openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2017:2739-1
Rating:             important
References:         #1012382 #1022967 #1052593 #1055493 #1055755 
                    #1055896 #1058038 #1058410 #1058507 #1059051 
                    #1059465 #1060197 #1061017 #1061046 #1061064 
                    #1061067 #1061172 #1061831 #1061872 
Cross-References:   CVE-2017-1000252 CVE-2017-12153 CVE-2017-12154
                    CVE-2017-14489
Affected Products:
                    openSUSE Leap 42.2
______________________________________________________________________________

   An update that solves four vulnerabilities and has 15 fixes
   is now available.

Description:



   The openSUSE Leap 42.2 Kernel was updated to 4.4.90 to receive various
   security and bugfixes.


   The following security bugs were fixed:

   - CVE-2017-1000252: The KVM subsystem in the Linux kernel allowed guest OS
     users to cause a denial of service (assertion failure, and hypervisor
     hang or crash) via an out-of bounds guest_irq value, related to
     arch/x86/kvm/vmx.c and virt/kvm/eventfd.c (bnc#1058038).
   - CVE-2017-14489: The iscsi_if_rx function in
     drivers/scsi/scsi_transport_iscsi.c in the Linux kernel allowed local
     users to cause a denial of service (panic) by leveraging incorrect
     length validation (bnc#1059051).
   - CVE-2017-12153: A security flaw was discovered in the
     nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux
     kernel This function did not check whether the required attributes are
     present in a Netlink request. This request can be issued by a user with
     the CAP_NET_ADMIN capability and may result in a NULL pointer
     dereference and system crash (bnc#1058410).
   - CVE-2017-12154: The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the
     Linux kernel did not ensure that the "CR8-load exiting" and "CR8-store
     exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR
     shadow" vmcs12 control, which allowed KVM L2 guest OS users to obtain
     read and write access to the hardware CR8 register (bnc#1058507).

   The following non-security bugs were fixed:

   - arc: Re-enable MMU upon Machine Check exception (bnc#1012382).
   - arm64: fault: Route pte translation faults via do_translation_fault
     (bnc#1012382).
   - arm64: Make sure SPsel is always set (bnc#1012382).
   - arm: pxa: add the number of DMA requestor lines (bnc#1012382).
   - arm: pxa: fix the number of DMA requestor lines (bnc#1012382).
   - bcache: correct cache_dirty_target in __update_writeback_rate()
     (bnc#1012382).
   - bcache: Correct return value for sysfs attach errors (bnc#1012382).
   - bcache: do not subtract sectors_to_gc for bypassed IO (bnc#1012382).
   - bcache: fix bch_hprint crash and improve output (bnc#1012382).
   - bcache: fix for gc and write-back race (bnc#1012382).
   - bcache: Fix leak of bdev reference (bnc#1012382).
   - bcache: initialize dirty stripes in flash_dev_run() (bnc#1012382).
   - blacklist.conf: Add commit b5accbb0dfae
   - blacklist.conf: add one more
   - block: Relax a check in blk_start_queue() (bnc#1012382).
   - bsg-lib: do not free job in bsg_prepare_job (bnc#1012382).
   - btrfs: change how we decide to commit transactions during flushing
     (bsc#1060197).
   - btrfs: fix NULL pointer dereference from free_reloc_roots()
     (bnc#1012382).
   - btrfs: prevent to set invalid default subvolid (bnc#1012382).
   - btrfs: propagate error to btrfs_cmp_data_prepare caller (bnc#1012382).
   - btrfs: qgroup: move noisy underflow warning to debugging build
     (bsc#1055755).
   - cifs: Fix SMB3.1.1 guest authentication to Samba (bnc#1012382).
   - cifs: release auth_key.response for reconnect (bnc#1012382).
   - crypto: AF_ALG - remove SGL terminator indicator when chaining
     (bnc#1012382).
   - crypto: talitos - Do not provide setkey for non hmac hashing algs
     (bnc#1012382).
   - crypto: talitos - fix sha224 (bnc#1012382).
   - cxl: Fix driver use count (bnc#1012382).
   - dmaengine: mmp-pdma: add number of requestors (bnc#1012382).
   - drm: Add driver-private objects to atomic state (bsc#1055493).
   - drm/dp: Introduce MST topology state to track available link bandwidth
     (bsc#1055493).
   - ext4: fix incorrect quotaoff if the quota feature is enabled
     (bnc#1012382).
   - ext4: fix quota inconsistency during orphan cleanup for read-only mounts
     (bnc#1012382).
   - f2fs: check hot_data for roll-forward recovery (bnc#1012382).
   - fix xen_swiotlb_dma_mmap prototype (bnc#1012382).
   - ftrace: Fix memleak when unregistering dynamic ops when tracing disabled
     (bnc#1012382).
   - ftrace: Fix selftest goto location on error (bnc#1012382).
   - genirq: Fix for_each_action_of_desc() macro (bsc#1061064).
   - getcwd: Close race with d_move called by lustre (bsc#1052593).
   - gfs2: Fix debugfs glocks dump (bnc#1012382).
   - gianfar: Fix Tx flow control deactivation (bnc#1012382).
   - hid: usbhid: Add HID_QUIRK_NOGET for Aten CS-1758 KVM switch
     (bnc#1022967).
   - input: i8042 - add Gigabyte P57 to the keyboard reset table
     (bnc#1012382).
   - iommu/vt-d: Avoid calling virt_to_phys() on null pointer (bsc#1061067).
   - ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt()
     (bnc#1012382).
   - ipv6: add rcu grace period before freeing fib6_node (bnc#1012382).
   - ipv6: fix memory leak with multiple tables during netns destruction
     (bnc#1012382).
   - ipv6: fix sparse warning on rt6i_node (bnc#1012382).
   - ipv6: fix typo in fib6_net_exit() (bnc#1012382).
   - kabi/severities: ignore nfs_pgio_data_destroy
   - keys: fix writing past end of user-supplied buffer in keyring_read()
     (bnc#1012382).
   - keys: prevent creating a different user's keyrings (bnc#1012382).
   - keys: prevent KEYCTL_READ on negative key (bnc#1012382).
   - kvm: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready"
     exceptions simultaneously (bsc#1061017).
   - kvm: PPC: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce()
     (bnc#1012382).
   - kvm: SVM: Add a missing 'break' statement (bsc#1061017).
   - kvm: VMX: do not change SN bit in vmx_update_pi_irte() (bsc#1061017).
   - kvm: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
     (bsc#1061017).
   - kvm: VMX: use cmpxchg64 (bnc#1012382).
   - mac80211: flush hw_roc_start work before cancelling the ROC
     (bnc#1012382).
   - md/bitmap: disable bitmap_resize for file-backed bitmaps (bsc#1061172).
   - md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
     (bnc#1012382).
   - md/raid5: release/flush io in raid5_do_work() (bnc#1012382).
   - media: uvcvideo: Prevent heap overflow when accessing mapped controls
     (bnc#1012382).
   - media: v4l2-compat-ioctl32: Fix timespec conversion (bnc#1012382).
   - mips: math-emu: <MAXA|MINA>.<D|S>: Fix cases of both
     infinite inputs (bnc#1012382).
   - mips: math-emu: <MAXA|MINA>.<D|S>: Fix cases of input values
     with opposite signs (bnc#1012382).
   - mips: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix cases of both
     inputs zero (bnc#1012382).
   - mips: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix quiet NaN
     propagation (bnc#1012382).
   - mips: math-emu: <MAX|MIN>.<D|S>: Fix cases of both inputs
     negative (bnc#1012382).
   - mips: math-emu: MINA.<D|S>: Fix some cases of infinity and zero
     inputs (bnc#1012382).
   - mm: prevent double decrease of nr_reserved_highatomic (bnc#1012382).
   - nfsd: Fix general protection fault in release_lock_stateid()
     (bnc#1012382).
   - pci: Allow PCI express root ports to find themselves (bsc#1061046).
   - pci: fix oops when try to find Root Port for a PCI device (bsc#1061046).
   - pci: Fix race condition with driver_override (bnc#1012382).
   - pci: shpchp: Enable bridge bus mastering if MSI is enabled (bnc#1012382).
   - perf/x86: Fix RDPMC vs. mm_struct tracking (bsc#1061831).
   - perf/x86: kABI Workaround for 'perf/x86: Fix RDPMC vs. mm_struct
     tracking' (bsc#1061831).
   - powerpc: Fix DAR reporting when alignment handler faults (bnc#1012382).
   - powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
     (bnc#1012382).
   - qlge: avoid memcpy buffer overflow (bnc#1012382).
   - Revert "net: fix percpu memory leaks" (bnc#1012382).
   - Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()"
     (bnc#1012382).
   - Revert "net: use lib/percpu_counter API for fragmentation mem
     accounting" (bnc#1012382).
   - scsi: ILLEGAL REQUEST + ASC==27 => target failure (bsc#1059465).
   - scsi: megaraid_sas: Check valid aen class range to avoid kernel panic
     (bnc#1012382).
   - scsi: megaraid_sas: Return pended IOCTLs with cmd_status
     MFI_STAT_WRONG_STATE in case adapter is dead (bnc#1012382).
   - scsi: sg: factor out sg_fill_request_table() (bnc#1012382).
   - scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE (bnc#1012382).
   - scsi: sg: off by one in sg_ioctl() (bnc#1012382).
   - scsi: sg: remove 'save_scat_len' (bnc#1012382).
   - scsi: sg: use standard lists for sg_requests (bnc#1012382).
   - scsi: storvsc: fix memory leak on ring buffer busy (bnc#1012382).
   - scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path
     (bnc#1012382).
   - scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace
     records (bnc#1012382).
   - scsi: zfcp: fix missing trace records for early returns in TMF eh
     handlers (bnc#1012382).
   - scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with
     HBA (bnc#1012382).
   - scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records
     (bnc#1012382).
   - scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled
     (bnc#1012382).
   - scsi: zfcp: trace HBA FSF response by default on dismiss or timedout
     late response (bnc#1012382).
   - scsi: zfcp: trace high part of "new" 64 bit SCSI LUN (bnc#1012382).
   - seccomp: fix the usage of get/put_seccomp_filter() in
     seccomp_get_filter() (bnc#1012382).
   - skd: Avoid that module unloading triggers a use-after-free (bnc#1012382).
   - skd: Submit requests to firmware before triggering the doorbell
     (bnc#1012382).
   - smb3: Do not ignore O_SYNC/O_DSYNC and O_DIRECT flags (bnc#1012382).
   - smb: Validate negotiate (to protect against downgrade) even if signing
     off (bnc#1012382).
   - swiotlb-xen: implement xen_swiotlb_dma_mmap callback (bnc#1012382).
   - timer/sysclt: Restrict timer migration sysctl values to 0 and 1
     (bnc#1012382).
   - tracing: Apply trace_clock changes to instance max buffer (bnc#1012382).
   - tracing: Erase irqsoff trace with empty write (bnc#1012382).
   - tracing: Fix trace_pipe behavior for instance traces (bnc#1012382).
   - tty: fix __tty_insert_flip_char regression (bnc#1012382).
   - tty: improve tty_insert_flip_char() fast path (bnc#1012382).
   - tty: improve tty_insert_flip_char() slow path (bnc#1012382).
   - vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
     (bnc#1012382).
   - video: fbdev: aty: do not leak uninitialized padding in clk to userspace
     (bnc#1012382).
   - Workaround for kABI compatibility with DP-MST patches (bsc#1055493).
   - x86/fpu: Do not let userspace set bogus xcomp_bv (bnc#1012382).
   - x86/fsgsbase/64: Report FSBASE and GSBASE correctly in core dumps
     (bnc#1012382).
   - x86/ldt: Fix off by one in get_segment_base() (bsc#1061872).
   - xfs/dmapi: fix incorrect file->f_path.dentry->d_inode usage
     (bsc#1055896).


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE Leap 42.2:

      zypper in -t patch openSUSE-2017-1159=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE Leap 42.2 (x86_64):

      kernel-debug-4.4.90-18.32.1
      kernel-debug-base-4.4.90-18.32.1
      kernel-debug-base-debuginfo-4.4.90-18.32.1
      kernel-debug-debuginfo-4.4.90-18.32.1
      kernel-debug-debugsource-4.4.90-18.32.1
      kernel-debug-devel-4.4.90-18.32.1
      kernel-debug-devel-debuginfo-4.4.90-18.32.1
      kernel-default-4.4.90-18.32.1
      kernel-default-base-4.4.90-18.32.1
      kernel-default-base-debuginfo-4.4.90-18.32.1
      kernel-default-debuginfo-4.4.90-18.32.1
      kernel-default-debugsource-4.4.90-18.32.1
      kernel-default-devel-4.4.90-18.32.1
      kernel-obs-build-4.4.90-18.32.1
      kernel-obs-build-debugsource-4.4.90-18.32.1
      kernel-obs-qa-4.4.90-18.32.1
      kernel-syms-4.4.90-18.32.1
      kernel-vanilla-4.4.90-18.32.1
      kernel-vanilla-base-4.4.90-18.32.1
      kernel-vanilla-base-debuginfo-4.4.90-18.32.1
      kernel-vanilla-debuginfo-4.4.90-18.32.1
      kernel-vanilla-debugsource-4.4.90-18.32.1
      kernel-vanilla-devel-4.4.90-18.32.1

   - openSUSE Leap 42.2 (noarch):

      kernel-devel-4.4.90-18.32.1
      kernel-docs-4.4.90-18.32.2
      kernel-docs-html-4.4.90-18.32.2
      kernel-docs-pdf-4.4.90-18.32.2
      kernel-macros-4.4.90-18.32.1
      kernel-source-4.4.90-18.32.1
      kernel-source-vanilla-4.4.90-18.32.1


References:

   https://www.suse.com/security/cve/CVE-2017-1000252.html
   https://www.suse.com/security/cve/CVE-2017-12153.html
   https://www.suse.com/security/cve/CVE-2017-12154.html
   https://www.suse.com/security/cve/CVE-2017-14489.html
   https://bugzilla.suse.com/1012382
   https://bugzilla.suse.com/1022967
   https://bugzilla.suse.com/1052593
   https://bugzilla.suse.com/1055493
   https://bugzilla.suse.com/1055755
   https://bugzilla.suse.com/1055896
   https://bugzilla.suse.com/1058038
   https://bugzilla.suse.com/1058410
   https://bugzilla.suse.com/1058507
   https://bugzilla.suse.com/1059051
   https://bugzilla.suse.com/1059465
   https://bugzilla.suse.com/1060197
   https://bugzilla.suse.com/1061017
   https://bugzilla.suse.com/1061046
   https://bugzilla.suse.com/1061064
   https://bugzilla.suse.com/1061067
   https://bugzilla.suse.com/1061172
   https://bugzilla.suse.com/1061831
   https://bugzilla.suse.com/1061872

openSUSE: 2017:2739-1: important: the Linux Kernel

October 17, 2017
An update that solves four vulnerabilities and has 15 fixes An update that solves four vulnerabilities and has 15 fixes An update that solves four vulnerabilities and has 15 fixes ...

Description

The openSUSE Leap 42.2 Kernel was updated to 4.4.90 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000252: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c (bnc#1058038). - CVE-2017-14489: The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel allowed local users to cause a denial of service (panic) by leveraging incorrect length validation (bnc#1059051). - CVE-2017-12153: A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel This function did not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash (bnc#1058410). - CVE-2017-12154: The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel did not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allowed KVM L2 guest OS users to obtain read and write access to the hardware CR8 register (bnc#1058507). The following non-security bugs were fixed: - arc: Re-enable MMU upon Machine Check exception (bnc#1012382). - arm64: fault: Route pte translation faults via do_translation_fault (bnc#1012382). - arm64: Make sure SPsel is always set (bnc#1012382). - arm: pxa: add the number of DMA requestor lines (bnc#1012382). - arm: pxa: fix the number of DMA requestor lines (bnc#1012382). - bcache: correct cache_dirty_target in __update_writeback_rate() (bnc#1012382). - bcache: Correct return value for sysfs attach errors (bnc#1012382). - bcache: do not subtract sectors_to_gc for bypassed IO (bnc#1012382). - bcache: fix bch_hprint crash and improve output (bnc#1012382). - bcache: fix for gc and write-back race (bnc#1012382). - bcache: Fix leak of bdev reference (bnc#1012382). - bcache: initialize dirty stripes in flash_dev_run() (bnc#1012382). - blacklist.conf: Add commit b5accbb0dfae - blacklist.conf: add one more - block: Relax a check in blk_start_queue() (bnc#1012382). - bsg-lib: do not free job in bsg_prepare_job (bnc#1012382). - btrfs: change how we decide to commit transactions during flushing (bsc#1060197). - btrfs: fix NULL pointer dereference from free_reloc_roots() (bnc#1012382). - btrfs: prevent to set invalid default subvolid (bnc#1012382). - btrfs: propagate error to btrfs_cmp_data_prepare caller (bnc#1012382). - btrfs: qgroup: move noisy underflow warning to debugging build (bsc#1055755). - cifs: Fix SMB3.1.1 guest authentication to Samba (bnc#1012382). - cifs: release auth_key.response for reconnect (bnc#1012382). - crypto: AF_ALG - remove SGL terminator indicator when chaining (bnc#1012382). - crypto: talitos - Do not provide setkey for non hmac hashing algs (bnc#1012382). - crypto: talitos - fix sha224 (bnc#1012382). - cxl: Fix driver use count (bnc#1012382). - dmaengine: mmp-pdma: add number of requestors (bnc#1012382). - drm: Add driver-private objects to atomic state (bsc#1055493). - drm/dp: Introduce MST topology state to track available link bandwidth (bsc#1055493). - ext4: fix incorrect quotaoff if the quota feature is enabled (bnc#1012382). - ext4: fix quota inconsistency during orphan cleanup for read-only mounts (bnc#1012382). - f2fs: check hot_data for roll-forward recovery (bnc#1012382). - fix xen_swiotlb_dma_mmap prototype (bnc#1012382). - ftrace: Fix memleak when unregistering dynamic ops when tracing disabled (bnc#1012382). - ftrace: Fix selftest goto location on error (bnc#1012382). - genirq: Fix for_each_action_of_desc() macro (bsc#1061064). - getcwd: Close race with d_move called by lustre (bsc#1052593). - gfs2: Fix debugfs glocks dump (bnc#1012382). - gianfar: Fix Tx flow control deactivation (bnc#1012382). - hid: usbhid: Add HID_QUIRK_NOGET for Aten CS-1758 KVM switch (bnc#1022967). - input: i8042 - add Gigabyte P57 to the keyboard reset table (bnc#1012382). - iommu/vt-d: Avoid calling virt_to_phys() on null pointer (bsc#1061067). - ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt() (bnc#1012382). - ipv6: add rcu grace period before freeing fib6_node (bnc#1012382). - ipv6: fix memory leak with multiple tables during netns destruction (bnc#1012382). - ipv6: fix sparse warning on rt6i_node (bnc#1012382). - ipv6: fix typo in fib6_net_exit() (bnc#1012382). - kabi/severities: ignore nfs_pgio_data_destroy - keys: fix writing past end of user-supplied buffer in keyring_read() (bnc#1012382). - keys: prevent creating a different user's keyrings (bnc#1012382). - keys: prevent KEYCTL_READ on negative key (bnc#1012382). - kvm: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready" exceptions simultaneously (bsc#1061017). - kvm: PPC: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce() (bnc#1012382). - kvm: SVM: Add a missing 'break' statement (bsc#1061017). - kvm: VMX: do not change SN bit in vmx_update_pi_irte() (bsc#1061017). - kvm: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt (bsc#1061017). - kvm: VMX: use cmpxchg64 (bnc#1012382). - mac80211: flush hw_roc_start work before cancelling the ROC (bnc#1012382). - md/bitmap: disable bitmap_resize for file-backed bitmaps (bsc#1061172). - md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list (bnc#1012382). - md/raid5: release/flush io in raid5_do_work() (bnc#1012382). - media: uvcvideo: Prevent heap overflow when accessing mapped controls (bnc#1012382). - media: v4l2-compat-ioctl32: Fix timespec conversion (bnc#1012382). - mips: math-emu: <MAXA|MINA>.<D|S>: Fix cases of both infinite inputs (bnc#1012382). - mips: math-emu: <MAXA|MINA>.<D|S>: Fix cases of input values with opposite signs (bnc#1012382). - mips: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix cases of both inputs zero (bnc#1012382). - mips: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix quiet NaN propagation (bnc#1012382). - mips: math-emu: <MAX|MIN>.<D|S>: Fix cases of both inputs negative (bnc#1012382). - mips: math-emu: MINA.<D|S>: Fix some cases of infinity and zero inputs (bnc#1012382). - mm: prevent double decrease of nr_reserved_highatomic (bnc#1012382). - nfsd: Fix general protection fault in release_lock_stateid() (bnc#1012382). - pci: Allow PCI express root ports to find themselves (bsc#1061046). - pci: fix oops when try to find Root Port for a PCI device (bsc#1061046). - pci: Fix race condition with driver_override (bnc#1012382). - pci: shpchp: Enable bridge bus mastering if MSI is enabled (bnc#1012382). - perf/x86: Fix RDPMC vs. mm_struct tracking (bsc#1061831). - perf/x86: kABI Workaround for 'perf/x86: Fix RDPMC vs. mm_struct tracking' (bsc#1061831). - powerpc: Fix DAR reporting when alignment handler faults (bnc#1012382). - powerpc/pseries: Fix parent_dn reference leak in add_dt_node() (bnc#1012382). - qlge: avoid memcpy buffer overflow (bnc#1012382). - Revert "net: fix percpu memory leaks" (bnc#1012382). - Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()" (bnc#1012382). - Revert "net: use lib/percpu_counter API for fragmentation mem accounting" (bnc#1012382). - scsi: ILLEGAL REQUEST + ASC==27 => target failure (bsc#1059465). - scsi: megaraid_sas: Check valid aen class range to avoid kernel panic (bnc#1012382). - scsi: megaraid_sas: Return pended IOCTLs with cmd_status MFI_STAT_WRONG_STATE in case adapter is dead (bnc#1012382). - scsi: sg: factor out sg_fill_request_table() (bnc#1012382). - scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE (bnc#1012382). - scsi: sg: off by one in sg_ioctl() (bnc#1012382). - scsi: sg: remove 'save_scat_len' (bnc#1012382). - scsi: sg: use standard lists for sg_requests (bnc#1012382). - scsi: storvsc: fix memory leak on ring buffer busy (bnc#1012382). - scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path (bnc#1012382). - scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace records (bnc#1012382). - scsi: zfcp: fix missing trace records for early returns in TMF eh handlers (bnc#1012382). - scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with HBA (bnc#1012382). - scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records (bnc#1012382). - scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled (bnc#1012382). - scsi: zfcp: trace HBA FSF response by default on dismiss or timedout late response (bnc#1012382). - scsi: zfcp: trace high part of "new" 64 bit SCSI LUN (bnc#1012382). - seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter() (bnc#1012382). - skd: Avoid that module unloading triggers a use-after-free (bnc#1012382). - skd: Submit requests to firmware before triggering the doorbell (bnc#1012382). - smb3: Do not ignore O_SYNC/O_DSYNC and O_DIRECT flags (bnc#1012382). - smb: Validate negotiate (to protect against downgrade) even if signing off (bnc#1012382). - swiotlb-xen: implement xen_swiotlb_dma_mmap callback (bnc#1012382). - timer/sysclt: Restrict timer migration sysctl values to 0 and 1 (bnc#1012382). - tracing: Apply trace_clock changes to instance max buffer (bnc#1012382). - tracing: Erase irqsoff trace with empty write (bnc#1012382). - tracing: Fix trace_pipe behavior for instance traces (bnc#1012382). - tty: fix __tty_insert_flip_char regression (bnc#1012382). - tty: improve tty_insert_flip_char() fast path (bnc#1012382). - tty: improve tty_insert_flip_char() slow path (bnc#1012382). - vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets (bnc#1012382). - video: fbdev: aty: do not leak uninitialized padding in clk to userspace (bnc#1012382). - Workaround for kABI compatibility with DP-MST patches (bsc#1055493). - x86/fpu: Do not let userspace set bogus xcomp_bv (bnc#1012382). - x86/fsgsbase/64: Report FSBASE and GSBASE correctly in core dumps (bnc#1012382). - x86/ldt: Fix off by one in get_segment_base() (bsc#1061872). - xfs/dmapi: fix incorrect file->f_path.dentry->d_inode usage (bsc#1055896).

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-1159=1 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE Leap 42.2 (x86_64): kernel-debug-4.4.90-18.32.1 kernel-debug-base-4.4.90-18.32.1 kernel-debug-base-debuginfo-4.4.90-18.32.1 kernel-debug-debuginfo-4.4.90-18.32.1 kernel-debug-debugsource-4.4.90-18.32.1 kernel-debug-devel-4.4.90-18.32.1 kernel-debug-devel-debuginfo-4.4.90-18.32.1 kernel-default-4.4.90-18.32.1 kernel-default-base-4.4.90-18.32.1 kernel-default-base-debuginfo-4.4.90-18.32.1 kernel-default-debuginfo-4.4.90-18.32.1 kernel-default-debugsource-4.4.90-18.32.1 kernel-default-devel-4.4.90-18.32.1 kernel-obs-build-4.4.90-18.32.1 kernel-obs-build-debugsource-4.4.90-18.32.1 kernel-obs-qa-4.4.90-18.32.1 kernel-syms-4.4.90-18.32.1 kernel-vanilla-4.4.90-18.32.1 kernel-vanilla-base-4.4.90-18.32.1 kernel-vanilla-base-debuginfo-4.4.90-18.32.1 kernel-vanilla-debuginfo-4.4.90-18.32.1 kernel-vanilla-debugsource-4.4.90-18.32.1 kernel-vanilla-devel-4.4.90-18.32.1 - openSUSE Leap 42.2 (noarch): kernel-devel-4.4.90-18.32.1 kernel-docs-4.4.90-18.32.2 kernel-docs-html-4.4.90-18.32.2 kernel-docs-pdf-4.4.90-18.32.2 kernel-macros-4.4.90-18.32.1 kernel-source-4.4.90-18.32.1 kernel-source-vanilla-4.4.90-18.32.1


References

https://www.suse.com/security/cve/CVE-2017-1000252.html https://www.suse.com/security/cve/CVE-2017-12153.html https://www.suse.com/security/cve/CVE-2017-12154.html https://www.suse.com/security/cve/CVE-2017-14489.html https://bugzilla.suse.com/1012382 https://bugzilla.suse.com/1022967 https://bugzilla.suse.com/1052593 https://bugzilla.suse.com/1055493 https://bugzilla.suse.com/1055755 https://bugzilla.suse.com/1055896 https://bugzilla.suse.com/1058038 https://bugzilla.suse.com/1058410 https://bugzilla.suse.com/1058507 https://bugzilla.suse.com/1059051 https://bugzilla.suse.com/1059465 https://bugzilla.suse.com/1060197 https://bugzilla.suse.com/1061017 https://bugzilla.suse.com/1061046 https://bugzilla.suse.com/1061064 https://bugzilla.suse.com/1061067 https://bugzilla.suse.com/1061172 https://bugzilla.suse.com/1061831 https://bugzilla.suse.com/1061872


Severity
Announcement ID: openSUSE-SU-2017:2739-1
Rating: important
Affected Products: openSUSE Leap 42.2

Related News

Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered
Open Source Strategies for Enhancing Security in Digital Business Operations
5 - 9 min read
Digital transformation, powered by the principles of open-source security , is vital for businesses looking to excel in today's technology-driven
Microsoft Update Mayhem: Rescuing Linux Dual-Boot Systems from Secure Boot Woes
2 - 4 min read
Microsoft's recent patch, intended to strengthen Secure Boot defenses, has resulted in an unexpected setback for Linux-Windows dual-boot setups

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved