Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

openSUSE 42.1: Crucial Security Patch Released for Linux Kernel Update

opensuse
Calendar Grey May 23, 2016
Dist Opensuse Esm H88
An important openSUSE upgrade addresses 11 vulnerabilities within the Linux kernel. Discover the enhancements and patch specifics.
An update that solves 11 vulnerabilities and has four fixes is now available.

Description

The openSUSE Leap 42.1 kernel was updated to receive various security and

bugfixes.

The following security bugs were fixed:

- CVE-2016-2847: Limit the per-user amount of pages allocated in pipes

(bsc#970948).

- CVE-2016-3136: mct_u232: add sanity checking in probe (bnc#970955).

- CVE-2016-2188: iowarrior: fix oops with malicious USB descriptors (bnc#970956).

- CVE-2016-3138: cdc-acm: more sanity checking (bnc#970911).

- CVE-2016-3137: cypress_m8: add endpoint sanity check (bnc#970970).

- CVE-2016-3951: cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind

(bnc#974418).

- CVE-2016-3140: digi_acceleport: do sanity checking for the number of

ports (bnc#970892).

- CVE-2016-2186: powermate: fix oops with malicious USB descriptors (bnc#970958).

- CVE-2016-2185: usb_driver_claim_interface: add sanity checking

(bnc#971124).

- CVE-2016-3689: ims-pcu: sanity check against missing interfaces

(bnc#971628).

-...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.1:

zypper in -t patch openSUSE-2016-629=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE Leap 42.1 (i686 x86_64):

kernel-debug-4.1.21-14.2

kernel-debug-base-4.1.21-14.2

kernel-debug-base-debuginfo-4.1.21-14.2

kernel-debug-debuginfo-4.1.21-14.2

kernel-debug-debugsource-4.1.21-14.2

kernel-debug-devel-4.1.21-14.2

kernel-debug-devel-debuginfo-4.1.21-14.2

kernel-ec2-4.1.21-14.2

kernel-ec2-base-4.1.21-14.2

kernel-ec2-base-debuginfo-4.1.21-14.2

kernel-ec2-debuginfo-4.1.21-14.2

kernel-ec2-debugsource-4.1.21-14.2

kernel-ec2-devel-4.1.21-14.2

kernel-pv-4.1.21-14.2

kernel-pv-base-4.1.21-14.2

kernel-pv-base-debuginfo-4.1.21-14.2

kernel-pv-debuginfo-4.1.21-14.2

kernel-pv-debugsource-4.1.21-14.2

kernel-pv-devel-4.1.21-14.2

kernel-vanilla-4.1.21-14.2

kernel-vanilla-debuginfo-4.1.21-14.2

kernel-vanilla-debugsource-4.1.21-14.2

kernel-vanilla-devel-4.1.21-14.2

kernel-xen-4.1.21-14.2

kernel-xen-base-4.1.21-14.2

kernel-xen-base-debuginfo-4.1.21-14.2

kernel-xen-debuginfo-4.1.21-14.2

kernel-xen-debugsource-4.1.21-14.2

kernel-xen-devel-4.1.21-14.2

- openSUSE Leap 42.1 (i586 x86_64):

kernel-default-4.1.21-14.2

kernel...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2016-2185.html

https://www.suse.com/security/cve/CVE-2016-2186.html

https://www.suse.com/security/cve/CVE-2016-2188.html

https://www.suse.com/security/cve/CVE-2016-2847.html

https://www.suse.com/security/cve/CVE-2016-3136.html

https://www.suse.com/security/cve/CVE-2016-3137.html

https://www.suse.com/security/cve/CVE-2016-3138.html

https://www.suse.com/security/cve/CVE-2016-3140.html

https://www.suse.com/security/cve/CVE-2016-3156.html

https://www.suse.com/security/cve/CVE-2016-3689.html

https://www.suse.com/security/cve/CVE-2016-3951.html

https://bugzilla.suse.com/957988

https://bugzilla.suse.com/970892

https://bugzilla.suse.com/970911

https://bugzilla.suse.com/970948

https://bugzilla.suse.com/970955

https://bugzilla.suse.com/970956

https://bugzilla.suse.com/970958

https://bugzilla.suse.com/970970

https://bugzilla.suse.com/971124

https://bugzilla.suse.com/971360

https://bugzilla.suse.com/971628

https://bugzilla.suse.com/972174

https://bugzilla.suse.com/973378

https://bugz...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2016:1382-1
Rating: important
Affected Products: openSUSE Leap 42.1 le.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.