openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2016:2184-1
Rating:             important
References:         #947337 #950998 #951844 #953048 #954847 #956491 
                    #957990 #962742 #963655 #963762 #965087 #966245 
                    #968667 #970114 #970506 #971770 #972933 #973378 
                    #973499 #974165 #974308 #974620 #975531 #975533 
                    #975772 #975788 #977417 #978401 #978469 #978822 
                    #979213 #979419 #979485 #979489 #979521 #979548 
                    #979681 #979867 #979879 #979922 #980348 #980363 
                    #980371 #981038 #981143 #981344 #982282 #982354 
                    #982544 #982698 #983143 #983213 #983318 #983721 
                    #983904 #983977 #984148 #984456 #984755 #985232 
                    #985978 #986362 #986365 #986569 #986572 #986811 
                    #988215 #988498 #988552 #990058 
Cross-References:   CVE-2014-9904 CVE-2015-7833 CVE-2015-8551
                    CVE-2015-8552 CVE-2015-8845 CVE-2016-0758
                    CVE-2016-1583 CVE-2016-2053 CVE-2016-3672
                    CVE-2016-4470 CVE-2016-4482 CVE-2016-4486
                    CVE-2016-4565 CVE-2016-4569 CVE-2016-4578
                    CVE-2016-4805 CVE-2016-4997 CVE-2016-4998
                    CVE-2016-5244 CVE-2016-5828 CVE-2016-5829
                   
Affected Products:
                    openSUSE 13.1
______________________________________________________________________________

   An update that solves 21 vulnerabilities and has 49 fixes
   is now available.

Description:


   The openSUSE 13.1 kernel was updated to 3.12.62 to receive various
   security and bugfixes.

   The following security bugs were fixed:
   - CVE-2014-9904: The snd_compress_check_input function in
     sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel
     did not properly check for an integer overflow, which allowed local
     users to cause a denial of service (insufficient memory allocation) or
     possibly have unspecified other impact via a crafted
     SNDRV_COMPRESS_SET_PARAMS ioctl call (bnc#986811).
   - CVE-2015-7833: The usbvision driver in the Linux kernel allowed
     physically proximate attackers to cause a denial of service (panic) via
     a nonzero bInterfaceNumber value in a USB device descriptor (bnc#950998).
   - CVE-2015-8551: The PCI backend driver in Xen, when running on an x86
     system and using Linux 3.1.x through 4.3.x as the driver domain, allowed
     local guest administrators to hit BUG conditions and cause a denial of
     service (NULL pointer dereference and host OS crash) by leveraging a
     system with access to a passed-through MSI or MSI-X capable physical PCI
     device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux
     pciback missing sanity checks (bnc#957990).
   - CVE-2015-8552: The PCI backend driver in Xen, when running on an x86
     system and using Linux 3.1.x through 4.3.x as the driver domain, allowed
     local guest administrators to generate a continuous stream of WARN
     messages and cause a denial of service (disk consumption) by leveraging
     a system with access to a passed-through MSI or MSI-X capable physical
     PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback
     missing sanity checks (bnc#957990).
   - CVE-2015-8845: The tm_reclaim_thread function in
     arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms
     did not ensure that TM suspend mode exists before proceeding with a
     tm_reclaim call, which allowed local users to cause a denial of service
     (TM Bad Thing exception and panic) via a crafted application (bnc#975531
     bsc#975533).
   - CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux
     kernel allowed local users to gain privileges via crafted ASN.1 data
     (bnc#979867).
   - CVE-2016-1583: The ecryptfs_privileged_open function in
     fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain
     privileges or cause a denial of service (stack memory consumption) via
     vectors involving crafted mmap calls for /proc pathnames, leading to
     recursive pagefault handling. (bsc#983143)
   - CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in
     the Linux kernel allowed attackers to cause a denial of service (panic)
     via an ASN.1 BER file that lacks a public key, leading to mishandling by
     the public_key_verify_signature function in
     crypto/asymmetric_keys/public_key.c (bnc#963762).
   - CVE-2016-3672: The arch_pick_mmap_layout function in arch/x86/mm/mmap.c
     in the Linux kernel did not properly randomize the legacy base address,
     which made it easier for local users to defeat the intended restrictions
     on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism
     for a setuid or setgid program, by disabling stack-consumption resource
     limits (bnc#974308).
   - CVE-2016-4470: The key_reject_and_link function in security/keys/key.c
     in the Linux kernel did not ensure that a certain data structure is
     initialized, which allowed local users to cause a denial of service
     (system crash) via vectors involving a crafted keyctl request2 command
     (bnc#984755).
   - CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c
     in the Linux kernel did not initialize a certain data structure, which
     allowed local users to obtain sensitive information from kernel stack
     memory via a crafted USBDEVFS_CONNECTINFO ioctl call. (bnc#978401)
   - CVE-2016-4486: The rtnl_fill_link_ifmap function in net/core/rtnetlink.c
     in the Linux kernel did not initialize a certain data structure, which
     allowed local users to obtain sensitive information from kernel stack
     memory by reading a Netlink message (bnc#978822).
   - CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel
     incorrectly relies on the write system call, which allowed local users     to cause a denial of service (kernel memory write operation) or possibly
     have unspecified other impact via a uAPI interface (bnc#979548
     bsc#980363).
   - CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c
     in the Linux kernel did not initialize a certain data structure, which
     allowed local users to obtain sensitive information from kernel stack
     memory via crafted use of the ALSA timer interface. (bsc#979213)
   - CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize
     certain r1 data structures, which allowed local users to obtain
     sensitive information from kernel stack memory via crafted use of the
     ALSA timer interface, related to the (1) snd_timer_user_ccallback and
     (2) snd_timer_user_tinterrupt functions (bnc#979879).
   - CVE-2016-4805: Use-after-free vulnerability in
     drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to
     cause a denial of service (memory corruption and system crash, or
     spinlock) or possibly have unspecified other impact by removing a
     network namespace, related to the ppp_register_net_channel and
     ppp_unregister_channel functions (bnc#980371).
   - CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation
     in the netfilter subsystem in the Linux kernel allowed local users to
     gain privileges or cause a denial of service (memory corruption) by
     leveraging in-container root access to provide a crafted offset value
     that triggers an unintended decrement (bnc#986362).
   - CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the
     netfilter subsystem in the Linux kernel before 4.6 allows local users to
     cause a denial of service (out-of-bounds read) or possibly obtain
     sensitive information from kernel heap memory by leveraging in-container
     root access to provide a crafted offset value that leads to crossing a
     ruleset blob boundary. (bnc#986365).
   - CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the
     Linux kernel did not initialize a certain structure member, which
     allowed remote attackers to obtain sensitive information from kernel
     stack memory by reading an RDS message (bnc#983213).
   - CVE-2016-5828: The start_thread function in
     arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms
     mishandled transactional state, which allowed local users to cause a
     denial of service (invalid process state or TM Bad Thing exception, and
     system crash) or possibly have unspecified other impact by starting and
     suspending a transaction before an exec system call. (bsc#986569)
   - CVE-2016-5829: Multiple heap-based buffer overflows in the
     hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux
     kernel allow local users to cause a denial of service or possibly have
     unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)
     HIDIOCSUSAGES ioctl call (bnc#986572).

   The following non-security bugs were fixed:
   - Add wait_event_cmd() (bsc#953048).
   - alsa: hrtimer: Handle start/stop more properly (bsc#973378).
   - base: make module_create_drivers_dir race-free (bnc#983977).
   - btrfs: be more precise on errors when getting an inode from disk
     (bsc#981038).
   - btrfs: do not use src fd for printk (bsc#980348).
   - btrfs: improve performance on fsync against new inode after
     rename/unlink (bsc#981038).
   - btrfs: qgroup: Fix qgroup accounting when creating snapshot (bsc#972933).
   - btrfs: serialize subvolume mounts with potentially mismatching rw flags
     (bsc#951844).
   - cdc_ncm: workaround for EM7455 "silent" data interface (bnc#988552).
   - ceph: tolerate bad i_size for symlink inode (bsc#985232).
   - drm/mgag200: Add support for a new G200eW3 chipset (bsc#983904).
   - drm/mgag200: Add support for a new rev of G200e (bsc#983904).
   - drm/mgag200: Black screen fix for G200e rev 4 (bsc#983904).
   - drm/mgag200: remove unused variables (bsc#983904).
   - drm: qxl: Workaround for buggy user-space (bsc#981344).
   - EDAC: Correct channel count limit (bsc#979521).
   - EDAC: Remove arbitrary limit on number of channels (bsc#979521).
   - EDAC, sb_edac: Add support for duplicate device IDs (bsc#979521).
   - EDAC/sb_edac: Fix computation of channel address (bsc#979521).
   - EDAC, sb_edac: Fix rank lookup on Broadwell (bsc#979521).
   - EDAC, sb_edac: Fix TAD presence check for sbridge_mci_bind_devs()
     (bsc#979521).
   - EDAC: Use static attribute groups for managing sysfs entries
     (bsc#979521).
   - efifb: Add support for 64-bit frame buffer addresses (bsc#973499).
   - efifb: Fix 16 color palette entry calculation (bsc#983318).
   - efifb: Fix KABI of screen_info struct (bsc#973499).
   - ehci-pci: enable interrupt on BayTrail (bnc#947337).
   - enic: set netdev->vlan_features (bsc#966245).
   - fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
   - hid-elo: kill not flush the work (bnc#982354).
   - iommu/vt-d: Enable QI on all IOMMUs before setting root entry
     (bsc#975772).
   - ipvs: count pre-established TCP states as active (bsc#970114).
   - kabi: prevent spurious modversion changes after bsc#982544 fix
     (bsc#982544).
   - kabi/severities: Added raw3270_* PASS to allow IBM LTC changes.
     (bnc#979922, LTC#141736)
   - ktime: make ktime_divns exported on 32-bit architectures.
   - md: be careful when testing resync_max against curr_resync_completed
     (bsc#953048).
   - md: do_release_stripe(): No need to call md_wakeup_thread() twice
     (bsc#953048).
   - md: make sure MD_RECOVERY_DONE is clear before starting recovery/resync
     (bsc#953048).
   - md/raid56: Do not perform reads to support writes until stripe is ready.
   - md/raid5: add handle_flags arg to break_stripe_batch_list (bsc#953048).
   - md/raid5: allow the stripe_cache to grow and shrink (bsc#953048).
   - md/raid5: always set conf->prev_chunk_sectors and ->prev_algo
     (bsc#953048).
   - md/raid5: avoid races when changing cache size (bsc#953048).
   - md/raid5: avoid reading parity blocks for full-stripe write to degraded
     array (bsc#953048).
   - md/raid5: be more selective about distributing flags across batch
     (bsc#953048).
   - md/raid5: break stripe-batches when the array has failed (bsc#953048).
   - md/raid5: call break_stripe_batch_list from handle_stripe_clean_event
     (bsc#953048).
   - md/raid5: change ->inactive_blocked to a bit-flag (bsc#953048).
   - md/raid5: clear R5_NeedReplace when no longer needed (bsc#953048).
   - md/raid5: close race between STRIPE_BIT_DELAY and batching (bsc#953048).
   - md/raid5: close recently introduced race in stripe_head management.
   - md/raid5: consider updating reshape_position at start of reshape
     (bsc#953048).
   - md/raid5: deadlock between retry_aligned_read with barrier io
     (bsc#953048).
   - md/raid5: do not do chunk aligned read on degraded array (bsc#953048).
   - md/raid5: do not index beyond end of array in need_this_block()
     (bsc#953048).
   - md/raid5: do not let shrink_slab shrink too far (bsc#953048).
   - md/raid5: duplicate some more handle_stripe_clean_event code in
     break_stripe_batch_list (bsc#953048).
   - md/raid5: Ensure a batch member is not handled prematurely (bsc#953048).
   - md/raid5: ensure device failure recorded before write request returns
     (bsc#953048).
   - md/raid5: ensure whole batch is delayed for all required bitmap updates
     (bsc#953048).
   - md/raid5: fix allocation of 'scribble' array (bsc#953048).
   - md/raid5: fix another livelock caused by non-aligned writes (bsc#953048).
   - md/raid5: fix handling of degraded stripes in batches (bsc#953048).
   - md/raid5: fix init_stripe() inconsistencies (bsc#953048).
   - md/raid5: fix locking in handle_stripe_clean_event() (bsc#953048).
   - md/raid5: fix newly-broken locking in get_active_stripe.
   - md/raid5: For stripe with R5_ReadNoMerge, we replace REQ_FLUSH with
     REQ_NOMERGE.
   - md/raid5: handle possible race as reshape completes (bsc#953048).
   - md/raid5: ignore released_stripes check (bsc#953048).
   - md/raid5: more incorrect BUG_ON in handle_stripe_fill (bsc#953048).
   - md/raid5: move max_nr_stripes management into grow_one_stripe and
     drop_one_stripe (bsc#953048).
   - md/raid5: need_this_block: start simplifying the last two conditions
     (bsc#953048).
   - md/raid5: need_this_block: tidy/fix last condition (bsc#953048).
   - md/raid5: new alloc_stripe() to allocate an initialize a stripe
     (bsc#953048).
   - md/raid5: pass gfp_t arg to grow_one_stripe() (bsc#953048).
   - md/raid5: per hash value and exclusive wait_for_stripe (bsc#953048).
   - md/raid5: preserve STRIPE_PREREAD_ACTIVE in break_stripe_batch_list.
   - md/raid5: remove condition test from check_break_stripe_batch_list
     (bsc#953048).
   - md/raid5: remove incorrect "min_t()" when calculating writepos
     (bsc#953048).
   - md/raid5: remove redundant check in stripe_add_to_batch_list()
     (bsc#953048).
   - md/raid5: separate large if clause out of fetch_block() (bsc#953048).
   - md/raid5: separate out the easy conditions in need_this_block
     (bsc#953048).
   - md/raid5: split wait_for_stripe and introduce wait_for_quiescent
     (bsc#953048).
   - md/raid5: strengthen check on reshape_position at run (bsc#953048).
   - md/raid5: switch to use conf->chunk_sectors in place of
     mddev->chunk_sectors where possible (bsc#953048).
   - md/raid5: use bio_list for the list of bios to return (bsc#953048).
   - md/raid5: use ->lock to protect accessing raid5 sysfs attributes
     (bsc#953048).
   - md: remove unwanted white space from md.c (bsc#953048).
   - md: use set_bit/clear_bit instead of shift/mask for bi_flags changes
     (bsc#953048).
   - mm: increase safety margin provided by PF_LESS_THROTTLE (bsc#956491).
   - mm/swap.c: flush lru pvecs on compound page arrival (bnc#983721).
   - net: Account for all vlan headers in skb_mac_gso_segment (bsc#968667).
   - net: disable fragment reassembly if high_thresh is set to zero
     (bsc#970506).
   - netfilter: bridge: do not leak skb in error paths (bsc#982544).
   - netfilter: bridge: forward IPv6 fragmented packets (bsc#982544).
   - netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in
     br_validate_ipv6 (bsc#982544).
   - net: fix wrong mac_len calculation for vlans (bsc#968667).
   - net/qlge: Avoids recursive EEH error (bsc#954847).
   - net: Start with correct mac_len in skb_network_protocol (bsc#968667).
   - nvme: don't poll the CQ from the kthread (bsc#975788, bsc#965087).
   - PCI/AER: Clear error status registers during enumeration and restore
     (bsc#985978).
   - perf/rapl: Fix sysfs_show() initialization for RAPL PMU (bsc#979489).
   - perf/x86/intel: Add Intel RAPL PP1 energy counter support (bsc#979489).
   - ppp: defer netns reference release for ppp channel (bsc#980371).
   - qeth: delete napi struct when removing a qeth device (bnc#988215,
     LTC#143590).
   - raid5: add a new flag to track if a stripe can be batched (bsc#953048).
   - raid5: add an option to avoid copy data from bio to stripe cache
     (bsc#953048).
   - raid5: avoid release list until last reference of the stripe
     (bsc#953048).
   - raid5: batch adjacent full stripe write (bsc#953048).
   - raid5: check faulty flag for array status during recovery (bsc#953048).
   - RAID5: check_reshape() shouldn't call mddev_suspend (bsc#953048).
   - raid5: fix a race of stripe count check.
   - raid5: fix broken async operation chain (bsc#953048).
   - raid5: get_active_stripe avoids device_lock.
   - raid5: handle expansion/resync case with stripe batching (bsc#953048).
   - raid5: handle io error of batch list (bsc#953048).
   - raid5: make_request does less prepare wait.
   - raid5: relieve lock contention in get_active_stripe().
   - raid5: relieve lock contention in get_active_stripe().
   - raid5: Retry R5_ReadNoMerge flag when hit a read error.
   - RAID5: revert e9e4c377e2f563 to fix a livelock (bsc#953048).
   - raid5: speedup sync_request processing (bsc#953048).
   - raid5: track overwrite disk count (bsc#953048).
   - raid5: update analysis state for failed stripe (bsc#953048).
   - raid5: use flex_array for scribble data (bsc#953048).
   - Refresh patches.xen/xen-netback-coalesce: Restore copying of SKBs with
     head exceeding page size (bsc#978469).
   - s390/3270: add missing tty_kref_put (bnc#979922, LTC#141736).
   - s390/3270: avoid endless I/O loop with disconnected 3270 terminals
     (bnc#979922, LTC#141736).
   - s390/3270: fix garbled output on 3270 tty view (bnc#979922, LTC#141736).
   - s390/3270: fix view reference counting (bnc#979922, LTC#141736).
   - s390/3270: handle reconnect of a tty with a different size (bnc#979922,
     LTC#141736).
   - s390/3270: hangup the 3270 tty after a disconnect (bnc#979922,
     LTC#141736).
   - s390: fix test_fp_ctl inline assembly contraints (bnc#988215,
     LTC#143138).
   - s390/mm: fix asce_bits handling with dynamic pagetable levels
     (bnc#979922, LTC#141456).
   - s390/spinlock: avoid yield to non existent cpu (bnc#979922, LTC#141106).
   - sb_edac: correctly fetch DIMM width on Ivy Bridge and Haswell
     (bsc#979521).
   - sb_edac: Fix a typo and a thinko in address handling for Haswell
     (bsc#979521).
   - sb_edac: Fix support for systems with two home agents per socket
     (bsc#979521).
   - sb_edac: look harder for DDRIO on Haswell systems (bsc#979521).
   - sb_edac: support for Broadwell -EP and -EX (bsc#979521).
   - sched/cputime: Fix clock_nanosleep()/clock_gettime() inconsistency
     (bnc#988498).
   - sched/cputime: Fix cpu_timer_sample_group() double accounting
     (bnc#988498).
   - sched: Provide update_curr callbacks for stop/idle scheduling classes
     (bnc#988498).
   - sched/x86: Fix up typo in topology detection (bsc#974165).
   - scsi: Increase REPORT_LUNS timeout (bsc#982282).
   - series.conf: move netfilter section at the end of core networking
   - series.conf: move stray netfilter patches to the right section
   - target/rbd: do not put snap_context twice (bsc#981143).
   - target/rbd: remove caw_mutex usage (bsc#981143).
   - Update
     patches.drivers/0001-nvme-fix-max_segments-integer-truncation.patch
     (bsc#979419). Fix reference.
   - Update
     patches.drivers/nvme-0106-init-nvme-queue-before-enabling-irq.patch
     (bsc#962742). Fix incorrect bugzilla referece.
   - usb: quirk to stop runtime PM for Intel 7260 (bnc#984456).
   - usb: xhci: Add broken streams quirk for Frescologic device id 1009
     (bnc#982698).
   - VSOCK: Fix lockdep issue (bsc#977417).
   - VSOCK: sock_put wasn't safe to call in interrupt context (bsc#977417).
   - wait: introduce wait_event_exclusive_cmd (bsc#953048).
   - x86 EDAC, sb_edac.c: Repair damage introduced when "fixing" channel
     address (bsc#979521).
   - x86 EDAC, sb_edac.c: Take account of channel hashing when needed
     (bsc#979521).
   - x86/efi: parse_efi_setup() build fix (bsc#979485).
   - x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).
   - x86: Removed the free memblock of hibernat keys to avoid memory
     corruption (bsc#990058).
   - x86, sched: Add new topology for multi-NUMA-node CPUs (bsc#974165).
   - x86: standardize mmap_rnd() usage (bnc#974308).
   - xen: fix i586 build after SLE12-SP1 commit 2f4c3ff45d5e.
   - xfs: fix premature enospc on inode allocation (bsc#984148).
   - xfs: get rid of XFS_IALLOC_BLOCKS macros (bsc#984148).
   - xfs: get rid of XFS_INODE_CLUSTER_SIZE macros (bsc#984148).


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 13.1:

      zypper in -t patch openSUSE-2016-1029=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 13.1 (i586 x86_64):

      cloop-2.639-11.32.2
      cloop-debuginfo-2.639-11.32.2
      cloop-debugsource-2.639-11.32.2
      cloop-kmp-default-2.639_k3.12.62_52-11.32.2
      cloop-kmp-default-debuginfo-2.639_k3.12.62_52-11.32.2
      cloop-kmp-desktop-2.639_k3.12.62_52-11.32.2
      cloop-kmp-desktop-debuginfo-2.639_k3.12.62_52-11.32.2
      cloop-kmp-xen-2.639_k3.12.62_52-11.32.2
      cloop-kmp-xen-debuginfo-2.639_k3.12.62_52-11.32.2
      crash-7.0.2-2.32.7
      crash-debuginfo-7.0.2-2.32.7
      crash-debugsource-7.0.2-2.32.7
      crash-devel-7.0.2-2.32.7
      crash-doc-7.0.2-2.32.7
      crash-eppic-7.0.2-2.32.7
      crash-eppic-debuginfo-7.0.2-2.32.7
      crash-gcore-7.0.2-2.32.7
      crash-gcore-debuginfo-7.0.2-2.32.7
      crash-kmp-default-7.0.2_k3.12.62_52-2.32.7
      crash-kmp-default-debuginfo-7.0.2_k3.12.62_52-2.32.7
      crash-kmp-desktop-7.0.2_k3.12.62_52-2.32.7
      crash-kmp-desktop-debuginfo-7.0.2_k3.12.62_52-2.32.7
      crash-kmp-xen-7.0.2_k3.12.62_52-2.32.7
      crash-kmp-xen-debuginfo-7.0.2_k3.12.62_52-2.32.7
      hdjmod-debugsource-1.28-16.32.2
      hdjmod-kmp-default-1.28_k3.12.62_52-16.32.2
      hdjmod-kmp-default-debuginfo-1.28_k3.12.62_52-16.32.2
      hdjmod-kmp-desktop-1.28_k3.12.62_52-16.32.2
      hdjmod-kmp-desktop-debuginfo-1.28_k3.12.62_52-16.32.2
      hdjmod-kmp-xen-1.28_k3.12.62_52-16.32.2
      hdjmod-kmp-xen-debuginfo-1.28_k3.12.62_52-16.32.2
      ipset-6.21.1-2.36.2
      ipset-debuginfo-6.21.1-2.36.2
      ipset-debugsource-6.21.1-2.36.2
      ipset-devel-6.21.1-2.36.2
      ipset-kmp-default-6.21.1_k3.12.62_52-2.36.2
      ipset-kmp-default-debuginfo-6.21.1_k3.12.62_52-2.36.2
      ipset-kmp-desktop-6.21.1_k3.12.62_52-2.36.2
      ipset-kmp-desktop-debuginfo-6.21.1_k3.12.62_52-2.36.2
      ipset-kmp-xen-6.21.1_k3.12.62_52-2.36.2
      ipset-kmp-xen-debuginfo-6.21.1_k3.12.62_52-2.36.2
      iscsitarget-1.4.20.3-13.32.2
      iscsitarget-debuginfo-1.4.20.3-13.32.2
      iscsitarget-debugsource-1.4.20.3-13.32.2
      iscsitarget-kmp-default-1.4.20.3_k3.12.62_52-13.32.2
      iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.12.62_52-13.32.2
      iscsitarget-kmp-desktop-1.4.20.3_k3.12.62_52-13.32.2
      iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.12.62_52-13.32.2
      iscsitarget-kmp-xen-1.4.20.3_k3.12.62_52-13.32.2
      iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.12.62_52-13.32.2
      kernel-default-3.12.62-52.1
      kernel-default-base-3.12.62-52.1
      kernel-default-base-debuginfo-3.12.62-52.1
      kernel-default-debuginfo-3.12.62-52.1
      kernel-default-debugsource-3.12.62-52.1
      kernel-default-devel-3.12.62-52.1
      kernel-syms-3.12.62-52.1
      libipset3-6.21.1-2.36.2
      libipset3-debuginfo-6.21.1-2.36.2
      ndiswrapper-1.58-33.2
      ndiswrapper-debuginfo-1.58-33.2
      ndiswrapper-debugsource-1.58-33.2
      ndiswrapper-kmp-default-1.58_k3.12.62_52-33.2
      ndiswrapper-kmp-default-debuginfo-1.58_k3.12.62_52-33.2
      ndiswrapper-kmp-desktop-1.58_k3.12.62_52-33.2
      ndiswrapper-kmp-desktop-debuginfo-1.58_k3.12.62_52-33.2
      openvswitch-1.11.0-0.39.3
      openvswitch-controller-1.11.0-0.39.3
      openvswitch-controller-debuginfo-1.11.0-0.39.3
      openvswitch-debuginfo-1.11.0-0.39.3
      openvswitch-debugsource-1.11.0-0.39.3
      openvswitch-kmp-default-1.11.0_k3.12.62_52-0.39.3
      openvswitch-kmp-default-debuginfo-1.11.0_k3.12.62_52-0.39.3
      openvswitch-kmp-desktop-1.11.0_k3.12.62_52-0.39.3
      openvswitch-kmp-desktop-debuginfo-1.11.0_k3.12.62_52-0.39.3
      openvswitch-kmp-xen-1.11.0_k3.12.62_52-0.39.3
      openvswitch-kmp-xen-debuginfo-1.11.0_k3.12.62_52-0.39.3
      openvswitch-pki-1.11.0-0.39.3
      openvswitch-switch-1.11.0-0.39.3
      openvswitch-switch-debuginfo-1.11.0-0.39.3
      openvswitch-test-1.11.0-0.39.3
      pcfclock-0.44-258.33.2
      pcfclock-debuginfo-0.44-258.33.2
      pcfclock-debugsource-0.44-258.33.2
      pcfclock-kmp-default-0.44_k3.12.62_52-258.33.2
      pcfclock-kmp-default-debuginfo-0.44_k3.12.62_52-258.33.2
      pcfclock-kmp-desktop-0.44_k3.12.62_52-258.33.2
      pcfclock-kmp-desktop-debuginfo-0.44_k3.12.62_52-258.33.2
      python-openvswitch-1.11.0-0.39.3
      python-openvswitch-test-1.11.0-0.39.3
      python-virtualbox-4.2.36-2.64.4
      python-virtualbox-debuginfo-4.2.36-2.64.4
      vhba-kmp-debugsource-20130607-2.32.2
      vhba-kmp-default-20130607_k3.12.62_52-2.32.2
      vhba-kmp-default-debuginfo-20130607_k3.12.62_52-2.32.2
      vhba-kmp-desktop-20130607_k3.12.62_52-2.32.2
      vhba-kmp-desktop-debuginfo-20130607_k3.12.62_52-2.32.2
      vhba-kmp-xen-20130607_k3.12.62_52-2.32.2
      vhba-kmp-xen-debuginfo-20130607_k3.12.62_52-2.32.2
      virtualbox-4.2.36-2.64.4
      virtualbox-debuginfo-4.2.36-2.64.4
      virtualbox-debugsource-4.2.36-2.64.4
      virtualbox-devel-4.2.36-2.64.4
      virtualbox-guest-kmp-default-4.2.36_k3.12.62_52-2.64.4
      virtualbox-guest-kmp-default-debuginfo-4.2.36_k3.12.62_52-2.64.4
      virtualbox-guest-kmp-desktop-4.2.36_k3.12.62_52-2.64.4
      virtualbox-guest-kmp-desktop-debuginfo-4.2.36_k3.12.62_52-2.64.4
      virtualbox-guest-tools-4.2.36-2.64.4
      virtualbox-guest-tools-debuginfo-4.2.36-2.64.4
      virtualbox-guest-x11-4.2.36-2.64.4
      virtualbox-guest-x11-debuginfo-4.2.36-2.64.4
      virtualbox-host-kmp-default-4.2.36_k3.12.62_52-2.64.4
      virtualbox-host-kmp-default-debuginfo-4.2.36_k3.12.62_52-2.64.4
      virtualbox-host-kmp-desktop-4.2.36_k3.12.62_52-2.64.4
      virtualbox-host-kmp-desktop-debuginfo-4.2.36_k3.12.62_52-2.64.4
      virtualbox-qt-4.2.36-2.64.4
      virtualbox-qt-debuginfo-4.2.36-2.64.4
      virtualbox-websrv-4.2.36-2.64.4
      virtualbox-websrv-debuginfo-4.2.36-2.64.4
      xen-debugsource-4.3.4_10-65.3
      xen-devel-4.3.4_10-65.3
      xen-kmp-default-4.3.4_10_k3.12.62_52-65.3
      xen-kmp-default-debuginfo-4.3.4_10_k3.12.62_52-65.3
      xen-kmp-desktop-4.3.4_10_k3.12.62_52-65.3
      xen-kmp-desktop-debuginfo-4.3.4_10_k3.12.62_52-65.3
      xen-libs-4.3.4_10-65.3
      xen-libs-debuginfo-4.3.4_10-65.3
      xen-tools-domU-4.3.4_10-65.3
      xen-tools-domU-debuginfo-4.3.4_10-65.3
      xtables-addons-2.3-2.31.2
      xtables-addons-debuginfo-2.3-2.31.2
      xtables-addons-debugsource-2.3-2.31.2
      xtables-addons-kmp-default-2.3_k3.12.62_52-2.31.2
      xtables-addons-kmp-default-debuginfo-2.3_k3.12.62_52-2.31.2
      xtables-addons-kmp-desktop-2.3_k3.12.62_52-2.31.2
      xtables-addons-kmp-desktop-debuginfo-2.3_k3.12.62_52-2.31.2
      xtables-addons-kmp-xen-2.3_k3.12.62_52-2.31.2
      xtables-addons-kmp-xen-debuginfo-2.3_k3.12.62_52-2.31.2

   - openSUSE 13.1 (i686 x86_64):

      kernel-debug-3.12.62-52.1
      kernel-debug-base-3.12.62-52.1
      kernel-debug-base-debuginfo-3.12.62-52.1
      kernel-debug-debuginfo-3.12.62-52.1
      kernel-debug-debugsource-3.12.62-52.1
      kernel-debug-devel-3.12.62-52.1
      kernel-debug-devel-debuginfo-3.12.62-52.1
      kernel-desktop-3.12.62-52.1
      kernel-desktop-base-3.12.62-52.1
      kernel-desktop-base-debuginfo-3.12.62-52.1
      kernel-desktop-debuginfo-3.12.62-52.1
      kernel-desktop-debugsource-3.12.62-52.1
      kernel-desktop-devel-3.12.62-52.1
      kernel-ec2-3.12.62-52.1
      kernel-ec2-base-3.12.62-52.1
      kernel-ec2-base-debuginfo-3.12.62-52.1
      kernel-ec2-debuginfo-3.12.62-52.1
      kernel-ec2-debugsource-3.12.62-52.1
      kernel-ec2-devel-3.12.62-52.1
      kernel-trace-3.12.62-52.1
      kernel-trace-base-3.12.62-52.1
      kernel-trace-base-debuginfo-3.12.62-52.1
      kernel-trace-debuginfo-3.12.62-52.1
      kernel-trace-debugsource-3.12.62-52.1
      kernel-trace-devel-3.12.62-52.1
      kernel-vanilla-3.12.62-52.1
      kernel-vanilla-debuginfo-3.12.62-52.1
      kernel-vanilla-debugsource-3.12.62-52.1
      kernel-vanilla-devel-3.12.62-52.1
      kernel-xen-3.12.62-52.1
      kernel-xen-base-3.12.62-52.1
      kernel-xen-base-debuginfo-3.12.62-52.1
      kernel-xen-debuginfo-3.12.62-52.1
      kernel-xen-debugsource-3.12.62-52.1
      kernel-xen-devel-3.12.62-52.1

   - openSUSE 13.1 (noarch):

      kernel-devel-3.12.62-52.1
      kernel-docs-3.12.62-52.2
      kernel-macros-3.12.62-52.1
      kernel-source-3.12.62-52.1
      kernel-source-vanilla-3.12.62-52.1
      virtualbox-host-source-4.2.36-2.64.4

   - openSUSE 13.1 (x86_64):

      xen-4.3.4_10-65.3
      xen-doc-html-4.3.4_10-65.3
      xen-libs-32bit-4.3.4_10-65.3
      xen-libs-debuginfo-32bit-4.3.4_10-65.3
      xen-tools-4.3.4_10-65.3
      xen-tools-debuginfo-4.3.4_10-65.3
      xen-xend-tools-4.3.4_10-65.3
      xen-xend-tools-debuginfo-4.3.4_10-65.3

   - openSUSE 13.1 (i586):

      cloop-kmp-pae-2.639_k3.12.62_52-11.32.2
      cloop-kmp-pae-debuginfo-2.639_k3.12.62_52-11.32.2
      crash-kmp-pae-7.0.2_k3.12.62_52-2.32.7
      crash-kmp-pae-debuginfo-7.0.2_k3.12.62_52-2.32.7
      hdjmod-kmp-pae-1.28_k3.12.62_52-16.32.2
      hdjmod-kmp-pae-debuginfo-1.28_k3.12.62_52-16.32.2
      ipset-kmp-pae-6.21.1_k3.12.62_52-2.36.2
      ipset-kmp-pae-debuginfo-6.21.1_k3.12.62_52-2.36.2
      iscsitarget-kmp-pae-1.4.20.3_k3.12.62_52-13.32.2
      iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.12.62_52-13.32.2
      ndiswrapper-kmp-pae-1.58_k3.12.62_52-33.2
      ndiswrapper-kmp-pae-debuginfo-1.58_k3.12.62_52-33.2
      openvswitch-kmp-pae-1.11.0_k3.12.62_52-0.39.3
      openvswitch-kmp-pae-debuginfo-1.11.0_k3.12.62_52-0.39.3
      pcfclock-kmp-pae-0.44_k3.12.62_52-258.33.2
      pcfclock-kmp-pae-debuginfo-0.44_k3.12.62_52-258.33.2
      vhba-kmp-pae-20130607_k3.12.62_52-2.32.2
      vhba-kmp-pae-debuginfo-20130607_k3.12.62_52-2.32.2
      virtualbox-guest-kmp-pae-4.2.36_k3.12.62_52-2.64.4
      virtualbox-guest-kmp-pae-debuginfo-4.2.36_k3.12.62_52-2.64.4
      virtualbox-host-kmp-pae-4.2.36_k3.12.62_52-2.64.4
      virtualbox-host-kmp-pae-debuginfo-4.2.36_k3.12.62_52-2.64.4
      xen-kmp-pae-4.3.4_10_k3.12.62_52-65.3
      xen-kmp-pae-debuginfo-4.3.4_10_k3.12.62_52-65.3
      xtables-addons-kmp-pae-2.3_k3.12.62_52-2.31.2
      xtables-addons-kmp-pae-debuginfo-2.3_k3.12.62_52-2.31.2

   - openSUSE 13.1 (i686):

      kernel-pae-3.12.62-52.1
      kernel-pae-base-3.12.62-52.1
      kernel-pae-base-debuginfo-3.12.62-52.1
      kernel-pae-debuginfo-3.12.62-52.1
      kernel-pae-debugsource-3.12.62-52.1
      kernel-pae-devel-3.12.62-52.1


References:

   https://www.suse.com/security/cve/CVE-2014-9904.html
   https://www.suse.com/security/cve/CVE-2015-7833.html
   https://www.suse.com/security/cve/CVE-2015-8551.html
   https://www.suse.com/security/cve/CVE-2015-8552.html
   https://www.suse.com/security/cve/CVE-2015-8845.html
   https://www.suse.com/security/cve/CVE-2016-0758.html
   https://www.suse.com/security/cve/CVE-2016-1583.html
   https://www.suse.com/security/cve/CVE-2016-2053.html
   https://www.suse.com/security/cve/CVE-2016-3672.html
   https://www.suse.com/security/cve/CVE-2016-4470.html
   https://www.suse.com/security/cve/CVE-2016-4482.html
   https://www.suse.com/security/cve/CVE-2016-4486.html
   https://www.suse.com/security/cve/CVE-2016-4565.html
   https://www.suse.com/security/cve/CVE-2016-4569.html
   https://www.suse.com/security/cve/CVE-2016-4578.html
   https://www.suse.com/security/cve/CVE-2016-4805.html
   https://www.suse.com/security/cve/CVE-2016-4997.html
   https://www.suse.com/security/cve/CVE-2016-4998.html
   https://www.suse.com/security/cve/CVE-2016-5244.html
   https://www.suse.com/security/cve/CVE-2016-5828.html
   https://www.suse.com/security/cve/CVE-2016-5829.html
   https://bugzilla.suse.com/947337
   https://bugzilla.suse.com/950998
   https://bugzilla.suse.com/951844
   https://bugzilla.suse.com/953048
   https://bugzilla.suse.com/954847
   https://bugzilla.suse.com/956491
   https://bugzilla.suse.com/957990
   https://bugzilla.suse.com/962742
   https://bugzilla.suse.com/963655
   https://bugzilla.suse.com/963762
   https://bugzilla.suse.com/965087
   https://bugzilla.suse.com/966245
   https://bugzilla.suse.com/968667
   https://bugzilla.suse.com/970114
   https://bugzilla.suse.com/970506
   https://bugzilla.suse.com/971770
   https://bugzilla.suse.com/972933
   https://bugzilla.suse.com/973378
   https://bugzilla.suse.com/973499
   https://bugzilla.suse.com/974165
   https://bugzilla.suse.com/974308
   https://bugzilla.suse.com/974620
   https://bugzilla.suse.com/975531
   https://bugzilla.suse.com/975533
   https://bugzilla.suse.com/975772
   https://bugzilla.suse.com/975788
   https://bugzilla.suse.com/977417
   https://bugzilla.suse.com/978401
   https://bugzilla.suse.com/978469
   https://bugzilla.suse.com/978822
   https://bugzilla.suse.com/979213
   https://bugzilla.suse.com/979419
   https://bugzilla.suse.com/979485
   https://bugzilla.suse.com/979489
   https://bugzilla.suse.com/979521
   https://bugzilla.suse.com/979548
   https://bugzilla.suse.com/979681
   https://bugzilla.suse.com/979867
   https://bugzilla.suse.com/979879
   https://bugzilla.suse.com/979922
   https://bugzilla.suse.com/980348
   https://bugzilla.suse.com/980363
   https://bugzilla.suse.com/980371
   https://bugzilla.suse.com/981038
   https://bugzilla.suse.com/981143
   https://bugzilla.suse.com/981344
   https://bugzilla.suse.com/982282
   https://bugzilla.suse.com/982354
   https://bugzilla.suse.com/982544
   https://bugzilla.suse.com/982698
   https://bugzilla.suse.com/983143
   https://bugzilla.suse.com/983213
   https://bugzilla.suse.com/983318
   https://bugzilla.suse.com/983721
   https://bugzilla.suse.com/983904
   https://bugzilla.suse.com/983977
   https://bugzilla.suse.com/984148
   https://bugzilla.suse.com/984456
   https://bugzilla.suse.com/984755
   https://bugzilla.suse.com/985232
   https://bugzilla.suse.com/985978
   https://bugzilla.suse.com/986362
   https://bugzilla.suse.com/986365
   https://bugzilla.suse.com/986569
   https://bugzilla.suse.com/986572
   https://bugzilla.suse.com/986811
   https://bugzilla.suse.com/988215
   https://bugzilla.suse.com/988498
   https://bugzilla.suse.com/988552
   https://bugzilla.suse.com/990058

openSUSE: 2016:2184-1: important: the Linux Kernel

August 29, 2016
An update that solves 21 vulnerabilities and has 49 fixes An update that solves 21 vulnerabilities and has 49 fixes An update that solves 21 vulnerabilities and has 49 fixes is now...

Description

The openSUSE 13.1 kernel was updated to 3.12.62 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2014-9904: The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel did not properly check for an integer overflow, which allowed local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call (bnc#986811). - CVE-2015-7833: The usbvision driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor (bnc#950998). - CVE-2015-8551: The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allowed local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks (bnc#957990). - CVE-2015-8552: The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allowed local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks (bnc#957990). - CVE-2015-8845: The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms did not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allowed local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application (bnc#975531 bsc#975533). - CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bnc#979867). - CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. (bsc#983143) - CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bnc#963762). - CVE-2016-3672: The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel did not properly randomize the legacy base address, which made it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits (bnc#974308). - CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755). - CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call. (bnc#978401) - CVE-2016-4486: The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#978822). - CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bnc#979548 bsc#980363). - CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface. (bsc#979213) - CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize certain r1 data structures, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (bnc#979879). - CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions (bnc#980371). - CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362). - CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary. (bnc#986365). - CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel did not initialize a certain structure member, which allowed remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message (bnc#983213). - CVE-2016-5828: The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms mishandled transactional state, which allowed local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call. (bsc#986569) - CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572). The following non-security bugs were fixed: - Add wait_event_cmd() (bsc#953048). - alsa: hrtimer: Handle start/stop more properly (bsc#973378). - base: make module_create_drivers_dir race-free (bnc#983977). - btrfs: be more precise on errors when getting an inode from disk (bsc#981038). - btrfs: do not use src fd for printk (bsc#980348). - btrfs: improve performance on fsync against new inode after rename/unlink (bsc#981038). - btrfs: qgroup: Fix qgroup accounting when creating snapshot (bsc#972933). - btrfs: serialize subvolume mounts with potentially mismatching rw flags (bsc#951844). - cdc_ncm: workaround for EM7455 "silent" data interface (bnc#988552). - ceph: tolerate bad i_size for symlink inode (bsc#985232). - drm/mgag200: Add support for a new G200eW3 chipset (bsc#983904). - drm/mgag200: Add support for a new rev of G200e (bsc#983904). - drm/mgag200: Black screen fix for G200e rev 4 (bsc#983904). - drm/mgag200: remove unused variables (bsc#983904). - drm: qxl: Workaround for buggy user-space (bsc#981344). - EDAC: Correct channel count limit (bsc#979521). - EDAC: Remove arbitrary limit on number of channels (bsc#979521). - EDAC, sb_edac: Add support for duplicate device IDs (bsc#979521). - EDAC/sb_edac: Fix computation of channel address (bsc#979521). - EDAC, sb_edac: Fix rank lookup on Broadwell (bsc#979521). - EDAC, sb_edac: Fix TAD presence check for sbridge_mci_bind_devs() (bsc#979521). - EDAC: Use static attribute groups for managing sysfs entries (bsc#979521). - efifb: Add support for 64-bit frame buffer addresses (bsc#973499). - efifb: Fix 16 color palette entry calculation (bsc#983318). - efifb: Fix KABI of screen_info struct (bsc#973499). - ehci-pci: enable interrupt on BayTrail (bnc#947337). - enic: set netdev->vlan_features (bsc#966245). - fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681) - hid-elo: kill not flush the work (bnc#982354). - iommu/vt-d: Enable QI on all IOMMUs before setting root entry (bsc#975772). - ipvs: count pre-established TCP states as active (bsc#970114). - kabi: prevent spurious modversion changes after bsc#982544 fix (bsc#982544). - kabi/severities: Added raw3270_* PASS to allow IBM LTC changes. (bnc#979922, LTC#141736) - ktime: make ktime_divns exported on 32-bit architectures. - md: be careful when testing resync_max against curr_resync_completed (bsc#953048). - md: do_release_stripe(): No need to call md_wakeup_thread() twice (bsc#953048). - md: make sure MD_RECOVERY_DONE is clear before starting recovery/resync (bsc#953048). - md/raid56: Do not perform reads to support writes until stripe is ready. - md/raid5: add handle_flags arg to break_stripe_batch_list (bsc#953048). - md/raid5: allow the stripe_cache to grow and shrink (bsc#953048). - md/raid5: always set conf->prev_chunk_sectors and ->prev_algo (bsc#953048). - md/raid5: avoid races when changing cache size (bsc#953048). - md/raid5: avoid reading parity blocks for full-stripe write to degraded array (bsc#953048). - md/raid5: be more selective about distributing flags across batch (bsc#953048). - md/raid5: break stripe-batches when the array has failed (bsc#953048). - md/raid5: call break_stripe_batch_list from handle_stripe_clean_event (bsc#953048). - md/raid5: change ->inactive_blocked to a bit-flag (bsc#953048). - md/raid5: clear R5_NeedReplace when no longer needed (bsc#953048). - md/raid5: close race between STRIPE_BIT_DELAY and batching (bsc#953048). - md/raid5: close recently introduced race in stripe_head management. - md/raid5: consider updating reshape_position at start of reshape (bsc#953048). - md/raid5: deadlock between retry_aligned_read with barrier io (bsc#953048). - md/raid5: do not do chunk aligned read on degraded array (bsc#953048). - md/raid5: do not index beyond end of array in need_this_block() (bsc#953048). - md/raid5: do not let shrink_slab shrink too far (bsc#953048). - md/raid5: duplicate some more handle_stripe_clean_event code in break_stripe_batch_list (bsc#953048). - md/raid5: Ensure a batch member is not handled prematurely (bsc#953048). - md/raid5: ensure device failure recorded before write request returns (bsc#953048). - md/raid5: ensure whole batch is delayed for all required bitmap updates (bsc#953048). - md/raid5: fix allocation of 'scribble' array (bsc#953048). - md/raid5: fix another livelock caused by non-aligned writes (bsc#953048). - md/raid5: fix handling of degraded stripes in batches (bsc#953048). - md/raid5: fix init_stripe() inconsistencies (bsc#953048). - md/raid5: fix locking in handle_stripe_clean_event() (bsc#953048). - md/raid5: fix newly-broken locking in get_active_stripe. - md/raid5: For stripe with R5_ReadNoMerge, we replace REQ_FLUSH with REQ_NOMERGE. - md/raid5: handle possible race as reshape completes (bsc#953048). - md/raid5: ignore released_stripes check (bsc#953048). - md/raid5: more incorrect BUG_ON in handle_stripe_fill (bsc#953048). - md/raid5: move max_nr_stripes management into grow_one_stripe and drop_one_stripe (bsc#953048). - md/raid5: need_this_block: start simplifying the last two conditions (bsc#953048). - md/raid5: need_this_block: tidy/fix last condition (bsc#953048). - md/raid5: new alloc_stripe() to allocate an initialize a stripe (bsc#953048). - md/raid5: pass gfp_t arg to grow_one_stripe() (bsc#953048). - md/raid5: per hash value and exclusive wait_for_stripe (bsc#953048). - md/raid5: preserve STRIPE_PREREAD_ACTIVE in break_stripe_batch_list. - md/raid5: remove condition test from check_break_stripe_batch_list (bsc#953048). - md/raid5: remove incorrect "min_t()" when calculating writepos (bsc#953048). - md/raid5: remove redundant check in stripe_add_to_batch_list() (bsc#953048). - md/raid5: separate large if clause out of fetch_block() (bsc#953048). - md/raid5: separate out the easy conditions in need_this_block (bsc#953048). - md/raid5: split wait_for_stripe and introduce wait_for_quiescent (bsc#953048). - md/raid5: strengthen check on reshape_position at run (bsc#953048). - md/raid5: switch to use conf->chunk_sectors in place of mddev->chunk_sectors where possible (bsc#953048). - md/raid5: use bio_list for the list of bios to return (bsc#953048). - md/raid5: use ->lock to protect accessing raid5 sysfs attributes (bsc#953048). - md: remove unwanted white space from md.c (bsc#953048). - md: use set_bit/clear_bit instead of shift/mask for bi_flags changes (bsc#953048). - mm: increase safety margin provided by PF_LESS_THROTTLE (bsc#956491). - mm/swap.c: flush lru pvecs on compound page arrival (bnc#983721). - net: Account for all vlan headers in skb_mac_gso_segment (bsc#968667). - net: disable fragment reassembly if high_thresh is set to zero (bsc#970506). - netfilter: bridge: do not leak skb in error paths (bsc#982544). - netfilter: bridge: forward IPv6 fragmented packets (bsc#982544). - netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in br_validate_ipv6 (bsc#982544). - net: fix wrong mac_len calculation for vlans (bsc#968667). - net/qlge: Avoids recursive EEH error (bsc#954847). - net: Start with correct mac_len in skb_network_protocol (bsc#968667). - nvme: don't poll the CQ from the kthread (bsc#975788, bsc#965087). - PCI/AER: Clear error status registers during enumeration and restore (bsc#985978). - perf/rapl: Fix sysfs_show() initialization for RAPL PMU (bsc#979489). - perf/x86/intel: Add Intel RAPL PP1 energy counter support (bsc#979489). - ppp: defer netns reference release for ppp channel (bsc#980371). - qeth: delete napi struct when removing a qeth device (bnc#988215, LTC#143590). - raid5: add a new flag to track if a stripe can be batched (bsc#953048). - raid5: add an option to avoid copy data from bio to stripe cache (bsc#953048). - raid5: avoid release list until last reference of the stripe (bsc#953048). - raid5: batch adjacent full stripe write (bsc#953048). - raid5: check faulty flag for array status during recovery (bsc#953048). - RAID5: check_reshape() shouldn't call mddev_suspend (bsc#953048). - raid5: fix a race of stripe count check. - raid5: fix broken async operation chain (bsc#953048). - raid5: get_active_stripe avoids device_lock. - raid5: handle expansion/resync case with stripe batching (bsc#953048). - raid5: handle io error of batch list (bsc#953048). - raid5: make_request does less prepare wait. - raid5: relieve lock contention in get_active_stripe(). - raid5: relieve lock contention in get_active_stripe(). - raid5: Retry R5_ReadNoMerge flag when hit a read error. - RAID5: revert e9e4c377e2f563 to fix a livelock (bsc#953048). - raid5: speedup sync_request processing (bsc#953048). - raid5: track overwrite disk count (bsc#953048). - raid5: update analysis state for failed stripe (bsc#953048). - raid5: use flex_array for scribble data (bsc#953048). - Refresh patches.xen/xen-netback-coalesce: Restore copying of SKBs with head exceeding page size (bsc#978469). - s390/3270: add missing tty_kref_put (bnc#979922, LTC#141736). - s390/3270: avoid endless I/O loop with disconnected 3270 terminals (bnc#979922, LTC#141736). - s390/3270: fix garbled output on 3270 tty view (bnc#979922, LTC#141736). - s390/3270: fix view reference counting (bnc#979922, LTC#141736). - s390/3270: handle reconnect of a tty with a different size (bnc#979922, LTC#141736). - s390/3270: hangup the 3270 tty after a disconnect (bnc#979922, LTC#141736). - s390: fix test_fp_ctl inline assembly contraints (bnc#988215, LTC#143138). - s390/mm: fix asce_bits handling with dynamic pagetable levels (bnc#979922, LTC#141456). - s390/spinlock: avoid yield to non existent cpu (bnc#979922, LTC#141106). - sb_edac: correctly fetch DIMM width on Ivy Bridge and Haswell (bsc#979521). - sb_edac: Fix a typo and a thinko in address handling for Haswell (bsc#979521). - sb_edac: Fix support for systems with two home agents per socket (bsc#979521). - sb_edac: look harder for DDRIO on Haswell systems (bsc#979521). - sb_edac: support for Broadwell -EP and -EX (bsc#979521). - sched/cputime: Fix clock_nanosleep()/clock_gettime() inconsistency (bnc#988498). - sched/cputime: Fix cpu_timer_sample_group() double accounting (bnc#988498). - sched: Provide update_curr callbacks for stop/idle scheduling classes (bnc#988498). - sched/x86: Fix up typo in topology detection (bsc#974165). - scsi: Increase REPORT_LUNS timeout (bsc#982282). - series.conf: move netfilter section at the end of core networking - series.conf: move stray netfilter patches to the right section - target/rbd: do not put snap_context twice (bsc#981143). - target/rbd: remove caw_mutex usage (bsc#981143). - Update patches.drivers/0001-nvme-fix-max_segments-integer-truncation.patch (bsc#979419). Fix reference. - Update patches.drivers/nvme-0106-init-nvme-queue-before-enabling-irq.patch (bsc#962742). Fix incorrect bugzilla referece. - usb: quirk to stop runtime PM for Intel 7260 (bnc#984456). - usb: xhci: Add broken streams quirk for Frescologic device id 1009 (bnc#982698). - VSOCK: Fix lockdep issue (bsc#977417). - VSOCK: sock_put wasn't safe to call in interrupt context (bsc#977417). - wait: introduce wait_event_exclusive_cmd (bsc#953048). - x86 EDAC, sb_edac.c: Repair damage introduced when "fixing" channel address (bsc#979521). - x86 EDAC, sb_edac.c: Take account of channel hashing when needed (bsc#979521). - x86/efi: parse_efi_setup() build fix (bsc#979485). - x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620). - x86: Removed the free memblock of hibernat keys to avoid memory corruption (bsc#990058). - x86, sched: Add new topology for multi-NUMA-node CPUs (bsc#974165). - x86: standardize mmap_rnd() usage (bnc#974308). - xen: fix i586 build after SLE12-SP1 commit 2f4c3ff45d5e. - xfs: fix premature enospc on inode allocation (bsc#984148). - xfs: get rid of XFS_IALLOC_BLOCKS macros (bsc#984148). - xfs: get rid of XFS_INODE_CLUSTER_SIZE macros (bsc#984148).

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch openSUSE-2016-1029=1 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE 13.1 (i586 x86_64): cloop-2.639-11.32.2 cloop-debuginfo-2.639-11.32.2 cloop-debugsource-2.639-11.32.2 cloop-kmp-default-2.639_k3.12.62_52-11.32.2 cloop-kmp-default-debuginfo-2.639_k3.12.62_52-11.32.2 cloop-kmp-desktop-2.639_k3.12.62_52-11.32.2 cloop-kmp-desktop-debuginfo-2.639_k3.12.62_52-11.32.2 cloop-kmp-xen-2.639_k3.12.62_52-11.32.2 cloop-kmp-xen-debuginfo-2.639_k3.12.62_52-11.32.2 crash-7.0.2-2.32.7 crash-debuginfo-7.0.2-2.32.7 crash-debugsource-7.0.2-2.32.7 crash-devel-7.0.2-2.32.7 crash-doc-7.0.2-2.32.7 crash-eppic-7.0.2-2.32.7 crash-eppic-debuginfo-7.0.2-2.32.7 crash-gcore-7.0.2-2.32.7 crash-gcore-debuginfo-7.0.2-2.32.7 crash-kmp-default-7.0.2_k3.12.62_52-2.32.7 crash-kmp-default-debuginfo-7.0.2_k3.12.62_52-2.32.7 crash-kmp-desktop-7.0.2_k3.12.62_52-2.32.7 crash-kmp-desktop-debuginfo-7.0.2_k3.12.62_52-2.32.7 crash-kmp-xen-7.0.2_k3.12.62_52-2.32.7 crash-kmp-xen-debuginfo-7.0.2_k3.12.62_52-2.32.7 hdjmod-debugsource-1.28-16.32.2 hdjmod-kmp-default-1.28_k3.12.62_52-16.32.2 hdjmod-kmp-default-debuginfo-1.28_k3.12.62_52-16.32.2 hdjmod-kmp-desktop-1.28_k3.12.62_52-16.32.2 hdjmod-kmp-desktop-debuginfo-1.28_k3.12.62_52-16.32.2 hdjmod-kmp-xen-1.28_k3.12.62_52-16.32.2 hdjmod-kmp-xen-debuginfo-1.28_k3.12.62_52-16.32.2 ipset-6.21.1-2.36.2 ipset-debuginfo-6.21.1-2.36.2 ipset-debugsource-6.21.1-2.36.2 ipset-devel-6.21.1-2.36.2 ipset-kmp-default-6.21.1_k3.12.62_52-2.36.2 ipset-kmp-default-debuginfo-6.21.1_k3.12.62_52-2.36.2 ipset-kmp-desktop-6.21.1_k3.12.62_52-2.36.2 ipset-kmp-desktop-debuginfo-6.21.1_k3.12.62_52-2.36.2 ipset-kmp-xen-6.21.1_k3.12.62_52-2.36.2 ipset-kmp-xen-debuginfo-6.21.1_k3.12.62_52-2.36.2 iscsitarget-1.4.20.3-13.32.2 iscsitarget-debuginfo-1.4.20.3-13.32.2 iscsitarget-debugsource-1.4.20.3-13.32.2 iscsitarget-kmp-default-1.4.20.3_k3.12.62_52-13.32.2 iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.12.62_52-13.32.2 iscsitarget-kmp-desktop-1.4.20.3_k3.12.62_52-13.32.2 iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.12.62_52-13.32.2 iscsitarget-kmp-xen-1.4.20.3_k3.12.62_52-13.32.2 iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.12.62_52-13.32.2 kernel-default-3.12.62-52.1 kernel-default-base-3.12.62-52.1 kernel-default-base-debuginfo-3.12.62-52.1 kernel-default-debuginfo-3.12.62-52.1 kernel-default-debugsource-3.12.62-52.1 kernel-default-devel-3.12.62-52.1 kernel-syms-3.12.62-52.1 libipset3-6.21.1-2.36.2 libipset3-debuginfo-6.21.1-2.36.2 ndiswrapper-1.58-33.2 ndiswrapper-debuginfo-1.58-33.2 ndiswrapper-debugsource-1.58-33.2 ndiswrapper-kmp-default-1.58_k3.12.62_52-33.2 ndiswrapper-kmp-default-debuginfo-1.58_k3.12.62_52-33.2 ndiswrapper-kmp-desktop-1.58_k3.12.62_52-33.2 ndiswrapper-kmp-desktop-debuginfo-1.58_k3.12.62_52-33.2 openvswitch-1.11.0-0.39.3 openvswitch-controller-1.11.0-0.39.3 openvswitch-controller-debuginfo-1.11.0-0.39.3 openvswitch-debuginfo-1.11.0-0.39.3 openvswitch-debugsource-1.11.0-0.39.3 openvswitch-kmp-default-1.11.0_k3.12.62_52-0.39.3 openvswitch-kmp-default-debuginfo-1.11.0_k3.12.62_52-0.39.3 openvswitch-kmp-desktop-1.11.0_k3.12.62_52-0.39.3 openvswitch-kmp-desktop-debuginfo-1.11.0_k3.12.62_52-0.39.3 openvswitch-kmp-xen-1.11.0_k3.12.62_52-0.39.3 openvswitch-kmp-xen-debuginfo-1.11.0_k3.12.62_52-0.39.3 openvswitch-pki-1.11.0-0.39.3 openvswitch-switch-1.11.0-0.39.3 openvswitch-switch-debuginfo-1.11.0-0.39.3 openvswitch-test-1.11.0-0.39.3 pcfclock-0.44-258.33.2 pcfclock-debuginfo-0.44-258.33.2 pcfclock-debugsource-0.44-258.33.2 pcfclock-kmp-default-0.44_k3.12.62_52-258.33.2 pcfclock-kmp-default-debuginfo-0.44_k3.12.62_52-258.33.2 pcfclock-kmp-desktop-0.44_k3.12.62_52-258.33.2 pcfclock-kmp-desktop-debuginfo-0.44_k3.12.62_52-258.33.2 python-openvswitch-1.11.0-0.39.3 python-openvswitch-test-1.11.0-0.39.3 python-virtualbox-4.2.36-2.64.4 python-virtualbox-debuginfo-4.2.36-2.64.4 vhba-kmp-debugsource-20130607-2.32.2 vhba-kmp-default-20130607_k3.12.62_52-2.32.2 vhba-kmp-default-debuginfo-20130607_k3.12.62_52-2.32.2 vhba-kmp-desktop-20130607_k3.12.62_52-2.32.2 vhba-kmp-desktop-debuginfo-20130607_k3.12.62_52-2.32.2 vhba-kmp-xen-20130607_k3.12.62_52-2.32.2 vhba-kmp-xen-debuginfo-20130607_k3.12.62_52-2.32.2 virtualbox-4.2.36-2.64.4 virtualbox-debuginfo-4.2.36-2.64.4 virtualbox-debugsource-4.2.36-2.64.4 virtualbox-devel-4.2.36-2.64.4 virtualbox-guest-kmp-default-4.2.36_k3.12.62_52-2.64.4 virtualbox-guest-kmp-default-debuginfo-4.2.36_k3.12.62_52-2.64.4 virtualbox-guest-kmp-desktop-4.2.36_k3.12.62_52-2.64.4 virtualbox-guest-kmp-desktop-debuginfo-4.2.36_k3.12.62_52-2.64.4 virtualbox-guest-tools-4.2.36-2.64.4 virtualbox-guest-tools-debuginfo-4.2.36-2.64.4 virtualbox-guest-x11-4.2.36-2.64.4 virtualbox-guest-x11-debuginfo-4.2.36-2.64.4 virtualbox-host-kmp-default-4.2.36_k3.12.62_52-2.64.4 virtualbox-host-kmp-default-debuginfo-4.2.36_k3.12.62_52-2.64.4 virtualbox-host-kmp-desktop-4.2.36_k3.12.62_52-2.64.4 virtualbox-host-kmp-desktop-debuginfo-4.2.36_k3.12.62_52-2.64.4 virtualbox-qt-4.2.36-2.64.4 virtualbox-qt-debuginfo-4.2.36-2.64.4 virtualbox-websrv-4.2.36-2.64.4 virtualbox-websrv-debuginfo-4.2.36-2.64.4 xen-debugsource-4.3.4_10-65.3 xen-devel-4.3.4_10-65.3 xen-kmp-default-4.3.4_10_k3.12.62_52-65.3 xen-kmp-default-debuginfo-4.3.4_10_k3.12.62_52-65.3 xen-kmp-desktop-4.3.4_10_k3.12.62_52-65.3 xen-kmp-desktop-debuginfo-4.3.4_10_k3.12.62_52-65.3 xen-libs-4.3.4_10-65.3 xen-libs-debuginfo-4.3.4_10-65.3 xen-tools-domU-4.3.4_10-65.3 xen-tools-domU-debuginfo-4.3.4_10-65.3 xtables-addons-2.3-2.31.2 xtables-addons-debuginfo-2.3-2.31.2 xtables-addons-debugsource-2.3-2.31.2 xtables-addons-kmp-default-2.3_k3.12.62_52-2.31.2 xtables-addons-kmp-default-debuginfo-2.3_k3.12.62_52-2.31.2 xtables-addons-kmp-desktop-2.3_k3.12.62_52-2.31.2 xtables-addons-kmp-desktop-debuginfo-2.3_k3.12.62_52-2.31.2 xtables-addons-kmp-xen-2.3_k3.12.62_52-2.31.2 xtables-addons-kmp-xen-debuginfo-2.3_k3.12.62_52-2.31.2 - openSUSE 13.1 (i686 x86_64): kernel-debug-3.12.62-52.1 kernel-debug-base-3.12.62-52.1 kernel-debug-base-debuginfo-3.12.62-52.1 kernel-debug-debuginfo-3.12.62-52.1 kernel-debug-debugsource-3.12.62-52.1 kernel-debug-devel-3.12.62-52.1 kernel-debug-devel-debuginfo-3.12.62-52.1 kernel-desktop-3.12.62-52.1 kernel-desktop-base-3.12.62-52.1 kernel-desktop-base-debuginfo-3.12.62-52.1 kernel-desktop-debuginfo-3.12.62-52.1 kernel-desktop-debugsource-3.12.62-52.1 kernel-desktop-devel-3.12.62-52.1 kernel-ec2-3.12.62-52.1 kernel-ec2-base-3.12.62-52.1 kernel-ec2-base-debuginfo-3.12.62-52.1 kernel-ec2-debuginfo-3.12.62-52.1 kernel-ec2-debugsource-3.12.62-52.1 kernel-ec2-devel-3.12.62-52.1 kernel-trace-3.12.62-52.1 kernel-trace-base-3.12.62-52.1 kernel-trace-base-debuginfo-3.12.62-52.1 kernel-trace-debuginfo-3.12.62-52.1 kernel-trace-debugsource-3.12.62-52.1 kernel-trace-devel-3.12.62-52.1 kernel-vanilla-3.12.62-52.1 kernel-vanilla-debuginfo-3.12.62-52.1 kernel-vanilla-debugsource-3.12.62-52.1 kernel-vanilla-devel-3.12.62-52.1 kernel-xen-3.12.62-52.1 kernel-xen-base-3.12.62-52.1 kernel-xen-base-debuginfo-3.12.62-52.1 kernel-xen-debuginfo-3.12.62-52.1 kernel-xen-debugsource-3.12.62-52.1 kernel-xen-devel-3.12.62-52.1 - openSUSE 13.1 (noarch): kernel-devel-3.12.62-52.1 kernel-docs-3.12.62-52.2 kernel-macros-3.12.62-52.1 kernel-source-3.12.62-52.1 kernel-source-vanilla-3.12.62-52.1 virtualbox-host-source-4.2.36-2.64.4 - openSUSE 13.1 (x86_64): xen-4.3.4_10-65.3 xen-doc-html-4.3.4_10-65.3 xen-libs-32bit-4.3.4_10-65.3 xen-libs-debuginfo-32bit-4.3.4_10-65.3 xen-tools-4.3.4_10-65.3 xen-tools-debuginfo-4.3.4_10-65.3 xen-xend-tools-4.3.4_10-65.3 xen-xend-tools-debuginfo-4.3.4_10-65.3 - openSUSE 13.1 (i586): cloop-kmp-pae-2.639_k3.12.62_52-11.32.2 cloop-kmp-pae-debuginfo-2.639_k3.12.62_52-11.32.2 crash-kmp-pae-7.0.2_k3.12.62_52-2.32.7 crash-kmp-pae-debuginfo-7.0.2_k3.12.62_52-2.32.7 hdjmod-kmp-pae-1.28_k3.12.62_52-16.32.2 hdjmod-kmp-pae-debuginfo-1.28_k3.12.62_52-16.32.2 ipset-kmp-pae-6.21.1_k3.12.62_52-2.36.2 ipset-kmp-pae-debuginfo-6.21.1_k3.12.62_52-2.36.2 iscsitarget-kmp-pae-1.4.20.3_k3.12.62_52-13.32.2 iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.12.62_52-13.32.2 ndiswrapper-kmp-pae-1.58_k3.12.62_52-33.2 ndiswrapper-kmp-pae-debuginfo-1.58_k3.12.62_52-33.2 openvswitch-kmp-pae-1.11.0_k3.12.62_52-0.39.3 openvswitch-kmp-pae-debuginfo-1.11.0_k3.12.62_52-0.39.3 pcfclock-kmp-pae-0.44_k3.12.62_52-258.33.2 pcfclock-kmp-pae-debuginfo-0.44_k3.12.62_52-258.33.2 vhba-kmp-pae-20130607_k3.12.62_52-2.32.2 vhba-kmp-pae-debuginfo-20130607_k3.12.62_52-2.32.2 virtualbox-guest-kmp-pae-4.2.36_k3.12.62_52-2.64.4 virtualbox-guest-kmp-pae-debuginfo-4.2.36_k3.12.62_52-2.64.4 virtualbox-host-kmp-pae-4.2.36_k3.12.62_52-2.64.4 virtualbox-host-kmp-pae-debuginfo-4.2.36_k3.12.62_52-2.64.4 xen-kmp-pae-4.3.4_10_k3.12.62_52-65.3 xen-kmp-pae-debuginfo-4.3.4_10_k3.12.62_52-65.3 xtables-addons-kmp-pae-2.3_k3.12.62_52-2.31.2 xtables-addons-kmp-pae-debuginfo-2.3_k3.12.62_52-2.31.2 - openSUSE 13.1 (i686): kernel-pae-3.12.62-52.1 kernel-pae-base-3.12.62-52.1 kernel-pae-base-debuginfo-3.12.62-52.1 kernel-pae-debuginfo-3.12.62-52.1 kernel-pae-debugsource-3.12.62-52.1 kernel-pae-devel-3.12.62-52.1


References

https://www.suse.com/security/cve/CVE-2014-9904.html https://www.suse.com/security/cve/CVE-2015-7833.html https://www.suse.com/security/cve/CVE-2015-8551.html https://www.suse.com/security/cve/CVE-2015-8552.html https://www.suse.com/security/cve/CVE-2015-8845.html https://www.suse.com/security/cve/CVE-2016-0758.html https://www.suse.com/security/cve/CVE-2016-1583.html https://www.suse.com/security/cve/CVE-2016-2053.html https://www.suse.com/security/cve/CVE-2016-3672.html https://www.suse.com/security/cve/CVE-2016-4470.html https://www.suse.com/security/cve/CVE-2016-4482.html https://www.suse.com/security/cve/CVE-2016-4486.html https://www.suse.com/security/cve/CVE-2016-4565.html https://www.suse.com/security/cve/CVE-2016-4569.html https://www.suse.com/security/cve/CVE-2016-4578.html https://www.suse.com/security/cve/CVE-2016-4805.html https://www.suse.com/security/cve/CVE-2016-4997.html https://www.suse.com/security/cve/CVE-2016-4998.html https://www.suse.com/security/cve/CVE-2016-5244.html https://www.suse.com/security/cve/CVE-2016-5828.html https://www.suse.com/security/cve/CVE-2016-5829.html https://bugzilla.suse.com/947337 https://bugzilla.suse.com/950998 https://bugzilla.suse.com/951844 https://bugzilla.suse.com/953048 https://bugzilla.suse.com/954847 https://bugzilla.suse.com/956491 https://bugzilla.suse.com/957990 https://bugzilla.suse.com/962742 https://bugzilla.suse.com/963655 https://bugzilla.suse.com/963762 https://bugzilla.suse.com/965087 https://bugzilla.suse.com/966245 https://bugzilla.suse.com/968667 https://bugzilla.suse.com/970114 https://bugzilla.suse.com/970506 https://bugzilla.suse.com/971770 https://bugzilla.suse.com/972933 https://bugzilla.suse.com/973378 https://bugzilla.suse.com/973499 https://bugzilla.suse.com/974165 https://bugzilla.suse.com/974308 https://bugzilla.suse.com/974620 https://bugzilla.suse.com/975531 https://bugzilla.suse.com/975533 https://bugzilla.suse.com/975772 https://bugzilla.suse.com/975788 https://bugzilla.suse.com/977417 https://bugzilla.suse.com/978401 https://bugzilla.suse.com/978469 https://bugzilla.suse.com/978822 https://bugzilla.suse.com/979213 https://bugzilla.suse.com/979419 https://bugzilla.suse.com/979485 https://bugzilla.suse.com/979489 https://bugzilla.suse.com/979521 https://bugzilla.suse.com/979548 https://bugzilla.suse.com/979681 https://bugzilla.suse.com/979867 https://bugzilla.suse.com/979879 https://bugzilla.suse.com/979922 https://bugzilla.suse.com/980348 https://bugzilla.suse.com/980363 https://bugzilla.suse.com/980371 https://bugzilla.suse.com/981038 https://bugzilla.suse.com/981143 https://bugzilla.suse.com/981344 https://bugzilla.suse.com/982282 https://bugzilla.suse.com/982354 https://bugzilla.suse.com/982544 https://bugzilla.suse.com/982698 https://bugzilla.suse.com/983143 https://bugzilla.suse.com/983213 https://bugzilla.suse.com/983318 https://bugzilla.suse.com/983721 https://bugzilla.suse.com/983904 https://bugzilla.suse.com/983977 https://bugzilla.suse.com/984148 https://bugzilla.suse.com/984456 https://bugzilla.suse.com/984755 https://bugzilla.suse.com/985232 https://bugzilla.suse.com/985978 https://bugzilla.suse.com/986362 https://bugzilla.suse.com/986365 https://bugzilla.suse.com/986569 https://bugzilla.suse.com/986572 https://bugzilla.suse.com/986811 https://bugzilla.suse.com/988215 https://bugzilla.suse.com/988498 https://bugzilla.suse.com/988552 https://bugzilla.suse.com/990058


Severity
Announcement ID: openSUSE-SU-2016:2184-1
Rating: important
Affected Products: openSUSE 13.1

Related News

11.Locks IsometricPattern Esm H320
2 - 3 min read
The Kinsing hacker group, or H2Miner, has been orchestrating illicit cryptocurrency mining campaigns since 2019 and poses a persistent security
32.Lock Code Circular Esm H320
2 - 3 min read
The Kimsuky APT group, reportedly linked to North Korea's Reconnaissance General Bureau (RGB), has been identified deploying a Linux version of its
4.Lock AbstractDigital Esm H320
2 - 3 min read
Recent research sheds light on the security vulnerabilities prevalent in Linux vendor kernels due to flawed engineering processes that backport
28.Lock Globe Esm H320
1 - 2 min read
The intersection of Linux and quantum computing has become increasingly apparent, emphasizing the importance of Linux-based operating systems in
6.EmailConnection Touch Esm H320
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved