openSUSE Leap 42.1: 2016:3058-1 Important Kernel Security Update
opensuse
December 8, 2016
An update that solves 16 vulnerabilities and has 12 fixes An update that solves 16 vulnerabilities and has 12 fixes An update that solves 16 vulnerabilities and has 12 fixes is now...
Description
The openSUSE Leap 42.1 kernel was updated to 4.1.36 to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2016-8655: A race condition in the af_packet packet_set_ring
function could be used by local attackers to crash the kernel or gain
privileges (bsc#1012754).
- CVE-2016-9794: A use-after-free in ALSA pcm could lead to crashes or
allowed local users to potentially gain privileges (bsc#1013533).
- CVE-2015-8962: Double free vulnerability in the sg_common_write function
in drivers/scsi/sg.c in the Linux kernel allowed local users to gain
privileges or cause a denial of service (memory corruption and system
crash) by detaching a device during an SG_IO ioctl call (bnc#1010501).
- CVE-2016-9178: The __get_user_asm_ex macro in
arch/x86/include/asm/uaccess.h in the Linux kernel did not initialize a
certain integer variable, which allowed local users to obtain sensitive
information from...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2016-1428=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE Leap 42.1 (i686 x86_64):
kernel-debug-4.1.36-38.1
kernel-debug-base-4.1.36-38.1
kernel-debug-base-debuginfo-4.1.36-38.1
kernel-debug-debuginfo-4.1.36-38.1
kernel-debug-debugsource-4.1.36-38.1
kernel-debug-devel-4.1.36-38.1
kernel-debug-devel-debuginfo-4.1.36-38.1
kernel-ec2-4.1.36-38.1
kernel-ec2-base-4.1.36-38.1
kernel-ec2-base-debuginfo-4.1.36-38.1
kernel-ec2-debuginfo-4.1.36-38.1
kernel-ec2-debugsource-4.1.36-38.1
kernel-ec2-devel-4.1.36-38.1
kernel-pv-4.1.36-38.1
kernel-pv-base-4.1.36-38.1
kernel-pv-base-debuginfo-4.1.36-38.1
kernel-pv-debuginfo-4.1.36-38.1
kernel-pv-debugsource-4.1.36-38.1
kernel-pv-devel-4.1.36-38.1
kernel-vanilla-4.1.36-38.1
kernel-vanilla-debuginfo-4.1.36-38.1
kernel-vanilla-debugsource-4.1.36-38.1
kernel-vanilla-devel-4.1.36-38.1
kernel-xen-4.1.36-38.1
kernel-xen-base-4.1.36-38.1
kernel-xen-base-debuginfo-4.1.36-38.1
kernel-xen-debuginfo-4.1.36-38.1
kernel-xen-debugsource-4.1.36-38.1
kernel-xen-devel-4.1.36-38.1
- openSUSE Leap 42.1 (i586 x86_64):
hdjmod-debugsource-1.28-28.2
hdjm...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2015-8956.html
https://www.suse.com/security/cve/CVE-2015-8962.html
https://www.suse.com/security/cve/CVE-2015-8963.html
https://www.suse.com/security/cve/CVE-2015-8964.html
https://www.suse.com/security/cve/CVE-2016-7042.html
https://www.suse.com/security/cve/CVE-2016-7097.html
https://www.suse.com/security/cve/CVE-2016-7913.html
https://www.suse.com/security/cve/CVE-2016-8630.html
https://www.suse.com/security/cve/CVE-2016-8633.html
https://www.suse.com/security/cve/CVE-2016-8646.html
https://www.suse.com/security/cve/CVE-2016-8655.html
https://www.suse.com/security/cve/CVE-2016-9083.html
https://www.suse.com/security/cve/CVE-2016-9084.html
https://www.suse.com/security/cve/CVE-2016-9178.html
https://www.suse.com/security/cve/CVE-2016-9555.html
https://www.suse.com/security/cve/CVE-2016-9794.html
https://bugzilla.suse.com/1001171
https://bugzilla.suse.com/1001486
https://bugzilla.suse.com/1003925
https://bugzilla.suse.com/1004517
https://bugzilla.suse.com/1006580
htt...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2016:3058-1
Rating: important
Affected Products:
openSUSE Leap 42.1
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!