Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

openSUSE 13.1: 2016:3077-1 Important: Linux Kernel Critical Updates

opensuse
Calendar Grey December 10, 2016
Scroller Opensuse
Vital security update for Fedora Kernel tackling two key vulnerabilities, boosting overall system protection and reliability.
An update that fixes three vulnerabilities is now available

Description

The openSUSE 13.1 kernel was updated to receive various critical security

fixes.

The following security bugs were fixed:

- CVE-2016-8655: A race condition in the af_packet packet_set_ring

function could be used by local attackers to crash the kernel or gain

privileges (bsc#1012754).

- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the

Linux kernel did not validate the relationship between the minimum

fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer

overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831).

- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in

the Linux kernel lacks chunk-length checking for the first chunk, which

allowed remote attackers to cause a denial of service (out-of-bounds

slab access) or possibly have unspecified other impact via crafted SCTP

data...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2016-1436=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 13.1 (i686 x86_64):

kernel-debug-3.12.67-61.1

kernel-debug-base-3.12.67-61.1

kernel-debug-base-debuginfo-3.12.67-61.1

kernel-debug-debuginfo-3.12.67-61.1

kernel-debug-debugsource-3.12.67-61.1

kernel-debug-devel-3.12.67-61.1

kernel-debug-devel-debuginfo-3.12.67-61.1

kernel-desktop-3.12.67-61.1

kernel-desktop-base-3.12.67-61.1

kernel-desktop-base-debuginfo-3.12.67-61.1

kernel-desktop-debuginfo-3.12.67-61.1

kernel-desktop-debugsource-3.12.67-61.1

kernel-desktop-devel-3.12.67-61.1

kernel-ec2-3.12.67-61.1

kernel-ec2-base-3.12.67-61.1

kernel-ec2-base-debuginfo-3.12.67-61.1

kernel-ec2-debuginfo-3.12.67-61.1

kernel-ec2-debugsource-3.12.67-61.1

kernel-ec2-devel-3.12.67-61.1

kernel-trace-3.12.67-61.1

kernel-trace-base-3.12.67-61.1

kernel-trace-base-debuginfo-3.12.67-61.1

kernel-trace-debuginfo-3.12.67-61.1

kernel-trace-debugsource-3.12.67-61.1

kernel-trace-devel-3.12.67-61.1

kernel-vanilla-3.12.67-61.1

kernel-vanilla-debuginfo-3.12.67-61.1

kernel-vanilla-debugsource-3.12.67-61.1

kernel-vanilla-devel-3.12.67-61.1

k...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2016-8632.html

https://www.suse.com/security/cve/CVE-2016-8655.html

https://www.suse.com/security/cve/CVE-2016-9555.html

https://bugzilla.suse.com/1008831

https://bugzilla.suse.com/1011685

https://bugzilla.suse.com/1012754

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2016:3077-1
Rating: important
Affected Products: openSUSE 13.1 .

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.