Explore top 10 tips to secure your open-source projects now. Read More
×
The openSUSE 13.1 kernel was updated to receive various critical security
fixes.
The following security bugs were fixed:
- CVE-2016-8655: A race condition in the af_packet packet_set_ring
function could be used by local attackers to crash the kernel or gain
privileges (bsc#1012754).
- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the
Linux kernel did not validate the relationship between the minimum
fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer
overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831).
- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in
the Linux kernel lacks chunk-length checking for the first chunk, which
allowed remote attackers to cause a denial of service (out-of-bounds
slab access) or possibly have unspecified other impact via crafted SCTP
data...
Read the Full AdvisoryPatch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1:
zypper in -t patch openSUSE-2016-1436=1
To bring your system up-to-date, use "zypper patch".
- openSUSE 13.1 (i686 x86_64):
kernel-debug-3.12.67-61.1
kernel-debug-base-3.12.67-61.1
kernel-debug-base-debuginfo-3.12.67-61.1
kernel-debug-debuginfo-3.12.67-61.1
kernel-debug-debugsource-3.12.67-61.1
kernel-debug-devel-3.12.67-61.1
kernel-debug-devel-debuginfo-3.12.67-61.1
kernel-desktop-3.12.67-61.1
kernel-desktop-base-3.12.67-61.1
kernel-desktop-base-debuginfo-3.12.67-61.1
kernel-desktop-debuginfo-3.12.67-61.1
kernel-desktop-debugsource-3.12.67-61.1
kernel-desktop-devel-3.12.67-61.1
kernel-ec2-3.12.67-61.1
kernel-ec2-base-3.12.67-61.1
kernel-ec2-base-debuginfo-3.12.67-61.1
kernel-ec2-debuginfo-3.12.67-61.1
kernel-ec2-debugsource-3.12.67-61.1
kernel-ec2-devel-3.12.67-61.1
kernel-trace-3.12.67-61.1
kernel-trace-base-3.12.67-61.1
kernel-trace-base-debuginfo-3.12.67-61.1
kernel-trace-debuginfo-3.12.67-61.1
kernel-trace-debugsource-3.12.67-61.1
kernel-trace-devel-3.12.67-61.1
kernel-vanilla-3.12.67-61.1
kernel-vanilla-debuginfo-3.12.67-61.1
kernel-vanilla-debugsource-3.12.67-61.1
kernel-vanilla-devel-3.12.67-61.1
k...
Read the Full Advisoryhttps://www.suse.com/security/cve/CVE-2016-8632.html
https://www.suse.com/security/cve/CVE-2016-8655.html
https://www.suse.com/security/cve/CVE-2016-9555.html
https://bugzilla.suse.com/1008831
https://bugzilla.suse.com/1011685
https://bugzilla.suse.com/1012754
Get the latest Linux and open source security news straight to your inbox.