openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2016:0301-1
Rating:             important
References:         #814440 #851610 #869564 #873385 #906545 #907818 
                    #909077 #909477 #911326 #912202 #915517 #915577 
                    #917830 #918333 #919007 #919018 #919463 #919596 
                    #921313 #921949 #922583 #922936 #922944 #926238 
                    #926240 #927780 #927786 #928130 #929525 #930399 
                    #931988 #932348 #933896 #933904 #933907 #933934 
                    #935542 #935705 #936502 #936831 #937032 #937033 
                    #937969 #938706 #940338 #944296 #945825 #947155 
                    #949936 #950998 #951194 #951440 #951627 #952384 
                    #952579 #952976 #953052 #953527 #954138 #954404 
                    #955224 #955354 #955422 #956708 #956934 #957988 
                    #957990 #958504 #958510 #958886 #958951 #959190 
                    #959399 #959568 #960839 #961509 #961739 #962075 
                    
Cross-References:   CVE-2014-2568 CVE-2014-8133 CVE-2014-8989
                    CVE-2014-9090 CVE-2014-9419 CVE-2014-9529
                    CVE-2014-9683 CVE-2014-9715 CVE-2014-9728
                    CVE-2014-9729 CVE-2014-9730 CVE-2014-9731
                    CVE-2015-0272 CVE-2015-0777 CVE-2015-1420
                    CVE-2015-1421 CVE-2015-2041 CVE-2015-2042
                    CVE-2015-2150 CVE-2015-2666 CVE-2015-2830
                    CVE-2015-2922 CVE-2015-2925 CVE-2015-3212
                    CVE-2015-3339 CVE-2015-3636 CVE-2015-4001
                    CVE-2015-4002 CVE-2015-4003 CVE-2015-4004
                    CVE-2015-4036 CVE-2015-4167 CVE-2015-4692
                    CVE-2015-4700 CVE-2015-5157 CVE-2015-5283
                    CVE-2015-5307 CVE-2015-5364 CVE-2015-5366
                    CVE-2015-5707 CVE-2015-6937 CVE-2015-7550
                    CVE-2015-7799 CVE-2015-7833 CVE-2015-7872
                    CVE-2015-7885 CVE-2015-7990 CVE-2015-8104
                    CVE-2015-8215 CVE-2015-8543 CVE-2015-8550
                    CVE-2015-8551 CVE-2015-8552 CVE-2015-8569
                    CVE-2015-8575 CVE-2015-8767 CVE-2016-0728
                   
Affected Products:
                    openSUSE 13.1
______________________________________________________________________________

   An update that solves 57 vulnerabilities and has 21 fixes
   is now available.

Description:

   The openSUSE 13.1 kernel was updated to receive various security and
   bugfixes.

   Following security bugs were fixed:
   - CVE-2016-0728: A reference leak in keyring handling with
     join_session_keyring() could lead to local attackers gain root
     privileges. (bsc#962075).
   - CVE-2015-7550: A local user could have triggered a race between read and
     revoke in keyctl (bnc#958951).
   - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in
     drivers/net/ppp/pptp.c in the Linux kernel did not verify an address
     length, which allowed local users to obtain sensitive information from
     kernel memory and bypass the KASLR protection mechanism via a crafted
     application (bnc#959190).
   - CVE-2015-8543: The networking implementation in the Linux kernel did not
     validate protocol identifiers for certain protocol families, which
     allowed local users to cause a denial of service (NULL function pointer
     dereference and system crash) or possibly gain privileges by leveraging
     CLONE_NEWUSER support to execute a crafted SOCK_RAW application
     (bnc#958886).
   - CVE-2014-8989: The Linux kernel did not properly restrict dropping
     of supplemental group memberships in certain namespace scenarios, which
      allowed local users to bypass intended file permissions by leveraging a
      POSIX ACL containing an entry for the group category that is more
      restrictive than the entry for the other category, aka a "negative
      groups" issue, related to kernel/groups.c, kernel/uid16.c, and
      kernel/user_namespace.c (bnc#906545).
   - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the
     x86_64 platform mishandles IRET faults in processing NMIs that
     occurred during userspace execution, which might allow local users to
      gain privileges by triggering an NMI (bnc#937969).
   - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the
     Linux kernel through 4.2.3 did not ensure that certain slot numbers are
     valid, which allowed local users to cause a denial of service (NULL
     pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl
     call (bnc#949936).
   - CVE-2015-8104: The KVM subsystem in the Linux kernel through 4.2.6, and
     Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial
     of service (host OS panic or hang) by triggering many #DB (aka Debug)
      exceptions, related to svm.c (bnc#954404).
   - CVE-2015-5307: The KVM subsystem in the Linux kernel through 4.2.6, and
     Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial
     of service (host OS panic or hang) by triggering many #AC (aka Alignment
      Check) exceptions, related to svm.c and vmx.c (bnc#953527).
   - CVE-2014-9529: Race condition in the key_gc_unused_keys function in
     security/keys/gc.c in the Linux kernel allowed local users to cause a
     denial of service (memory corruption or panic) or possibly have
     unspecified other impact via keyctl commands that trigger access to a
     key structure member during garbage collection of a key (bnc#912202).
   - CVE-2015-7990: Race condition in the rds_sendmsg function in
     net/rds/sendmsg.c in the Linux kernel allowed local users to cause a
     denial of service (NULL pointer dereference and system crash) or
     possibly have unspecified other impact by using a socket that was not
     properly bound.  NOTE: this vulnerability exists because of an
     incomplete fix for CVE-2015-6937 (bnc#952384 953052).
   - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in
     the Linux kernel allowed local users to cause a denial of service (NULL
     pointer dereference and system crash) or possibly have unspecified
     other impact by using a socket that was not properly bound (bnc#945825).
   - CVE-2015-7885: The dgnc_mgmt_ioctl function in
     drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 did
     not initialize a certain structure member, which allowed local users to
     obtain sensitive information from kernel memory via a crafted
      application (bnc#951627).
   - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel
     did not validate attempted changes to the MTU value, which allowed
     context-dependent attackers to cause a denial of service (packet loss)
     via a value that is (1) smaller than the minimum compliant value or (2)
     larger than the MTU of an interface, as demonstrated by a Router
     Advertisement (RA) message that is not validated by a daemon, a
     different vulnerability than CVE-2015-0272.  NOTE: the scope of
     CVE-2015-0272 is limited to the NetworkManager product (bnc#955354).
   - CVE-2015-8767: A case can occur when sctp_accept() is called by the user
     during a heartbeat timeout event after the 4-way handshake. Since
     sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the
     bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the
     listening socket but released with the new association socket. The
     result is a deadlock on any future attempts to take the listening socket
     lock. (bsc#961509)
   - CVE-2015-8575: Validate socket address length in sco_sock_bind() to
     prevent information leak (bsc#959399).
   - CVE-2015-8551, CVE-2015-8552: xen/pciback: For
     XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled
     (bsc#957990).
   - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers     could have lead to double fetch vulnerabilities, causing denial of
     service or arbitrary code execution (depending on the configuration)
     (bsc#957988).

   The following non-security bugs were fixed:
   - ALSA: hda - Disable 64bit address for Creative HDA controllers     (bnc#814440).
   - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).
   - Input: aiptek - fix crash on detecting device without endpoints
     (bnc#956708).
   - KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y (boo#956934).
   - KVM: x86: update masterclock values on TSC writes (bsc#961739).
   - NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2
     client (bsc#960839).
   - apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another
     task (bsc#921949).
   - blktap: also call blkif_disconnect() when frontend switched to closed
     (bsc#952976).
   - blktap: refine mm tracking (bsc#952976).
   - cdrom: Random writing support for BD-RE media (bnc#959568).
   - genksyms: Handle string literals with spaces in reference files
     (bsc#958510).
   - ipv4: Do not increase PMTU with Datagram Too Big message (bsc#955224).
   - ipv6: distinguish frag queues by device for multicast and link-local
     packets (bsc#955422).
   - ipv6: fix tunnel error handling (bsc#952579).
   - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224).
   - uas: Add response iu handling (bnc#954138).
   - usbvision fix overflow of interfaces array (bnc#950998).
   - x86/evtchn: make use of PHYSDEVOP_map_pirq.
   - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set
     (bsc#957990 XSA-157).


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 13.1:

      zypper in -t patch openSUSE-2016-124=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 13.1 (i686 x86_64):

      kernel-debug-3.11.10-32.1
      kernel-debug-base-3.11.10-32.1
      kernel-debug-base-debuginfo-3.11.10-32.1
      kernel-debug-debuginfo-3.11.10-32.1
      kernel-debug-debugsource-3.11.10-32.1
      kernel-debug-devel-3.11.10-32.1
      kernel-debug-devel-debuginfo-3.11.10-32.1
      kernel-desktop-3.11.10-32.1
      kernel-desktop-base-3.11.10-32.1
      kernel-desktop-base-debuginfo-3.11.10-32.1
      kernel-desktop-debuginfo-3.11.10-32.1
      kernel-desktop-debugsource-3.11.10-32.1
      kernel-desktop-devel-3.11.10-32.1
      kernel-desktop-devel-debuginfo-3.11.10-32.1
      kernel-ec2-3.11.10-32.1
      kernel-ec2-base-3.11.10-32.1
      kernel-ec2-base-debuginfo-3.11.10-32.1
      kernel-ec2-debuginfo-3.11.10-32.1
      kernel-ec2-debugsource-3.11.10-32.1
      kernel-ec2-devel-3.11.10-32.1
      kernel-ec2-devel-debuginfo-3.11.10-32.1
      kernel-trace-3.11.10-32.1
      kernel-trace-base-3.11.10-32.1
      kernel-trace-base-debuginfo-3.11.10-32.1
      kernel-trace-debuginfo-3.11.10-32.1
      kernel-trace-debugsource-3.11.10-32.1
      kernel-trace-devel-3.11.10-32.1
      kernel-trace-devel-debuginfo-3.11.10-32.1
      kernel-vanilla-3.11.10-32.1
      kernel-vanilla-debuginfo-3.11.10-32.1
      kernel-vanilla-debugsource-3.11.10-32.1
      kernel-vanilla-devel-3.11.10-32.1
      kernel-vanilla-devel-debuginfo-3.11.10-32.1
      kernel-xen-3.11.10-32.1
      kernel-xen-base-3.11.10-32.1
      kernel-xen-base-debuginfo-3.11.10-32.1
      kernel-xen-debuginfo-3.11.10-32.1
      kernel-xen-debugsource-3.11.10-32.1
      kernel-xen-devel-3.11.10-32.1
      kernel-xen-devel-debuginfo-3.11.10-32.1

   - openSUSE 13.1 (i586 x86_64):

      cloop-2.639-11.22.2
      cloop-debuginfo-2.639-11.22.2
      cloop-debugsource-2.639-11.22.2
      cloop-kmp-default-2.639_k3.11.10_32-11.22.2
      cloop-kmp-default-debuginfo-2.639_k3.11.10_32-11.22.2
      cloop-kmp-desktop-2.639_k3.11.10_32-11.22.2
      cloop-kmp-desktop-debuginfo-2.639_k3.11.10_32-11.22.2
      cloop-kmp-xen-2.639_k3.11.10_32-11.22.2
      cloop-kmp-xen-debuginfo-2.639_k3.11.10_32-11.22.2
      crash-7.0.2-2.22.2
      crash-debuginfo-7.0.2-2.22.2
      crash-debugsource-7.0.2-2.22.2
      crash-devel-7.0.2-2.22.2
      crash-doc-7.0.2-2.22.2
      crash-eppic-7.0.2-2.22.2
      crash-eppic-debuginfo-7.0.2-2.22.2
      crash-gcore-7.0.2-2.22.2
      crash-gcore-debuginfo-7.0.2-2.22.2
      crash-kmp-default-7.0.2_k3.11.10_32-2.22.2
      crash-kmp-default-debuginfo-7.0.2_k3.11.10_32-2.22.2
      crash-kmp-desktop-7.0.2_k3.11.10_32-2.22.2
      crash-kmp-desktop-debuginfo-7.0.2_k3.11.10_32-2.22.2
      crash-kmp-xen-7.0.2_k3.11.10_32-2.22.2
      crash-kmp-xen-debuginfo-7.0.2_k3.11.10_32-2.22.2
      hdjmod-debugsource-1.28-16.22.2
      hdjmod-kmp-default-1.28_k3.11.10_32-16.22.2
      hdjmod-kmp-default-debuginfo-1.28_k3.11.10_32-16.22.2
      hdjmod-kmp-desktop-1.28_k3.11.10_32-16.22.2
      hdjmod-kmp-desktop-debuginfo-1.28_k3.11.10_32-16.22.2
      hdjmod-kmp-xen-1.28_k3.11.10_32-16.22.2
      hdjmod-kmp-xen-debuginfo-1.28_k3.11.10_32-16.22.2
      ipset-6.21.1-2.26.2
      ipset-debuginfo-6.21.1-2.26.2
      ipset-debugsource-6.21.1-2.26.2
      ipset-devel-6.21.1-2.26.2
      ipset-kmp-default-6.21.1_k3.11.10_32-2.26.2
      ipset-kmp-default-debuginfo-6.21.1_k3.11.10_32-2.26.2
      ipset-kmp-desktop-6.21.1_k3.11.10_32-2.26.2
      ipset-kmp-desktop-debuginfo-6.21.1_k3.11.10_32-2.26.2
      ipset-kmp-xen-6.21.1_k3.11.10_32-2.26.2
      ipset-kmp-xen-debuginfo-6.21.1_k3.11.10_32-2.26.2
      iscsitarget-1.4.20.3-13.22.2
      iscsitarget-debuginfo-1.4.20.3-13.22.2
      iscsitarget-debugsource-1.4.20.3-13.22.2
      iscsitarget-kmp-default-1.4.20.3_k3.11.10_32-13.22.2
      iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.11.10_32-13.22.2
      iscsitarget-kmp-desktop-1.4.20.3_k3.11.10_32-13.22.2
      iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.11.10_32-13.22.2
      iscsitarget-kmp-xen-1.4.20.3_k3.11.10_32-13.22.2
      iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.11.10_32-13.22.2
      kernel-default-3.11.10-32.1
      kernel-default-base-3.11.10-32.1
      kernel-default-base-debuginfo-3.11.10-32.1
      kernel-default-debuginfo-3.11.10-32.1
      kernel-default-debugsource-3.11.10-32.1
      kernel-default-devel-3.11.10-32.1
      kernel-default-devel-debuginfo-3.11.10-32.1
      kernel-syms-3.11.10-32.1
      libipset3-6.21.1-2.26.2
      libipset3-debuginfo-6.21.1-2.26.2
      ndiswrapper-1.58-22.1
      ndiswrapper-debuginfo-1.58-22.1
      ndiswrapper-debugsource-1.58-22.1
      ndiswrapper-kmp-default-1.58_k3.11.10_32-22.1
      ndiswrapper-kmp-default-debuginfo-1.58_k3.11.10_32-22.1
      ndiswrapper-kmp-desktop-1.58_k3.11.10_32-22.1
      ndiswrapper-kmp-desktop-debuginfo-1.58_k3.11.10_32-22.1
      pcfclock-0.44-258.22.1
      pcfclock-debuginfo-0.44-258.22.1
      pcfclock-debugsource-0.44-258.22.1
      pcfclock-kmp-default-0.44_k3.11.10_32-258.22.1
      pcfclock-kmp-default-debuginfo-0.44_k3.11.10_32-258.22.1
      pcfclock-kmp-desktop-0.44_k3.11.10_32-258.22.1
      pcfclock-kmp-desktop-debuginfo-0.44_k3.11.10_32-258.22.1
      python-virtualbox-4.2.36-2.55.1
      python-virtualbox-debuginfo-4.2.36-2.55.1
      vhba-kmp-debugsource-20130607-2.23.1
      vhba-kmp-default-20130607_k3.11.10_32-2.23.1
      vhba-kmp-default-debuginfo-20130607_k3.11.10_32-2.23.1
      vhba-kmp-desktop-20130607_k3.11.10_32-2.23.1
      vhba-kmp-desktop-debuginfo-20130607_k3.11.10_32-2.23.1
      vhba-kmp-xen-20130607_k3.11.10_32-2.23.1
      vhba-kmp-xen-debuginfo-20130607_k3.11.10_32-2.23.1
      virtualbox-4.2.36-2.55.1
      virtualbox-debuginfo-4.2.36-2.55.1
      virtualbox-debugsource-4.2.36-2.55.1
      virtualbox-devel-4.2.36-2.55.1
      virtualbox-guest-kmp-default-4.2.36_k3.11.10_32-2.55.1
      virtualbox-guest-kmp-default-debuginfo-4.2.36_k3.11.10_32-2.55.1
      virtualbox-guest-kmp-desktop-4.2.36_k3.11.10_32-2.55.1
      virtualbox-guest-kmp-desktop-debuginfo-4.2.36_k3.11.10_32-2.55.1
      virtualbox-guest-tools-4.2.36-2.55.1
      virtualbox-guest-tools-debuginfo-4.2.36-2.55.1
      virtualbox-guest-x11-4.2.36-2.55.1
      virtualbox-guest-x11-debuginfo-4.2.36-2.55.1
      virtualbox-host-kmp-default-4.2.36_k3.11.10_32-2.55.1
      virtualbox-host-kmp-default-debuginfo-4.2.36_k3.11.10_32-2.55.1
      virtualbox-host-kmp-desktop-4.2.36_k3.11.10_32-2.55.1
      virtualbox-host-kmp-desktop-debuginfo-4.2.36_k3.11.10_32-2.55.1
      virtualbox-qt-4.2.36-2.55.1
      virtualbox-qt-debuginfo-4.2.36-2.55.1
      virtualbox-websrv-4.2.36-2.55.1
      virtualbox-websrv-debuginfo-4.2.36-2.55.1
      xen-debugsource-4.3.4_10-56.1
      xen-devel-4.3.4_10-56.1
      xen-kmp-default-4.3.4_10_k3.11.10_32-56.1
      xen-kmp-default-debuginfo-4.3.4_10_k3.11.10_32-56.1
      xen-kmp-desktop-4.3.4_10_k3.11.10_32-56.1
      xen-kmp-desktop-debuginfo-4.3.4_10_k3.11.10_32-56.1
      xen-libs-4.3.4_10-56.1
      xen-libs-debuginfo-4.3.4_10-56.1
      xen-tools-domU-4.3.4_10-56.1
      xen-tools-domU-debuginfo-4.3.4_10-56.1
      xtables-addons-2.3-2.22.1
      xtables-addons-debuginfo-2.3-2.22.1
      xtables-addons-debugsource-2.3-2.22.1
      xtables-addons-kmp-default-2.3_k3.11.10_32-2.22.1
      xtables-addons-kmp-default-debuginfo-2.3_k3.11.10_32-2.22.1
      xtables-addons-kmp-desktop-2.3_k3.11.10_32-2.22.1
      xtables-addons-kmp-desktop-debuginfo-2.3_k3.11.10_32-2.22.1
      xtables-addons-kmp-xen-2.3_k3.11.10_32-2.22.1
      xtables-addons-kmp-xen-debuginfo-2.3_k3.11.10_32-2.22.1

   - openSUSE 13.1 (noarch):

      kernel-devel-3.11.10-32.1
      kernel-docs-3.11.10-32.3
      kernel-source-3.11.10-32.1
      kernel-source-vanilla-3.11.10-32.1
      virtualbox-host-source-4.2.36-2.55.1

   - openSUSE 13.1 (x86_64):

      xen-4.3.4_10-56.1
      xen-doc-html-4.3.4_10-56.1
      xen-libs-32bit-4.3.4_10-56.1
      xen-libs-debuginfo-32bit-4.3.4_10-56.1
      xen-tools-4.3.4_10-56.1
      xen-tools-debuginfo-4.3.4_10-56.1
      xen-xend-tools-4.3.4_10-56.1
      xen-xend-tools-debuginfo-4.3.4_10-56.1

   - openSUSE 13.1 (i686):

      kernel-pae-3.11.10-32.1
      kernel-pae-base-3.11.10-32.1
      kernel-pae-base-debuginfo-3.11.10-32.1
      kernel-pae-debuginfo-3.11.10-32.1
      kernel-pae-debugsource-3.11.10-32.1
      kernel-pae-devel-3.11.10-32.1
      kernel-pae-devel-debuginfo-3.11.10-32.1

   - openSUSE 13.1 (i586):

      cloop-kmp-pae-2.639_k3.11.10_32-11.22.2
      cloop-kmp-pae-debuginfo-2.639_k3.11.10_32-11.22.2
      crash-kmp-pae-7.0.2_k3.11.10_32-2.22.2
      crash-kmp-pae-debuginfo-7.0.2_k3.11.10_32-2.22.2
      hdjmod-kmp-pae-1.28_k3.11.10_32-16.22.2
      hdjmod-kmp-pae-debuginfo-1.28_k3.11.10_32-16.22.2
      ipset-kmp-pae-6.21.1_k3.11.10_32-2.26.2
      ipset-kmp-pae-debuginfo-6.21.1_k3.11.10_32-2.26.2
      iscsitarget-kmp-pae-1.4.20.3_k3.11.10_32-13.22.2
      iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.11.10_32-13.22.2
      ndiswrapper-kmp-pae-1.58_k3.11.10_32-22.1
      ndiswrapper-kmp-pae-debuginfo-1.58_k3.11.10_32-22.1
      pcfclock-kmp-pae-0.44_k3.11.10_32-258.22.1
      pcfclock-kmp-pae-debuginfo-0.44_k3.11.10_32-258.22.1
      vhba-kmp-pae-20130607_k3.11.10_32-2.23.1
      vhba-kmp-pae-debuginfo-20130607_k3.11.10_32-2.23.1
      virtualbox-guest-kmp-pae-4.2.36_k3.11.10_32-2.55.1
      virtualbox-guest-kmp-pae-debuginfo-4.2.36_k3.11.10_32-2.55.1
      virtualbox-host-kmp-pae-4.2.36_k3.11.10_32-2.55.1
      virtualbox-host-kmp-pae-debuginfo-4.2.36_k3.11.10_32-2.55.1
      xen-kmp-pae-4.3.4_10_k3.11.10_32-56.1
      xen-kmp-pae-debuginfo-4.3.4_10_k3.11.10_32-56.1
      xtables-addons-kmp-pae-2.3_k3.11.10_32-2.22.1
      xtables-addons-kmp-pae-debuginfo-2.3_k3.11.10_32-2.22.1


References:

   https://www.suse.com/security/cve/CVE-2014-2568.html
   https://www.suse.com/security/cve/CVE-2014-8133.html
   https://www.suse.com/security/cve/CVE-2014-8989.html
   https://www.suse.com/security/cve/CVE-2014-9090.html
   https://www.suse.com/security/cve/CVE-2014-9419.html
   https://www.suse.com/security/cve/CVE-2014-9529.html
   https://www.suse.com/security/cve/CVE-2014-9683.html
   https://www.suse.com/security/cve/CVE-2014-9715.html
   https://www.suse.com/security/cve/CVE-2014-9728.html
   https://www.suse.com/security/cve/CVE-2014-9729.html
   https://www.suse.com/security/cve/CVE-2014-9730.html
   https://www.suse.com/security/cve/CVE-2014-9731.html
   https://www.suse.com/security/cve/CVE-2015-0272.html
   https://www.suse.com/security/cve/CVE-2015-0777.html
   https://www.suse.com/security/cve/CVE-2015-1420.html
   https://www.suse.com/security/cve/CVE-2015-1421.html
   https://www.suse.com/security/cve/CVE-2015-2041.html
   https://www.suse.com/security/cve/CVE-2015-2042.html
   https://www.suse.com/security/cve/CVE-2015-2150.html
   https://www.suse.com/security/cve/CVE-2015-2666.html
   https://www.suse.com/security/cve/CVE-2015-2830.html
   https://www.suse.com/security/cve/CVE-2015-2922.html
   https://www.suse.com/security/cve/CVE-2015-2925.html
   https://www.suse.com/security/cve/CVE-2015-3212.html
   https://www.suse.com/security/cve/CVE-2015-3339.html
   https://www.suse.com/security/cve/CVE-2015-3636.html
   https://www.suse.com/security/cve/CVE-2015-4001.html
   https://www.suse.com/security/cve/CVE-2015-4002.html
   https://www.suse.com/security/cve/CVE-2015-4003.html
   https://www.suse.com/security/cve/CVE-2015-4004.html
   https://www.suse.com/security/cve/CVE-2015-4036.html
   https://www.suse.com/security/cve/CVE-2015-4167.html
   https://www.suse.com/security/cve/CVE-2015-4692.html
   https://www.suse.com/security/cve/CVE-2015-4700.html
   https://www.suse.com/security/cve/CVE-2015-5157.html
   https://www.suse.com/security/cve/CVE-2015-5283.html
   https://www.suse.com/security/cve/CVE-2015-5307.html
   https://www.suse.com/security/cve/CVE-2015-5364.html
   https://www.suse.com/security/cve/CVE-2015-5366.html
   https://www.suse.com/security/cve/CVE-2015-5707.html
   https://www.suse.com/security/cve/CVE-2015-6937.html
   https://www.suse.com/security/cve/CVE-2015-7550.html
   https://www.suse.com/security/cve/CVE-2015-7799.html
   https://www.suse.com/security/cve/CVE-2015-7833.html
   https://www.suse.com/security/cve/CVE-2015-7872.html
   https://www.suse.com/security/cve/CVE-2015-7885.html
   https://www.suse.com/security/cve/CVE-2015-7990.html
   https://www.suse.com/security/cve/CVE-2015-8104.html
   https://www.suse.com/security/cve/CVE-2015-8215.html
   https://www.suse.com/security/cve/CVE-2015-8543.html
   https://www.suse.com/security/cve/CVE-2015-8550.html
   https://www.suse.com/security/cve/CVE-2015-8551.html
   https://www.suse.com/security/cve/CVE-2015-8552.html
   https://www.suse.com/security/cve/CVE-2015-8569.html
   https://www.suse.com/security/cve/CVE-2015-8575.html
   https://www.suse.com/security/cve/CVE-2015-8767.html
   https://www.suse.com/security/cve/CVE-2016-0728.html
   https://bugzilla.suse.com/814440
   https://bugzilla.suse.com/851610
   https://bugzilla.suse.com/869564
   https://bugzilla.suse.com/873385
   https://bugzilla.suse.com/906545
   https://bugzilla.suse.com/907818
   https://bugzilla.suse.com/909077
   https://bugzilla.suse.com/909477
   https://bugzilla.suse.com/911326
   https://bugzilla.suse.com/912202
   https://bugzilla.suse.com/915517
   https://bugzilla.suse.com/915577
   https://bugzilla.suse.com/917830
   https://bugzilla.suse.com/918333
   https://bugzilla.suse.com/919007
   https://bugzilla.suse.com/919018
   https://bugzilla.suse.com/919463
   https://bugzilla.suse.com/919596
   https://bugzilla.suse.com/921313
   https://bugzilla.suse.com/921949
   https://bugzilla.suse.com/922583
   https://bugzilla.suse.com/922936
   https://bugzilla.suse.com/922944
   https://bugzilla.suse.com/926238
   https://bugzilla.suse.com/926240
   https://bugzilla.suse.com/927780
   https://bugzilla.suse.com/927786
   https://bugzilla.suse.com/928130
   https://bugzilla.suse.com/929525
   https://bugzilla.suse.com/930399
   https://bugzilla.suse.com/931988
   https://bugzilla.suse.com/932348
   https://bugzilla.suse.com/933896
   https://bugzilla.suse.com/933904
   https://bugzilla.suse.com/933907
   https://bugzilla.suse.com/933934
   https://bugzilla.suse.com/935542
   https://bugzilla.suse.com/935705
   https://bugzilla.suse.com/936502
   https://bugzilla.suse.com/936831
   https://bugzilla.suse.com/937032
   https://bugzilla.suse.com/937033
   https://bugzilla.suse.com/937969
   https://bugzilla.suse.com/938706
   https://bugzilla.suse.com/940338
   https://bugzilla.suse.com/944296
   https://bugzilla.suse.com/945825
   https://bugzilla.suse.com/947155
   https://bugzilla.suse.com/949936
   https://bugzilla.suse.com/950998
   https://bugzilla.suse.com/951194
   https://bugzilla.suse.com/951440
   https://bugzilla.suse.com/951627
   https://bugzilla.suse.com/952384
   https://bugzilla.suse.com/952579
   https://bugzilla.suse.com/952976
   https://bugzilla.suse.com/953052
   https://bugzilla.suse.com/953527
   https://bugzilla.suse.com/954138
   https://bugzilla.suse.com/954404
   https://bugzilla.suse.com/955224
   https://bugzilla.suse.com/955354
   https://bugzilla.suse.com/955422
   https://bugzilla.suse.com/956708
   https://bugzilla.suse.com/956934
   https://bugzilla.suse.com/957988
   https://bugzilla.suse.com/957990
   https://bugzilla.suse.com/958504
   https://bugzilla.suse.com/958510
   https://bugzilla.suse.com/958886
   https://bugzilla.suse.com/958951
   https://bugzilla.suse.com/959190
   https://bugzilla.suse.com/959399
   https://bugzilla.suse.com/959568
   https://bugzilla.suse.com/960839
   https://bugzilla.suse.com/961509
   https://bugzilla.suse.com/961739
   https://bugzilla.suse.com/962075

openSUSE: 2016:0301-1: important: the Linux Kernel

February 1, 2016
An update that solves 57 vulnerabilities and has 21 fixes An update that solves 57 vulnerabilities and has 21 fixes An update that solves 57 vulnerabilities and has 21 fixes is now...

Description

The openSUSE 13.1 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: - CVE-2016-0728: A reference leak in keyring handling with join_session_keyring() could lead to local attackers gain root privileges. (bsc#962075). - CVE-2015-7550: A local user could have triggered a race between read and revoke in keyctl (bnc#958951). - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190). - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886). - CVE-2014-8989: The Linux kernel did not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allowed local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups" issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c (bnc#906545). - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI (bnc#937969). - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936). - CVE-2015-8104: The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404). - CVE-2015-5307: The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527). - CVE-2014-9529: Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key (bnc#912202). - CVE-2015-7990: Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937 (bnc#952384 953052). - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825). - CVE-2015-7885: The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 did not initialize a certain structure member, which allowed local users to obtain sensitive information from kernel memory via a crafted application (bnc#951627). - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel did not validate attempted changes to the MTU value, which allowed context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product (bnc#955354). - CVE-2015-8767: A case can occur when sctp_accept() is called by the user during a heartbeat timeout event after the 4-way handshake. Since sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the listening socket but released with the new association socket. The result is a deadlock on any future attempts to take the listening socket lock. (bsc#961509) - CVE-2015-8575: Validate socket address length in sco_sock_bind() to prevent information leak (bsc#959399). - CVE-2015-8551, CVE-2015-8552: xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990). - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers could have lead to double fetch vulnerabilities, causing denial of service or arbitrary code execution (depending on the configuration) (bsc#957988). The following non-security bugs were fixed: - ALSA: hda - Disable 64bit address for Creative HDA controllers (bnc#814440). - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504). - Input: aiptek - fix crash on detecting device without endpoints (bnc#956708). - KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y (boo#956934). - KVM: x86: update masterclock values on TSC writes (bsc#961739). - NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2 client (bsc#960839). - apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task (bsc#921949). - blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976). - blktap: refine mm tracking (bsc#952976). - cdrom: Random writing support for BD-RE media (bnc#959568). - genksyms: Handle string literals with spaces in reference files (bsc#958510). - ipv4: Do not increase PMTU with Datagram Too Big message (bsc#955224). - ipv6: distinguish frag queues by device for multicast and link-local packets (bsc#955422). - ipv6: fix tunnel error handling (bsc#952579). - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224). - uas: Add response iu handling (bnc#954138). - usbvision fix overflow of interfaces array (bnc#950998). - x86/evtchn: make use of PHYSDEVOP_map_pirq. - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set (bsc#957990 XSA-157).

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch openSUSE-2016-124=1 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE 13.1 (i686 x86_64): kernel-debug-3.11.10-32.1 kernel-debug-base-3.11.10-32.1 kernel-debug-base-debuginfo-3.11.10-32.1 kernel-debug-debuginfo-3.11.10-32.1 kernel-debug-debugsource-3.11.10-32.1 kernel-debug-devel-3.11.10-32.1 kernel-debug-devel-debuginfo-3.11.10-32.1 kernel-desktop-3.11.10-32.1 kernel-desktop-base-3.11.10-32.1 kernel-desktop-base-debuginfo-3.11.10-32.1 kernel-desktop-debuginfo-3.11.10-32.1 kernel-desktop-debugsource-3.11.10-32.1 kernel-desktop-devel-3.11.10-32.1 kernel-desktop-devel-debuginfo-3.11.10-32.1 kernel-ec2-3.11.10-32.1 kernel-ec2-base-3.11.10-32.1 kernel-ec2-base-debuginfo-3.11.10-32.1 kernel-ec2-debuginfo-3.11.10-32.1 kernel-ec2-debugsource-3.11.10-32.1 kernel-ec2-devel-3.11.10-32.1 kernel-ec2-devel-debuginfo-3.11.10-32.1 kernel-trace-3.11.10-32.1 kernel-trace-base-3.11.10-32.1 kernel-trace-base-debuginfo-3.11.10-32.1 kernel-trace-debuginfo-3.11.10-32.1 kernel-trace-debugsource-3.11.10-32.1 kernel-trace-devel-3.11.10-32.1 kernel-trace-devel-debuginfo-3.11.10-32.1 kernel-vanilla-3.11.10-32.1 kernel-vanilla-debuginfo-3.11.10-32.1 kernel-vanilla-debugsource-3.11.10-32.1 kernel-vanilla-devel-3.11.10-32.1 kernel-vanilla-devel-debuginfo-3.11.10-32.1 kernel-xen-3.11.10-32.1 kernel-xen-base-3.11.10-32.1 kernel-xen-base-debuginfo-3.11.10-32.1 kernel-xen-debuginfo-3.11.10-32.1 kernel-xen-debugsource-3.11.10-32.1 kernel-xen-devel-3.11.10-32.1 kernel-xen-devel-debuginfo-3.11.10-32.1 - openSUSE 13.1 (i586 x86_64): cloop-2.639-11.22.2 cloop-debuginfo-2.639-11.22.2 cloop-debugsource-2.639-11.22.2 cloop-kmp-default-2.639_k3.11.10_32-11.22.2 cloop-kmp-default-debuginfo-2.639_k3.11.10_32-11.22.2 cloop-kmp-desktop-2.639_k3.11.10_32-11.22.2 cloop-kmp-desktop-debuginfo-2.639_k3.11.10_32-11.22.2 cloop-kmp-xen-2.639_k3.11.10_32-11.22.2 cloop-kmp-xen-debuginfo-2.639_k3.11.10_32-11.22.2 crash-7.0.2-2.22.2 crash-debuginfo-7.0.2-2.22.2 crash-debugsource-7.0.2-2.22.2 crash-devel-7.0.2-2.22.2 crash-doc-7.0.2-2.22.2 crash-eppic-7.0.2-2.22.2 crash-eppic-debuginfo-7.0.2-2.22.2 crash-gcore-7.0.2-2.22.2 crash-gcore-debuginfo-7.0.2-2.22.2 crash-kmp-default-7.0.2_k3.11.10_32-2.22.2 crash-kmp-default-debuginfo-7.0.2_k3.11.10_32-2.22.2 crash-kmp-desktop-7.0.2_k3.11.10_32-2.22.2 crash-kmp-desktop-debuginfo-7.0.2_k3.11.10_32-2.22.2 crash-kmp-xen-7.0.2_k3.11.10_32-2.22.2 crash-kmp-xen-debuginfo-7.0.2_k3.11.10_32-2.22.2 hdjmod-debugsource-1.28-16.22.2 hdjmod-kmp-default-1.28_k3.11.10_32-16.22.2 hdjmod-kmp-default-debuginfo-1.28_k3.11.10_32-16.22.2 hdjmod-kmp-desktop-1.28_k3.11.10_32-16.22.2 hdjmod-kmp-desktop-debuginfo-1.28_k3.11.10_32-16.22.2 hdjmod-kmp-xen-1.28_k3.11.10_32-16.22.2 hdjmod-kmp-xen-debuginfo-1.28_k3.11.10_32-16.22.2 ipset-6.21.1-2.26.2 ipset-debuginfo-6.21.1-2.26.2 ipset-debugsource-6.21.1-2.26.2 ipset-devel-6.21.1-2.26.2 ipset-kmp-default-6.21.1_k3.11.10_32-2.26.2 ipset-kmp-default-debuginfo-6.21.1_k3.11.10_32-2.26.2 ipset-kmp-desktop-6.21.1_k3.11.10_32-2.26.2 ipset-kmp-desktop-debuginfo-6.21.1_k3.11.10_32-2.26.2 ipset-kmp-xen-6.21.1_k3.11.10_32-2.26.2 ipset-kmp-xen-debuginfo-6.21.1_k3.11.10_32-2.26.2 iscsitarget-1.4.20.3-13.22.2 iscsitarget-debuginfo-1.4.20.3-13.22.2 iscsitarget-debugsource-1.4.20.3-13.22.2 iscsitarget-kmp-default-1.4.20.3_k3.11.10_32-13.22.2 iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.11.10_32-13.22.2 iscsitarget-kmp-desktop-1.4.20.3_k3.11.10_32-13.22.2 iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.11.10_32-13.22.2 iscsitarget-kmp-xen-1.4.20.3_k3.11.10_32-13.22.2 iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.11.10_32-13.22.2 kernel-default-3.11.10-32.1 kernel-default-base-3.11.10-32.1 kernel-default-base-debuginfo-3.11.10-32.1 kernel-default-debuginfo-3.11.10-32.1 kernel-default-debugsource-3.11.10-32.1 kernel-default-devel-3.11.10-32.1 kernel-default-devel-debuginfo-3.11.10-32.1 kernel-syms-3.11.10-32.1 libipset3-6.21.1-2.26.2 libipset3-debuginfo-6.21.1-2.26.2 ndiswrapper-1.58-22.1 ndiswrapper-debuginfo-1.58-22.1 ndiswrapper-debugsource-1.58-22.1 ndiswrapper-kmp-default-1.58_k3.11.10_32-22.1 ndiswrapper-kmp-default-debuginfo-1.58_k3.11.10_32-22.1 ndiswrapper-kmp-desktop-1.58_k3.11.10_32-22.1 ndiswrapper-kmp-desktop-debuginfo-1.58_k3.11.10_32-22.1 pcfclock-0.44-258.22.1 pcfclock-debuginfo-0.44-258.22.1 pcfclock-debugsource-0.44-258.22.1 pcfclock-kmp-default-0.44_k3.11.10_32-258.22.1 pcfclock-kmp-default-debuginfo-0.44_k3.11.10_32-258.22.1 pcfclock-kmp-desktop-0.44_k3.11.10_32-258.22.1 pcfclock-kmp-desktop-debuginfo-0.44_k3.11.10_32-258.22.1 python-virtualbox-4.2.36-2.55.1 python-virtualbox-debuginfo-4.2.36-2.55.1 vhba-kmp-debugsource-20130607-2.23.1 vhba-kmp-default-20130607_k3.11.10_32-2.23.1 vhba-kmp-default-debuginfo-20130607_k3.11.10_32-2.23.1 vhba-kmp-desktop-20130607_k3.11.10_32-2.23.1 vhba-kmp-desktop-debuginfo-20130607_k3.11.10_32-2.23.1 vhba-kmp-xen-20130607_k3.11.10_32-2.23.1 vhba-kmp-xen-debuginfo-20130607_k3.11.10_32-2.23.1 virtualbox-4.2.36-2.55.1 virtualbox-debuginfo-4.2.36-2.55.1 virtualbox-debugsource-4.2.36-2.55.1 virtualbox-devel-4.2.36-2.55.1 virtualbox-guest-kmp-default-4.2.36_k3.11.10_32-2.55.1 virtualbox-guest-kmp-default-debuginfo-4.2.36_k3.11.10_32-2.55.1 virtualbox-guest-kmp-desktop-4.2.36_k3.11.10_32-2.55.1 virtualbox-guest-kmp-desktop-debuginfo-4.2.36_k3.11.10_32-2.55.1 virtualbox-guest-tools-4.2.36-2.55.1 virtualbox-guest-tools-debuginfo-4.2.36-2.55.1 virtualbox-guest-x11-4.2.36-2.55.1 virtualbox-guest-x11-debuginfo-4.2.36-2.55.1 virtualbox-host-kmp-default-4.2.36_k3.11.10_32-2.55.1 virtualbox-host-kmp-default-debuginfo-4.2.36_k3.11.10_32-2.55.1 virtualbox-host-kmp-desktop-4.2.36_k3.11.10_32-2.55.1 virtualbox-host-kmp-desktop-debuginfo-4.2.36_k3.11.10_32-2.55.1 virtualbox-qt-4.2.36-2.55.1 virtualbox-qt-debuginfo-4.2.36-2.55.1 virtualbox-websrv-4.2.36-2.55.1 virtualbox-websrv-debuginfo-4.2.36-2.55.1 xen-debugsource-4.3.4_10-56.1 xen-devel-4.3.4_10-56.1 xen-kmp-default-4.3.4_10_k3.11.10_32-56.1 xen-kmp-default-debuginfo-4.3.4_10_k3.11.10_32-56.1 xen-kmp-desktop-4.3.4_10_k3.11.10_32-56.1 xen-kmp-desktop-debuginfo-4.3.4_10_k3.11.10_32-56.1 xen-libs-4.3.4_10-56.1 xen-libs-debuginfo-4.3.4_10-56.1 xen-tools-domU-4.3.4_10-56.1 xen-tools-domU-debuginfo-4.3.4_10-56.1 xtables-addons-2.3-2.22.1 xtables-addons-debuginfo-2.3-2.22.1 xtables-addons-debugsource-2.3-2.22.1 xtables-addons-kmp-default-2.3_k3.11.10_32-2.22.1 xtables-addons-kmp-default-debuginfo-2.3_k3.11.10_32-2.22.1 xtables-addons-kmp-desktop-2.3_k3.11.10_32-2.22.1 xtables-addons-kmp-desktop-debuginfo-2.3_k3.11.10_32-2.22.1 xtables-addons-kmp-xen-2.3_k3.11.10_32-2.22.1 xtables-addons-kmp-xen-debuginfo-2.3_k3.11.10_32-2.22.1 - openSUSE 13.1 (noarch): kernel-devel-3.11.10-32.1 kernel-docs-3.11.10-32.3 kernel-source-3.11.10-32.1 kernel-source-vanilla-3.11.10-32.1 virtualbox-host-source-4.2.36-2.55.1 - openSUSE 13.1 (x86_64): xen-4.3.4_10-56.1 xen-doc-html-4.3.4_10-56.1 xen-libs-32bit-4.3.4_10-56.1 xen-libs-debuginfo-32bit-4.3.4_10-56.1 xen-tools-4.3.4_10-56.1 xen-tools-debuginfo-4.3.4_10-56.1 xen-xend-tools-4.3.4_10-56.1 xen-xend-tools-debuginfo-4.3.4_10-56.1 - openSUSE 13.1 (i686): kernel-pae-3.11.10-32.1 kernel-pae-base-3.11.10-32.1 kernel-pae-base-debuginfo-3.11.10-32.1 kernel-pae-debuginfo-3.11.10-32.1 kernel-pae-debugsource-3.11.10-32.1 kernel-pae-devel-3.11.10-32.1 kernel-pae-devel-debuginfo-3.11.10-32.1 - openSUSE 13.1 (i586): cloop-kmp-pae-2.639_k3.11.10_32-11.22.2 cloop-kmp-pae-debuginfo-2.639_k3.11.10_32-11.22.2 crash-kmp-pae-7.0.2_k3.11.10_32-2.22.2 crash-kmp-pae-debuginfo-7.0.2_k3.11.10_32-2.22.2 hdjmod-kmp-pae-1.28_k3.11.10_32-16.22.2 hdjmod-kmp-pae-debuginfo-1.28_k3.11.10_32-16.22.2 ipset-kmp-pae-6.21.1_k3.11.10_32-2.26.2 ipset-kmp-pae-debuginfo-6.21.1_k3.11.10_32-2.26.2 iscsitarget-kmp-pae-1.4.20.3_k3.11.10_32-13.22.2 iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.11.10_32-13.22.2 ndiswrapper-kmp-pae-1.58_k3.11.10_32-22.1 ndiswrapper-kmp-pae-debuginfo-1.58_k3.11.10_32-22.1 pcfclock-kmp-pae-0.44_k3.11.10_32-258.22.1 pcfclock-kmp-pae-debuginfo-0.44_k3.11.10_32-258.22.1 vhba-kmp-pae-20130607_k3.11.10_32-2.23.1 vhba-kmp-pae-debuginfo-20130607_k3.11.10_32-2.23.1 virtualbox-guest-kmp-pae-4.2.36_k3.11.10_32-2.55.1 virtualbox-guest-kmp-pae-debuginfo-4.2.36_k3.11.10_32-2.55.1 virtualbox-host-kmp-pae-4.2.36_k3.11.10_32-2.55.1 virtualbox-host-kmp-pae-debuginfo-4.2.36_k3.11.10_32-2.55.1 xen-kmp-pae-4.3.4_10_k3.11.10_32-56.1 xen-kmp-pae-debuginfo-4.3.4_10_k3.11.10_32-56.1 xtables-addons-kmp-pae-2.3_k3.11.10_32-2.22.1 xtables-addons-kmp-pae-debuginfo-2.3_k3.11.10_32-2.22.1


References

https://www.suse.com/security/cve/CVE-2014-2568.html https://www.suse.com/security/cve/CVE-2014-8133.html https://www.suse.com/security/cve/CVE-2014-8989.html https://www.suse.com/security/cve/CVE-2014-9090.html https://www.suse.com/security/cve/CVE-2014-9419.html https://www.suse.com/security/cve/CVE-2014-9529.html https://www.suse.com/security/cve/CVE-2014-9683.html https://www.suse.com/security/cve/CVE-2014-9715.html https://www.suse.com/security/cve/CVE-2014-9728.html https://www.suse.com/security/cve/CVE-2014-9729.html https://www.suse.com/security/cve/CVE-2014-9730.html https://www.suse.com/security/cve/CVE-2014-9731.html https://www.suse.com/security/cve/CVE-2015-0272.html https://www.suse.com/security/cve/CVE-2015-0777.html https://www.suse.com/security/cve/CVE-2015-1420.html https://www.suse.com/security/cve/CVE-2015-1421.html https://www.suse.com/security/cve/CVE-2015-2041.html https://www.suse.com/security/cve/CVE-2015-2042.html https://www.suse.com/security/cve/CVE-2015-2150.html https://www.suse.com/security/cve/CVE-2015-2666.html https://www.suse.com/security/cve/CVE-2015-2830.html https://www.suse.com/security/cve/CVE-2015-2922.html https://www.suse.com/security/cve/CVE-2015-2925.html https://www.suse.com/security/cve/CVE-2015-3212.html https://www.suse.com/security/cve/CVE-2015-3339.html https://www.suse.com/security/cve/CVE-2015-3636.html https://www.suse.com/security/cve/CVE-2015-4001.html https://www.suse.com/security/cve/CVE-2015-4002.html https://www.suse.com/security/cve/CVE-2015-4003.html https://www.suse.com/security/cve/CVE-2015-4004.html https://www.suse.com/security/cve/CVE-2015-4036.html https://www.suse.com/security/cve/CVE-2015-4167.html https://www.suse.com/security/cve/CVE-2015-4692.html https://www.suse.com/security/cve/CVE-2015-4700.html https://www.suse.com/security/cve/CVE-2015-5157.html https://www.suse.com/security/cve/CVE-2015-5283.html https://www.suse.com/security/cve/CVE-2015-5307.html https://www.suse.com/security/cve/CVE-2015-5364.html https://www.suse.com/security/cve/CVE-2015-5366.html https://www.suse.com/security/cve/CVE-2015-5707.html https://www.suse.com/security/cve/CVE-2015-6937.html https://www.suse.com/security/cve/CVE-2015-7550.html https://www.suse.com/security/cve/CVE-2015-7799.html https://www.suse.com/security/cve/CVE-2015-7833.html https://www.suse.com/security/cve/CVE-2015-7872.html https://www.suse.com/security/cve/CVE-2015-7885.html https://www.suse.com/security/cve/CVE-2015-7990.html https://www.suse.com/security/cve/CVE-2015-8104.html https://www.suse.com/security/cve/CVE-2015-8215.html https://www.suse.com/security/cve/CVE-2015-8543.html https://www.suse.com/security/cve/CVE-2015-8550.html https://www.suse.com/security/cve/CVE-2015-8551.html https://www.suse.com/security/cve/CVE-2015-8552.html https://www.suse.com/security/cve/CVE-2015-8569.html https://www.suse.com/security/cve/CVE-2015-8575.html https://www.suse.com/security/cve/CVE-2015-8767.html https://www.suse.com/security/cve/CVE-2016-0728.html https://bugzilla.suse.com/814440 https://bugzilla.suse.com/851610 https://bugzilla.suse.com/869564 https://bugzilla.suse.com/873385 https://bugzilla.suse.com/906545 https://bugzilla.suse.com/907818 https://bugzilla.suse.com/909077 https://bugzilla.suse.com/909477 https://bugzilla.suse.com/911326 https://bugzilla.suse.com/912202 https://bugzilla.suse.com/915517 https://bugzilla.suse.com/915577 https://bugzilla.suse.com/917830 https://bugzilla.suse.com/918333 https://bugzilla.suse.com/919007 https://bugzilla.suse.com/919018 https://bugzilla.suse.com/919463 https://bugzilla.suse.com/919596 https://bugzilla.suse.com/921313 https://bugzilla.suse.com/921949 https://bugzilla.suse.com/922583 https://bugzilla.suse.com/922936 https://bugzilla.suse.com/922944 https://bugzilla.suse.com/926238 https://bugzilla.suse.com/926240 https://bugzilla.suse.com/927780 https://bugzilla.suse.com/927786 https://bugzilla.suse.com/928130 https://bugzilla.suse.com/929525 https://bugzilla.suse.com/930399 https://bugzilla.suse.com/931988 https://bugzilla.suse.com/932348 https://bugzilla.suse.com/933896 https://bugzilla.suse.com/933904 https://bugzilla.suse.com/933907 https://bugzilla.suse.com/933934 https://bugzilla.suse.com/935542 https://bugzilla.suse.com/935705 https://bugzilla.suse.com/936502 https://bugzilla.suse.com/936831 https://bugzilla.suse.com/937032 https://bugzilla.suse.com/937033 https://bugzilla.suse.com/937969 https://bugzilla.suse.com/938706 https://bugzilla.suse.com/940338 https://bugzilla.suse.com/944296 https://bugzilla.suse.com/945825 https://bugzilla.suse.com/947155 https://bugzilla.suse.com/949936 https://bugzilla.suse.com/950998 https://bugzilla.suse.com/951194 https://bugzilla.suse.com/951440 https://bugzilla.suse.com/951627 https://bugzilla.suse.com/952384 https://bugzilla.suse.com/952579 https://bugzilla.suse.com/952976 https://bugzilla.suse.com/953052 https://bugzilla.suse.com/953527 https://bugzilla.suse.com/954138 https://bugzilla.suse.com/954404 https://bugzilla.suse.com/955224 https://bugzilla.suse.com/955354 https://bugzilla.suse.com/955422 https://bugzilla.suse.com/956708 https://bugzilla.suse.com/956934 https://bugzilla.suse.com/957988 https://bugzilla.suse.com/957990 https://bugzilla.suse.com/958504 https://bugzilla.suse.com/958510 https://bugzilla.suse.com/958886 https://bugzilla.suse.com/958951 https://bugzilla.suse.com/959190 https://bugzilla.suse.com/959399 https://bugzilla.suse.com/959568 https://bugzilla.suse.com/960839 https://bugzilla.suse.com/961509 https://bugzilla.suse.com/961739 https://bugzilla.suse.com/962075


Severity
Announcement ID: openSUSE-SU-2016:0301-1
Rating: important
Affected Products: openSUSE 13.1

Related News

Google Chrome 129: Addressing Crucial Vulnerabilities and Enhancing Security
2 - 4 min read
Google Chrome remains the crown jewel in the browser market, with an impressive user base of approximately 3.45 billion. However, this immense
Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
2 - 4 min read
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is
CISA Sounds Alarm on Newly Exploited Vulnerabilities: Is Your System at Risk?
3 - 5 min read
CISA regularly publishes updates regarding vulnerabilities that present severe threats to global cybersecurity. Recently, CISA added three
Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved