openSUSE 13.2: 2016:0318-1 Critical: Linux Kernel Privilege Escalation Fix
opensuse
February 3, 2016
An update that solves 19 vulnerabilities and has 18 fixes An update that solves 19 vulnerabilities and has 18 fixes An update that solves 19 vulnerabilities and has 18 fixes is now...
Description
The openSUSE 13.2 kernel was updated to receive various security and
bugfixes.
Following security bugs were fixed:
- CVE-2016-0728: A reference leak in keyring handling with
join_session_keyring() could lead to local attackers gain root
privileges. (bsc#962075).
- CVE-2015-7550: A local user could have triggered a race between read and
revoke in keyctl (bnc#958951).
- CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in
drivers/net/ppp/pptp.c in the Linux kernel did not verify an address
length, which allowed local users to obtain sensitive information from
kernel memory and bypass the KASLR protection mechanism via a crafted
application (bnc#959190).
- CVE-2015-8543: The networking implementation in the Linux kernel did not
validate protocol identifiers for certain protocol families, which
allowed local users to cause a denial of service (NULL function pointer
dereference and system crash) or...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.2:
zypper in -t patch openSUSE-2016-136=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 13.2 (i686 x86_64):
kernel-debug-3.16.7-32.1
kernel-debug-base-3.16.7-32.1
kernel-debug-base-debuginfo-3.16.7-32.1
kernel-debug-debuginfo-3.16.7-32.1
kernel-debug-debugsource-3.16.7-32.1
kernel-debug-devel-3.16.7-32.1
kernel-debug-devel-debuginfo-3.16.7-32.1
kernel-desktop-3.16.7-32.1
kernel-desktop-base-3.16.7-32.1
kernel-desktop-base-debuginfo-3.16.7-32.1
kernel-desktop-debuginfo-3.16.7-32.1
kernel-desktop-debugsource-3.16.7-32.1
kernel-desktop-devel-3.16.7-32.1
kernel-ec2-base-debuginfo-3.16.7-32.1
kernel-ec2-debuginfo-3.16.7-32.1
kernel-ec2-debugsource-3.16.7-32.1
kernel-vanilla-3.16.7-32.1
kernel-vanilla-debuginfo-3.16.7-32.1
kernel-vanilla-debugsource-3.16.7-32.1
kernel-vanilla-devel-3.16.7-32.1
kernel-xen-3.16.7-32.1
kernel-xen-base-3.16.7-32.1
kernel-xen-base-debuginfo-3.16.7-32.1
kernel-xen-debuginfo-3.16.7-32.1
kernel-xen-debugsource-3.16.7-32.1
kernel-xen-devel-3.16.7-32.1
- openSUSE 13.2 (i586 x86_64):
bbswitch-0.8-3.15.1
bbswitch-debugsource-0.8-3.15.1
bbswitch-kmp-default-0.8_k3.16.7_32-3.1...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2014-8989.html
https://www.suse.com/security/cve/CVE-2014-9529.html
https://www.suse.com/security/cve/CVE-2015-5157.html
https://www.suse.com/security/cve/CVE-2015-5307.html
https://www.suse.com/security/cve/CVE-2015-6937.html
https://www.suse.com/security/cve/CVE-2015-7550.html
https://www.suse.com/security/cve/CVE-2015-7799.html
https://www.suse.com/security/cve/CVE-2015-7885.html
https://www.suse.com/security/cve/CVE-2015-7990.html
https://www.suse.com/security/cve/CVE-2015-8104.html
https://www.suse.com/security/cve/CVE-2015-8215.html
https://www.suse.com/security/cve/CVE-2015-8543.html
https://www.suse.com/security/cve/CVE-2015-8550.html
https://www.suse.com/security/cve/CVE-2015-8551.html
https://www.suse.com/security/cve/CVE-2015-8552.html
https://www.suse.com/security/cve/CVE-2015-8569.html
https://www.suse.com/security/cve/CVE-2015-8575.html
https://www.suse.com/security/cve/CVE-2015-8767.html
https://www.suse.com/security/cve/CVE-2016-0728.html
https://bugz...
Read the Full Advisory
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2016:0318-1
Rating: important
Affected Products:
openSUSE 13.2
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!