWER The builds
     started to fail randomly due to ENOSPC errors.
   - rpm/kernel-binary.spec.in: Do not explicitly set DEBUG_SECTION_MISMATCH
     CONFIG_DEBUG_SECTION_MISMATCH is a selectable Kconfig option since
     2.6.39 and is enabled in our configs.
   - rpm/kernel-binary.spec.in: Do not obsolete ocfs2-kmp (bnc#865259)865259
   - rpm/kernel-binary.spec.in: Fix build if no UEFI certs are installed
   - rpm/kernel-binary.spec.in: Install libopenssl-devel for newer sign-file
   - rpm/kernel-binary.spec.in: No scriptlets in kernel-zfcpdump The kernel
     should not be added to the bootloader nor are there any KMPs.
   - rpm/kernel-binary.spec.in: Obsolete the -base package from SLE11
     (bnc#865096)
   - rpm/kernel-binary.spec.in: Use parallel make in all invocations Also,
     remove the lengthy comment, since we are using a standard rpm macro now.
   - thinkpad_acpi: Do not yell on unsupported brightness interfaces
     (boo#957152).
   - usb: make "nousb" a clear module parameter (bnc#954324).
   - usbvision fix overflow of interfaces array (bnc#950998).
   - x86/microcode/amd: Do not overwrite final patch levels (bsc#913996).
   - x86/microcode/amd: Extract current patch level read to a function
     (bsc#913996).
   - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set
     (bsc#957990 XSA-157).
   - xhci: refuse loading if nousb is used (bnc#954324).


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE Leap 42.1:

      zypper in -t patch openSUSE-2016-116=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE Leap 42.1 (i586 x86_64):

      kernel-default-4.1.15-8.1
      kernel-default-base-4.1.15-8.1
      kernel-default-base-debuginfo-4.1.15-8.1
      kernel-default-debuginfo-4.1.15-8.1
      kernel-default-debugsource-4.1.15-8.1
      kernel-default-devel-4.1.15-8.1
      kernel-obs-build-4.1.15-8.2
      kernel-obs-build-debugsource-4.1.15-8.2
      kernel-obs-qa-4.1.15-8.1
      kernel-obs-qa-xen-4.1.15-8.1
      kernel-syms-4.1.15-8.1

   - openSUSE Leap 42.1 (i686 x86_64):

      kernel-debug-4.1.15-8.1
      kernel-debug-base-4.1.15-8.1
      kernel-debug-base-debuginfo-4.1.15-8.1
      kernel-debug-debuginfo-4.1.15-8.1
      kernel-debug-debugsource-4.1.15-8.1
      kernel-debug-devel-4.1.15-8.1
      kernel-debug-devel-debuginfo-4.1.15-8.1
      kernel-ec2-4.1.15-8.1
      kernel-ec2-base-4.1.15-8.1
      kernel-ec2-base-debuginfo-4.1.15-8.1
      kernel-ec2-debuginfo-4.1.15-8.1
      kernel-ec2-debugsource-4.1.15-8.1
      kernel-ec2-devel-4.1.15-8.1
      kernel-pv-4.1.15-8.1
      kernel-pv-base-4.1.15-8.1
      kernel-pv-base-debuginfo-4.1.15-8.1
      kernel-pv-debuginfo-4.1.15-8.1
      kernel-pv-debugsource-4.1.15-8.1
      kernel-pv-devel-4.1.15-8.1
      kernel-vanilla-4.1.15-8.1
      kernel-vanilla-debuginfo-4.1.15-8.1
      kernel-vanilla-debugsource-4.1.15-8.1
      kernel-vanilla-devel-4.1.15-8.1
      kernel-xen-4.1.15-8.1
      kernel-xen-base-4.1.15-8.1
      kernel-xen-base-debuginfo-4.1.15-8.1
      kernel-xen-debuginfo-4.1.15-8.1
      kernel-xen-debugsource-4.1.15-8.1
      kernel-xen-devel-4.1.15-8.1

   - openSUSE Leap 42.1 (noarch):

      kernel-devel-4.1.15-8.1
      kernel-docs-4.1.15-8.3
      kernel-docs-html-4.1.15-8.3
      kernel-docs-pdf-4.1.15-8.3
      kernel-macros-4.1.15-8.1
      kernel-source-4.1.15-8.1
      kernel-source-vanilla-4.1.15-8.1

   - openSUSE Leap 42.1 (i686):

      kernel-pae-4.1.15-8.1
      kernel-pae-base-4.1.15-8.1
      kernel-pae-base-debuginfo-4.1.15-8.1
      kernel-pae-debuginfo-4.1.15-8.1
      kernel-pae-debugsource-4.1.15-8.1
      kernel-pae-devel-4.1.15-8.1


References:

   https://www.suse.com/security/cve/CVE-2015-7550.html
   https://www.suse.com/security/cve/CVE-2015-8539.html
   https://www.suse.com/security/cve/CVE-2015-8543.html
   https://www.suse.com/security/cve/CVE-2015-8550.html
   https://www.suse.com/security/cve/CVE-2015-8551.html
   https://www.suse.com/security/cve/CVE-2015-8552.html
   https://www.suse.com/security/cve/CVE-2015-8569.html
   https://www.suse.com/security/cve/CVE-2015-8575.html
   https://www.suse.com/security/cve/CVE-2015-8767.html
   https://www.suse.com/security/cve/CVE-2016-0728.html
   https://bugzilla.suse.com/865096
   https://bugzilla.suse.com/865259
   https://bugzilla.suse.com/913996
   https://bugzilla.suse.com/950178
   https://bugzilla.suse.com/950998
   https://bugzilla.suse.com/952621
   https://bugzilla.suse.com/954324
   https://bugzilla.suse.com/954532
   https://bugzilla.suse.com/954647
   https://bugzilla.suse.com/955422
   https://bugzilla.suse.com/956708
   https://bugzilla.suse.com/957152
   https://bugzilla.suse.com/957988
   https://bugzilla.suse.com/957990
   https://bugzilla.suse.com/958439
   https://bugzilla.suse.com/958463
   https://bugzilla.suse.com/958504
   https://bugzilla.suse.com/958510
   https://bugzilla.suse.com/958886
   https://bugzilla.suse.com/958951
   https://bugzilla.suse.com/959190
   https://bugzilla.suse.com/959399
   https://bugzilla.suse.com/960021
   https://bugzilla.suse.com/960710
   https://bugzilla.suse.com/961263
   https://bugzilla.suse.com/961509
   https://bugzilla.suse.com/962075
   https://bugzilla.suse.com/962597

openSUSE: 2016:0280-1: important: the Linux Kernel

January 29, 2016
An update that solves 10 vulnerabilities and has 18 fixes An update that solves 10 vulnerabilities and has 18 fixes An update that solves 10 vulnerabilities and has 18 fixes is now...

Description

The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable release, and also includes security and bugfixes. Following security bugs were fixed: - CVE-2016-0728: A reference leak in keyring handling with join_session_keyring() could lead to local attackers gain root privileges. (bsc#962075). - CVE-2015-7550: A local user could have triggered a race between read and revoke in keyctl (bnc#958951). - CVE-2015-8767: A case can occur when sctp_accept() is called by the user during a heartbeat timeout event after the 4-way handshake. Since sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the listening socket but released with the new association socket. The result is a deadlock on any future attempts to take the listening socket lock. (bsc#961509) - CVE-2015-8539: A negatively instantiated user key could have been used by a local user to leverage privileges (bnc#958463). - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190). - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886). - CVE-2015-8575: Validate socket address length in sco_sock_bind() to prevent information leak (bsc#959399). - CVE-2015-8551, CVE-2015-8552: xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990). - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers could have lead to double fetch vulnerabilities, causing denial of service or arbitrary code execution (depending on the configuration) (bsc#957988). The following non-security bugs were fixed: - ALSA: hda - Add a fixup for Thinkpad X1 Carbon 2nd (bsc#958439). - ALSA: hda - Apply click noise workaround for Thinkpads generically (bsc#958439). - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504). - ALSA: hda - Flush the pending probe work at remove (boo#960710). - ALSA: hda - Set codec to D3 at reboot/shutdown on Thinkpads (bsc#958439). - Add Cavium Thunderx network enhancements - Add RHEL to kernel-obs-build - Backport amd xgbe fixes and features - Backport arm64 patches from SLE12-SP1-ARM. - Btrfs: fix the number of transaction units needed to remove a block group (bsc#950178). - Btrfs: use global reserve when deleting unused block group after ENOSPC (bsc#950178). - Documentation: nousb is a module parameter (bnc#954324). - Driver for IBM System i/p VNIC protocol. - Enable CONFIG_PINCTRL_CHERRYVIEW (boo#954532) Needed for recent tablets/laptops. CONFIG_PINCTRL_BAYTRAIL is still disabled as it can't be built as a module. - Fix PCI generic host controller - Fix kABI breakage for max_dev_sectors addition to queue_limits (boo#961263). - HID: multitouch: Fetch feature reports on demand for Win8 devices (boo#954532). - HID: multitouch: fix input mode switching on some Elan panels (boo#954532). - Implement enable/disable for Display C6 state (boo#960021). - Input: aiptek - fix crash on detecting device without endpoints (bnc#956708). - Linux 4.1.15 (boo#954647 bsc#955422). - Move kabi patch to patches.kabi directory - Obsolete compat-wireless, rts5229 and rts_pstor KMPs These are found in SLE11-SP3, now replaced with the upstream drivers. - PCI: generic: Pass starting bus number to pci_scan_root_bus(). - Revert "block: remove artifical max_hw_sectors cap" (boo#961263). - Set system time through RTC device - Update arm64 config files. Enabled DRM_AST in the vanilla kernel since it is now enabled in the default kernel. - Update config files: CONFIG_IBMVNIC=m - block/sd: Fix device-imposed transfer length limits (boo#961263). - block: bump BLK_DEF_MAX_SECTORS to 2560 (boo#961263). - drm/i915/skl: Add DC5 Trigger Sequence (boo#960021). - drm/i915/skl: Add DC6 Trigger sequence (boo#960021). - drm/i915/skl: Add support to load SKL CSR firmware (boo#960021). - drm/i915/skl: Add the INIT power domain to the MISC I/O power well (boo#960021). - drm/i915/skl: Deinit/init the display at suspend/resume (boo#960021). - drm/i915/skl: Fix DMC API version in firmware file name (boo#960021). - drm/i915/skl: Fix WaDisableChickenBitTSGBarrierAckForFFSliceCS (boo#960021). - drm/i915/skl: Fix stepping check for a couple of W/As (boo#960021). - drm/i915/skl: Fix the CTRL typo in the DPLL_CRTL1 defines (boo#960021). - drm/i915/skl: Implement WaDisableVFUnitClockGating (boo#960021). - drm/i915/skl: Implement enable/disable for Display C5 state (boo#960021). - drm/i915/skl: Make the Misc I/O power well part of the PLLS domain (boo#960021). - drm/i915/skl: add F0 stepping ID (boo#960021). - drm/i915/skl: enable WaForceContextSaveRestoreNonCoherent (boo#960021). - drm/i915: Clear crtc atomic flags at beginning of transaction (boo#960021). - drm/i915: Fix CSR MMIO address check (boo#960021). - drm/i915: Switch to full atomic helpers for plane updates/disable, take two (boo#960021). - drm/i915: set CDCLK if DPLL0 enabled during resuming from S3 (boo#960021). - ethernet/atheros/alx: sanitize buffer sizing and padding (boo#952621). - genksyms: Handle string literals with spaces in reference files (bsc#958510). - group-source-files: mark module.lds as devel file ld: cannot open linker script file /usr/src/linux-4.2.5-1/arch/arm/kernel/module.lds: No such file or directory - hwrng: core - sleep interruptible in read (bnc#962597). - ipv6: distinguish frag queues by device for multicast and link-local packets (bsc#955422). - kABI fixes for linux-4.1.15. - rpm/compute-PATCHVERSION.sh: Skip stale directories in the package dir - rpm/constraints.in: Bump disk space requirements up a bit Require 10GB on s390x, 20GB elsewhere. - rpm/constraints.in: Require 14GB worth of disk space on POWER The builds started to fail randomly due to ENOSPC errors. - rpm/kernel-binary.spec.in: Do not explicitly set DEBUG_SECTION_MISMATCH CONFIG_DEBUG_SECTION_MISMATCH is a selectable Kconfig option since 2.6.39 and is enabled in our configs. - rpm/kernel-binary.spec.in: Do not obsolete ocfs2-kmp (bnc#865259)865259 - rpm/kernel-binary.spec.in: Fix build if no UEFI certs are installed - rpm/kernel-binary.spec.in: Install libopenssl-devel for newer sign-file - rpm/kernel-binary.spec.in: No scriptlets in kernel-zfcpdump The kernel should not be added to the bootloader nor are there any KMPs. - rpm/kernel-binary.spec.in: Obsolete the -base package from SLE11 (bnc#865096) - rpm/kernel-binary.spec.in: Use parallel make in all invocations Also, remove the lengthy comment, since we are using a standard rpm macro now. - thinkpad_acpi: Do not yell on unsupported brightness interfaces (boo#957152). - usb: make "nousb" a clear module parameter (bnc#954324). - usbvision fix overflow of interfaces array (bnc#950998). - x86/microcode/amd: Do not overwrite final patch levels (bsc#913996). - x86/microcode/amd: Extract current patch level read to a function (bsc#913996). - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set (bsc#957990 XSA-157). - xhci: refuse loading if nousb is used (bnc#954324).

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-116=1 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE Leap 42.1 (i586 x86_64): kernel-default-4.1.15-8.1 kernel-default-base-4.1.15-8.1 kernel-default-base-debuginfo-4.1.15-8.1 kernel-default-debuginfo-4.1.15-8.1 kernel-default-debugsource-4.1.15-8.1 kernel-default-devel-4.1.15-8.1 kernel-obs-build-4.1.15-8.2 kernel-obs-build-debugsource-4.1.15-8.2 kernel-obs-qa-4.1.15-8.1 kernel-obs-qa-xen-4.1.15-8.1 kernel-syms-4.1.15-8.1 - openSUSE Leap 42.1 (i686 x86_64): kernel-debug-4.1.15-8.1 kernel-debug-base-4.1.15-8.1 kernel-debug-base-debuginfo-4.1.15-8.1 kernel-debug-debuginfo-4.1.15-8.1 kernel-debug-debugsource-4.1.15-8.1 kernel-debug-devel-4.1.15-8.1 kernel-debug-devel-debuginfo-4.1.15-8.1 kernel-ec2-4.1.15-8.1 kernel-ec2-base-4.1.15-8.1 kernel-ec2-base-debuginfo-4.1.15-8.1 kernel-ec2-debuginfo-4.1.15-8.1 kernel-ec2-debugsource-4.1.15-8.1 kernel-ec2-devel-4.1.15-8.1 kernel-pv-4.1.15-8.1 kernel-pv-base-4.1.15-8.1 kernel-pv-base-debuginfo-4.1.15-8.1 kernel-pv-debuginfo-4.1.15-8.1 kernel-pv-debugsource-4.1.15-8.1 kernel-pv-devel-4.1.15-8.1 kernel-vanilla-4.1.15-8.1 kernel-vanilla-debuginfo-4.1.15-8.1 kernel-vanilla-debugsource-4.1.15-8.1 kernel-vanilla-devel-4.1.15-8.1 kernel-xen-4.1.15-8.1 kernel-xen-base-4.1.15-8.1 kernel-xen-base-debuginfo-4.1.15-8.1 kernel-xen-debuginfo-4.1.15-8.1 kernel-xen-debugsource-4.1.15-8.1 kernel-xen-devel-4.1.15-8.1 - openSUSE Leap 42.1 (noarch): kernel-devel-4.1.15-8.1 kernel-docs-4.1.15-8.3 kernel-docs-html-4.1.15-8.3 kernel-docs-pdf-4.1.15-8.3 kernel-macros-4.1.15-8.1 kernel-source-4.1.15-8.1 kernel-source-vanilla-4.1.15-8.1 - openSUSE Leap 42.1 (i686): kernel-pae-4.1.15-8.1 kernel-pae-base-4.1.15-8.1 kernel-pae-base-debuginfo-4.1.15-8.1 kernel-pae-debuginfo-4.1.15-8.1 kernel-pae-debugsource-4.1.15-8.1 kernel-pae-devel-4.1.15-8.1


References

https://www.suse.com/security/cve/CVE-2015-7550.html https://www.suse.com/security/cve/CVE-2015-8539.html https://www.suse.com/security/cve/CVE-2015-8543.html https://www.suse.com/security/cve/CVE-2015-8550.html https://www.suse.com/security/cve/CVE-2015-8551.html https://www.suse.com/security/cve/CVE-2015-8552.html https://www.suse.com/security/cve/CVE-2015-8569.html https://www.suse.com/security/cve/CVE-2015-8575.html https://www.suse.com/security/cve/CVE-2015-8767.html https://www.suse.com/security/cve/CVE-2016-0728.html https://bugzilla.suse.com/865096 https://bugzilla.suse.com/865259 https://bugzilla.suse.com/913996 https://bugzilla.suse.com/950178 https://bugzilla.suse.com/950998 https://bugzilla.suse.com/952621 https://bugzilla.suse.com/954324 https://bugzilla.suse.com/954532 https://bugzilla.suse.com/954647 https://bugzilla.suse.com/955422 https://bugzilla.suse.com/956708 https://bugzilla.suse.com/957152 https://bugzilla.suse.com/957988 https://bugzilla.suse.com/957990 https://bugzilla.suse.com/958439 https://bugzilla.suse.com/958463 https://bugzilla.suse.com/958504 https://bugzilla.suse.com/958510 https://bugzilla.suse.com/958886 https://bugzilla.suse.com/958951 https://bugzilla.suse.com/959190 https://bugzilla.suse.com/959399 https://bugzilla.suse.com/960021 https://bugzilla.suse.com/960710 https://bugzilla.suse.com/961263 https://bugzilla.suse.com/961509 https://bugzilla.suse.com/962075 https://bugzilla.suse.com/962597


Severity
Announcement ID: openSUSE-SU-2016:0280-1
Rating: important
Affected Products: openSUSE Leap 42.1

Related News

Google Chrome 129: Addressing Crucial Vulnerabilities and Enhancing Security
2 - 4 min read
Google Chrome remains the crown jewel in the browser market, with an impressive user base of approximately 3.45 billion. However, this immense
Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
2 - 4 min read
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is
CISA Sounds Alarm on Newly Exploited Vulnerabilities: Is Your System at Risk?
3 - 5 min read
CISA regularly publishes updates regarding vulnerabilities that present severe threats to global cybersecurity. Recently, CISA added three
Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved