Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 438
Alerts This Week
Warning Icon 1 438

openSUSE Leap 42.2: 2016:3050-1 Important: Linux Kernel DoS Issues

opensuse
Calendar Grey December 8, 2016
Dist Opensuse Esm H88
Urgent security patch released for openSUSE Leap 42.2, resolving 12 vulnerabilities within the Linux Kernel.
An update that solves 12 vulnerabilities and has 75 fixes is now available.

Description

The openSUSE Leap 42.2 kernel was updated to 4.4.36 to receive various

security and bugfixes.

The following security bugs were fixed:

- CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an

incomplete set of requirements for setattr operations that

underspecifies removing extended privilege attributes, which allowed

local users to cause a denial of service (capability stripping) via a

failed invocation of a system call, as demonstrated by using chown to

remove a capability from the ping or Wireshark dumpcap program

(bnc#914939).

- CVE-2015-8964: The tty_set_termios_ldisc function in

drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to

obtain sensitive information from kernel memory by reading a tty data

structure (bnc#1010507).

- CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in

the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc)

stack...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.2:

zypper in -t patch openSUSE-2016-1426=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE Leap 42.2 (noarch):

kernel-devel-4.4.36-5.1

kernel-docs-4.4.36-5.3

kernel-docs-html-4.4.36-5.3

kernel-docs-pdf-4.4.36-5.3

kernel-macros-4.4.36-5.1

kernel-source-4.4.36-5.1

kernel-source-vanilla-4.4.36-5.1

- openSUSE Leap 42.2 (x86_64):

kernel-debug-4.4.36-5.1

kernel-debug-base-4.4.36-5.1

kernel-debug-base-debuginfo-4.4.36-5.1

kernel-debug-debuginfo-4.4.36-5.1

kernel-debug-debugsource-4.4.36-5.1

kernel-debug-devel-4.4.36-5.1

kernel-debug-devel-debuginfo-4.4.36-5.1

kernel-default-4.4.36-5.1

kernel-default-base-4.4.36-5.1

kernel-default-base-debuginfo-4.4.36-5.1

kernel-default-debuginfo-4.4.36-5.1

kernel-default-debugsource-4.4.36-5.1

kernel-default-devel-4.4.36-5.1

kernel-obs-build-4.4.36-5.1

kernel-obs-build-debugsource-4.4.36-5.1

kernel-obs-qa-4.4.36-5.1

kernel-syms-4.4.36-5.1

kernel-vanilla-4.4.36-5.1

kernel-vanilla-base-4.4.36-5.1

kernel-vanilla-base-debuginfo-4.4.36-5.1

kernel-vanilla-debuginfo-4.4.36-5.1

kernel-vanilla-debugsource-4.4.36-5.1

kernel-vanilla-devel-4.4.36-5.1

References

https://www.suse.com/security/cve/CVE-2015-1350.html

https://www.suse.com/security/cve/CVE-2015-8964.html

https://www.suse.com/security/cve/CVE-2016-7042.html

https://www.suse.com/security/cve/CVE-2016-7913.html

https://www.suse.com/security/cve/CVE-2016-7917.html

https://www.suse.com/security/cve/CVE-2016-8632.html

https://www.suse.com/security/cve/CVE-2016-8655.html

https://www.suse.com/security/cve/CVE-2016-8666.html

https://www.suse.com/security/cve/CVE-2016-9083.html

https://www.suse.com/security/cve/CVE-2016-9084.html

https://www.suse.com/security/cve/CVE-2016-9555.html

https://www.suse.com/security/cve/CVE-2016-9794.html

https://bugzilla.suse.com/1000118

https://bugzilla.suse.com/1000433

https://bugzilla.suse.com/1001171

https://bugzilla.suse.com/1001310

https://bugzilla.suse.com/1001486

https://bugzilla.suse.com/1001888

https://bugzilla.suse.com/1003813

https://bugzilla.suse.com/1004052

https://bugzilla.suse.com/1004365

https://bugzilla.suse.com/1004517

https://bugzilla.suse.com/1005169

https://bugzi...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2016:3050-1
Rating: important
Affected Products: openSUSE Leap 42.2 le.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.