   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2015:2339-1
Rating:             important
References:         #814440 #879378 #879381 #900610 #904348 #904965 
                    #921081 #926774 #930145 #930770 #930788 #930835 
                    #932805 #935123 #935757 #937256 #937444 #938706 
                    #939826 #939926 #939955 #940017 #940913 #940946 
                    #941202 #942938 #943786 #944296 #944677 #944831 
                    #944837 #944989 #944993 #945691 #945825 #945827 
                    #946078 #946214 #946309 #947957 #948330 #948347 
                    #948521 #949100 #949298 #949502 #949706 #949744 
                    #949936 #949981 #950298 #950750 #950998 #951440 
                    #952084 #952384 #952579 #952976 #953527 #953799 
                    #953980 #954404 #954628 #954950 #954984 #955673 
                    #956709 
Cross-References:   CVE-2015-0272 CVE-2015-5157 CVE-2015-5307
                    CVE-2015-6937 CVE-2015-7509 CVE-2015-7799
                    CVE-2015-7872 CVE-2015-7990 CVE-2015-8104
                    CVE-2015-8215
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11-SP4
                    SUSE Linux Enterprise Server 11-SP4
                    SUSE Linux Enterprise Server 11-EXTRA
                    SUSE Linux Enterprise Desktop 11-SP4
                    SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________

   An update that solves 10 vulnerabilities and has 57 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various
   security and bugfixes.

   Following security bugs were fixed:
   - CVE-2015-7509: Mounting ext4 filesystems in no-journal mode could hav
     lead to a system crash (bsc#956709).
   - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the
     Linux kernel did not ensure that certain slot numbers are valid, which
     allowed local users to cause a denial of service (NULL pointer
     dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call
     (bnc#949936).
   - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS
     users to cause a denial of service (host OS panic or hang) by triggering
     many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).
   - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS
     users to cause a denial of service (host OS panic or hang) by triggering
     many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c
     (bnc#953527).
   - CVE-2015-7990: RDS: There was no verification that an underlying
     transport exists when creating a connection, causing usage of a NULL
     pointer (bsc#952384).
   - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the
     x86_64 platform mishandled IRET faults in processing NMIs that occurred
     during userspace execution, which might have allowed local users to gain
     privileges by triggering an NMI (bnc#938706).
   - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in
     the Linux kernel allowed local users to cause a denial of service (OOPS)
     via crafted keyctl commands (bnc#951440).
   - CVE-2015-0272: Missing checks allowed remote attackers to cause a denial
     of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6
     Router Advertisement (RA) message, a different vulnerability than
     CVE-2015-8215 (bnc#944296).
   - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in
     the Linux kernel allowed local users to cause a denial of service (NULL
     pointer dereference and system crash) or possibly have unspecified other
     impact by using a socket that was not properly bound (bnc#945825).

   The following non-security bugs were fixed:
   - ALSA: hda - Disable 64bit address for Creative HDA controllers     (bnc#814440).
   - Driver: Vmxnet3: Fix ethtool -S to return correct rx queue stats
     (bsc#950750).
   - Drivers: hv: do not do hypercalls when hypercall_page is NULL.
   - Drivers: hv: kvp: move poll_channel() to hyperv_vmbus.h.
   - Drivers: hv: util: move kvp/vss function declarations to hyperv_vmbus.h.
   - Drivers: hv: vmbus: Get rid of some unused definitions.
   - Drivers: hv: vmbus: Implement the protocol for tearing down vmbus state.
   - Drivers: hv: vmbus: add special crash handler (bnc#930770).
   - Drivers: hv: vmbus: add special kexec handler.
   - Drivers: hv: vmbus: kill tasklets on module unload.
   - Drivers: hv: vmbus: prefer "^A" notification chain to 'panic'.
   - Drivers: hv: vmbus: remove hv_synic_free_cpu() call from
     hv_synic_cleanup().
   - Drivers: hv: vmbus: unregister panic notifier on module unload.
   - IB/srp: Avoid skipping srp_reset_host() after a transport error
     (bsc#904965).
   - IB/srp: Fix a sporadic crash triggered by cable pulling (bsc#904965).
   - KEYS: Fix race between key destruction and finding a keyring by name
     (bsc#951440).
   - Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).
   - NFSv4: Fix two infinite loops in the mount code (bsc#954628).
   - PCI: Add VPD function 0 quirk for Intel Ethernet devices (bnc#943786).
   - PCI: Add dev_flags bit to access VPD through function 0 (bnc#943786).
   - PCI: Clear NumVFs when disabling SR-IOV in sriov_init() (bnc#952084).
   - PCI: Refresh First VF Offset and VF Stride when updating NumVFs
     (bnc#952084).
   - PCI: Update NumVFs register when disabling SR-IOV (bnc#952084).
   - PCI: delay configuration of SRIOV capability (bnc#952084).
   - PCI: set pci sriov page size before reading SRIOV BAR (bnc#952084).
   - SCSI: hosts: update to use ida_simple for host_no (bsc#939926)
   - SUNRPC refactor rpcauth_checkverf error returns (bsc#955673).
   - af_iucv: avoid path quiesce of severed path in shutdown() (bnc#946214).
   - ahci: Add Device ID for Intel Sunrise Point PCH (bsc#953799).
   - blktap: also call blkif_disconnect() when frontend switched to closed
     (bsc#952976).
   - blktap: refine mm tracking (bsc#952976).
   - cachefiles: Avoid deadlocks with fs freezing (bsc#935123).
   - dm sysfs: introduce ability to add writable attributes (bsc#904348).
   - dm-snap: avoid deadock on s->lock when a read is split (bsc#939826).
   - dm: do not start current request if it would've merged with the previous
     (bsc#904348).
   - dm: impose configurable deadline for dm_request_fn's merge heuristic
     (bsc#904348).
   - drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt,
     v2 (bsc#942938).
   - drm/i915: Fix DDC probe for passive adapters (bsc#900610, fdo#85924).
   - drm/i915: add hotplug activation period to hotplug update mask
     (bsc#953980).
   - fix lpfc_send_rscn_event allocation size claims bnc#935757
   - fs: Avoid deadlocks of fsync_bdev() and fs freezing (bsc#935123).
   - fs: Fix deadlocks between sync and fs freezing (bsc#935123).
   - hugetlb: simplify migrate_huge_page() (bnc#947957).
   - hwpoison, hugetlb: lock_page/unlock_page does not match for handling a
     free hugepage (bnc#947957,).
   - ipr: Fix incorrect trace indexing (bsc#940913).
   - ipr: Fix invalid array indexing for HRRQ (bsc#940913).
   - ipv6: fix tunnel error handling (bsc#952579).
   - ipvs: Fix reuse connection if real server is dead (bnc#945827).
   - ipvs: drop first packet to dead server (bsc#946078).
   - kernel: correct uc_sigmask of the compat signal frame (bnc#946214).
   - kernel: fix incorrect use of DIAG44 in continue_trylock_relax()
     (bnc#946214).
   - kexec: Fix race between panic() and crash_kexec() called directly
     (bnc#937444).
   - ktime: add ktime_after and ktime_before helpe (bsc#904348).
   - lib/string.c: introduce memchr_inv() (bnc#930788).
   - lpfc: Fix cq_id masking problem (bsc#944677).
   - macvlan: Support bonding events bsc#948521
   - memory-failure: do code refactor of soft_offline_page() (bnc#947957).
   - memory-failure: fix an error of mce_bad_pages statistics (bnc#947957).
   - memory-failure: use num_poisoned_pages instead of mce_bad_pages
     (bnc#947957).
   - memory-hotplug: update mce_bad_pages when removing the memory
     (bnc#947957).
   - mm/memory-failure.c: fix wrong num_poisoned_pages in handling memory
     error on thp (bnc#947957).
   - mm/memory-failure.c: recheck PageHuge() after hugetlb page migrate
     successfully (bnc#947957).
   - mm/migrate.c: pair unlock_page() and lock_page() when migrating huge
     pages (bnc#947957).
   - mm: exclude reserved pages from dirtyable memory 32b fix (bnc#940017,
     bnc#949298).
   - mm: fix GFP_THISNODE callers and clarify (bsc#954950).
   - mm: remove GFP_THISNODE (bsc#954950).
   - mm: sl[au]b: add knowledge of PFMEMALLOC reserve pages (Swap over NFS).
   - net/core: Add VF link state control policy (bsc#950298).
   - netfilter: xt_recent: fix namespace destroy path (bsc#879378).
   - panic/x86: Allow cpus to save registers even if they (bnc#940946).
   - panic/x86: Fix re-entrance problem due to panic on (bnc#937444).
   - pktgen: clean up ktime_t helpers (bsc#904348).
   - qla2xxx: Do not reset adapter if SRB handle is in range (bsc#944993).
   - qla2xxx: Remove decrement of sp reference count in abort handler
     (bsc#944993).
   - qla2xxx: Remove unavailable firmware files (bsc#921081).
   - qla2xxx: do not clear slot in outstanding cmd array (bsc#944993).
   - qlge: Fix qlge_update_hw_vlan_features to handle if interface is down
     (bsc#930835).
   - quota: Fix deadlock with suspend and quotas (bsc#935123).
   - rcu: Eliminate deadlock between CPU hotplug and expedited grace periods
     (bsc#949706).
   - rtc: cmos: Cancel alarm timer if alarm time is equal to now+1 seconds
     (bsc#930145).
   - rtnetlink: Fix VF IFLA policy (bsc#950298).
   - rtnetlink: fix VF info size (bsc#950298).
   - s390/dasd: fix disconnected device with valid path mask (bnc#946214).
   - s390/dasd: fix invalid PAV assignment after suspend/resume (bnc#946214).
   - s390/dasd: fix list_del corruption after lcu changes (bnc#954984).
   - s390/pci: handle events for unused functions (bnc#946214).
   - s390/pci: improve handling of hotplug event 0x301 (bnc#946214).
   - s390/pci: improve state check when processing hotplug events
     (bnc#946214).
   - sched/core: Fix task and run queue sched_info::run_delay inconsistencies
     (bnc#949100).
   - sg: fix read() error reporting (bsc#926774).
   - usb: xhci: apply XHCI_AVOID_BEI quirk to all Intel xHCI controllers     (bnc#944989).
   - usbback: correct copy length for partial transfers (bsc#941202).
   - usbvision fix overflow of interfaces array (bnc#950998).
   - veth: extend device features (bsc#879381).
   - vfs: Provide function to get superblock and wait for it to thaw
     (bsc#935123).
   - vmxnet3: adjust ring sizes when interface is down (bsc#950750).
   - vmxnet3: fix ethtool ring buffer size setting (bsc#950750).
   - writeback: Skip writeback for frozen filesystem (bsc#935123).
   - x86, pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE
     (bnc#937256).
   - x86/evtchn: make use of PHYSDEVOP_map_pirq.
   - x86: mm: drop TLB flush from ptep_set_access_flags (bsc#948330).
   - x86: mm: only do a local tlb flush in ptep_set_access_flags()
     (bsc#948330).
   - xen: x86, pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE
     (bnc#937256).
   - xfs: Fix lost direct IO write in the last block (bsc#949744).
   - xfs: Fix softlockup in xfs_inode_ag_walk() (bsc#948347).
   - xfs: add EOFBLOCKS inode tagging/untagging (bnc#930788).
   - xfs: add XFS_IOC_FREE_EOFBLOCKS ioctl (bnc#930788).
   - xfs: add background scanning to clear eofblocks inodes (bnc#930788).
   - xfs: add inode id filtering to eofblocks scan (bnc#930788).
   - xfs: add minimum file size filtering to eofblocks scan (bnc#930788).
   - xfs: create function to scan and clear EOFBLOCKS inodes (bnc#930788).
   - xfs: create helper to check whether to free eofblocks on inode
     (bnc#930788).
   - xfs: introduce a common helper xfs_icluster_size_fsb (bsc#932805).
   - xfs: make xfs_free_eofblocks() non-static, return EAGAIN on trylock
     failure (bnc#930788).
   - xfs: support a tag-based inode_ag_iterator (bnc#930788).
   - xfs: support multiple inode id filtering in eofblocks scan (bnc#930788).
   - xfs: use xfs_icluster_size_fsb in xfs_bulkstat (bsc#932805).
   - xfs: use xfs_icluster_size_fsb in xfs_ialloc_inode_init (bsc#932805).
   - xfs: use xfs_icluster_size_fsb in xfs_ifree_cluster (bsc#932805).
   - xfs: use xfs_icluster_size_fsb in xfs_imap (bsc#932805).
   - xhci: Add spurious wakeup quirk for LynxPoint-LP controllers     (bnc#949981).
   - xhci: Calculate old endpoints correctly on device reset (bnc#944831).
   - xhci: For streams the css flag most be read from the stream-ctx on ep
     stop (bnc#945691).
   - xhci: change xhci 1.0 only restrictions to support xhci 1.1 (bnc#949502).
   - xhci: fix isoc endpoint dequeue from advancing too far on transaction
     error (bnc#944837).
   - xhci: silence TD warning (bnc#939955).
   - xhci: use uninterruptible sleep for waiting for internal operations
     (bnc#939955).


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11-SP4:

      zypper in -t patch sdksp4-kernel-source-12278=1

   - SUSE Linux Enterprise Server 11-SP4:

      zypper in -t patch slessp4-kernel-source-12278=1

   - SUSE Linux Enterprise Server 11-EXTRA:

      zypper in -t patch slexsp3-kernel-source-12278=1

   - SUSE Linux Enterprise Desktop 11-SP4:

      zypper in -t patch sledsp4-kernel-source-12278=1

   - SUSE Linux Enterprise Debuginfo 11-SP4:

      zypper in -t patch dbgsp4-kernel-source-12278=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch):

      kernel-docs-3.0.101-68.2

   - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      kernel-default-3.0.101-68.1
      kernel-default-base-3.0.101-68.1
      kernel-default-devel-3.0.101-68.1
      kernel-source-3.0.101-68.1
      kernel-syms-3.0.101-68.1
      kernel-trace-3.0.101-68.1
      kernel-trace-base-3.0.101-68.1
      kernel-trace-devel-3.0.101-68.1

   - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64):

      kernel-ec2-3.0.101-68.1
      kernel-ec2-base-3.0.101-68.1
      kernel-ec2-devel-3.0.101-68.1
      kernel-xen-3.0.101-68.1
      kernel-xen-base-3.0.101-68.1
      kernel-xen-devel-3.0.101-68.1

   - SUSE Linux Enterprise Server 11-SP4 (s390x):

      kernel-default-man-3.0.101-68.1

   - SUSE Linux Enterprise Server 11-SP4 (ppc64):

      kernel-ppc64-3.0.101-68.1
      kernel-ppc64-base-3.0.101-68.1
      kernel-ppc64-devel-3.0.101-68.1

   - SUSE Linux Enterprise Server 11-SP4 (i586):

      kernel-pae-3.0.101-68.1
      kernel-pae-base-3.0.101-68.1
      kernel-pae-devel-3.0.101-68.1

   - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64):

      kernel-default-extra-3.0.101-68.1

   - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64):

      kernel-xen-extra-3.0.101-68.1

   - SUSE Linux Enterprise Server 11-EXTRA (x86_64):

      kernel-trace-extra-3.0.101-68.1

   - SUSE Linux Enterprise Server 11-EXTRA (ppc64):

      kernel-ppc64-extra-3.0.101-68.1

   - SUSE Linux Enterprise Server 11-EXTRA (i586):

      kernel-pae-extra-3.0.101-68.1

   - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64):

      kernel-default-3.0.101-68.1
      kernel-default-base-3.0.101-68.1
      kernel-default-devel-3.0.101-68.1
      kernel-default-extra-3.0.101-68.1
      kernel-source-3.0.101-68.1
      kernel-syms-3.0.101-68.1
      kernel-trace-devel-3.0.101-68.1
      kernel-xen-3.0.101-68.1
      kernel-xen-base-3.0.101-68.1
      kernel-xen-devel-3.0.101-68.1
      kernel-xen-extra-3.0.101-68.1

   - SUSE Linux Enterprise Desktop 11-SP4 (i586):

      kernel-pae-3.0.101-68.1
      kernel-pae-base-3.0.101-68.1
      kernel-pae-devel-3.0.101-68.1
      kernel-pae-extra-3.0.101-68.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      kernel-default-debuginfo-3.0.101-68.1
      kernel-default-debugsource-3.0.101-68.1
      kernel-trace-debuginfo-3.0.101-68.1
      kernel-trace-debugsource-3.0.101-68.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64):

      kernel-default-devel-debuginfo-3.0.101-68.1
      kernel-trace-devel-debuginfo-3.0.101-68.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):

      kernel-ec2-debuginfo-3.0.101-68.1
      kernel-ec2-debugsource-3.0.101-68.1
      kernel-xen-debuginfo-3.0.101-68.1
      kernel-xen-debugsource-3.0.101-68.1
      kernel-xen-devel-debuginfo-3.0.101-68.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64):

      kernel-ppc64-debuginfo-3.0.101-68.1
      kernel-ppc64-debugsource-3.0.101-68.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586):

      kernel-pae-debuginfo-3.0.101-68.1
      kernel-pae-debugsource-3.0.101-68.1
      kernel-pae-devel-debuginfo-3.0.101-68.1


References:

   https://www.suse.com/security/cve/CVE-2015-0272.html
   https://www.suse.com/security/cve/CVE-2015-5157.html
   https://www.suse.com/security/cve/CVE-2015-5307.html
   https://www.suse.com/security/cve/CVE-2015-6937.html
   https://www.suse.com/security/cve/CVE-2015-7509.html
   https://www.suse.com/security/cve/CVE-2015-7799.html
   https://www.suse.com/security/cve/CVE-2015-7872.html
   https://www.suse.com/security/cve/CVE-2015-7990.html
   https://www.suse.com/security/cve/CVE-2015-8104.html
   https://www.suse.com/security/cve/CVE-2015-8215.html
   https://bugzilla.suse.com/814440
   https://bugzilla.suse.com/879378
   https://bugzilla.suse.com/879381
   https://bugzilla.suse.com/900610
   https://bugzilla.suse.com/904348
   https://bugzilla.suse.com/904965
   https://bugzilla.suse.com/921081
   https://bugzilla.suse.com/926774
   https://bugzilla.suse.com/930145
   https://bugzilla.suse.com/930770
   https://bugzilla.suse.com/930788
   https://bugzilla.suse.com/930835
   https://bugzilla.suse.com/932805
   https://bugzilla.suse.com/935123
   https://bugzilla.suse.com/935757
   https://bugzilla.suse.com/937256
   https://bugzilla.suse.com/937444
   https://bugzilla.suse.com/938706
   https://bugzilla.suse.com/939826
   https://bugzilla.suse.com/939926
   https://bugzilla.suse.com/939955
   https://bugzilla.suse.com/940017
   https://bugzilla.suse.com/940913
   https://bugzilla.suse.com/940946
   https://bugzilla.suse.com/941202
   https://bugzilla.suse.com/942938
   https://bugzilla.suse.com/943786
   https://bugzilla.suse.com/944296
   https://bugzilla.suse.com/944677
   https://bugzilla.suse.com/944831
   https://bugzilla.suse.com/944837
   https://bugzilla.suse.com/944989
   https://bugzilla.suse.com/944993
   https://bugzilla.suse.com/945691
   https://bugzilla.suse.com/945825
   https://bugzilla.suse.com/945827
   https://bugzilla.suse.com/946078
   https://bugzilla.suse.com/946214
   https://bugzilla.suse.com/946309
   https://bugzilla.suse.com/947957
   https://bugzilla.suse.com/948330
   https://bugzilla.suse.com/948347
   https://bugzilla.suse.com/948521
   https://bugzilla.suse.com/949100
   https://bugzilla.suse.com/949298
   https://bugzilla.suse.com/949502
   https://bugzilla.suse.com/949706
   https://bugzilla.suse.com/949744
   https://bugzilla.suse.com/949936
   https://bugzilla.suse.com/949981
   https://bugzilla.suse.com/950298
   https://bugzilla.suse.com/950750
   https://bugzilla.suse.com/950998
   https://bugzilla.suse.com/951440
   https://bugzilla.suse.com/952084
   https://bugzilla.suse.com/952384
   https://bugzilla.suse.com/952579
   https://bugzilla.suse.com/952976
   https://bugzilla.suse.com/953527
   https://bugzilla.suse.com/953799
   https://bugzilla.suse.com/953980
   https://bugzilla.suse.com/954404
   https://bugzilla.suse.com/954628
   https://bugzilla.suse.com/954950
   https://bugzilla.suse.com/954984
   https://bugzilla.suse.com/955673
   https://bugzilla.suse.com/956709

SuSE: 2015:2339-1: important: the Linux Kernel

December 22, 2015

An update that solves 10 vulnerabilities and has 57 fixes An update that solves 10 vulnerabilities and has 57 fixes An update that solves 10 vulnerabilities and has 57 fixes is now...

Summary

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: - CVE-2015-7509: Mounting ext4 filesystems in no-journal mode could hav lead to a system crash (bsc#956709). - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936). - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404). - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527). - CVE-2015-7990: RDS: There was no verification that an underlying transport exists when creating a connection, causing usage of a NULL pointer (bsc#952384). - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandled IRET faults in processing NMIs that occurred during userspace execution, which might have allowed local users to gain privileges by triggering an NMI (bnc#938706). - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440). - CVE-2015-0272: Missing checks allowed remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215 (bnc#944296). - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825). The following non-security bugs were fixed: - ALSA: hda - Disable 64bit address for Creative HDA controllers (bnc#814440). - Driver: Vmxnet3: Fix ethtool -S to return correct rx queue stats (bsc#950750). - Drivers: hv: do not do hypercalls when hypercall_page is NULL. - Drivers: hv: kvp: move poll_channel() to hyperv_vmbus.h. - Drivers: hv: util: move kvp/vss function declarations to hyperv_vmbus.h. - Drivers: hv: vmbus: Get rid of some unused definitions. - Drivers: hv: vmbus: Implement the protocol for tearing down vmbus state. - Drivers: hv: vmbus: add special crash handler (bnc#930770). - Drivers: hv: vmbus: add special kexec handler. - Drivers: hv: vmbus: kill tasklets on module unload. - Drivers: hv: vmbus: prefer "^A" notification chain to 'panic'. - Drivers: hv: vmbus: remove hv_synic_free_cpu() call from hv_synic_cleanup(). - Drivers: hv: vmbus: unregister panic notifier on module unload. - IB/srp: Avoid skipping srp_reset_host() after a transport error (bsc#904965). - IB/srp: Fix a sporadic crash triggered by cable pulling (bsc#904965). - KEYS: Fix race between key destruction and finding a keyring by name (bsc#951440). - Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309). - NFSv4: Fix two infinite loops in the mount code (bsc#954628). - PCI: Add VPD function 0 quirk for Intel Ethernet devices (bnc#943786). - PCI: Add dev_flags bit to access VPD through function 0 (bnc#943786). - PCI: Clear NumVFs when disabling SR-IOV in sriov_init() (bnc#952084). - PCI: Refresh First VF Offset and VF Stride when updating NumVFs (bnc#952084). - PCI: Update NumVFs register when disabling SR-IOV (bnc#952084). - PCI: delay configuration of SRIOV capability (bnc#952084). - PCI: set pci sriov page size before reading SRIOV BAR (bnc#952084). - SCSI: hosts: update to use ida_simple for host_no (bsc#939926) - SUNRPC refactor rpcauth_checkverf error returns (bsc#955673). - af_iucv: avoid path quiesce of severed path in shutdown() (bnc#946214). - ahci: Add Device ID for Intel Sunrise Point PCH (bsc#953799). - blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976). - blktap: refine mm tracking (bsc#952976). - cachefiles: Avoid deadlocks with fs freezing (bsc#935123). - dm sysfs: introduce ability to add writable attributes (bsc#904348). - dm-snap: avoid deadock on s->lock when a read is split (bsc#939826). - dm: do not start current request if it would've merged with the previous (bsc#904348). - dm: impose configurable deadline for dm_request_fn's merge heuristic (bsc#904348). - drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt, v2 (bsc#942938). - drm/i915: Fix DDC probe for passive adapters (bsc#900610, fdo#85924). - drm/i915: add hotplug activation period to hotplug update mask (bsc#953980). - fix lpfc_send_rscn_event allocation size claims bnc#935757 - fs: Avoid deadlocks of fsync_bdev() and fs freezing (bsc#935123). - fs: Fix deadlocks between sync and fs freezing (bsc#935123). - hugetlb: simplify migrate_huge_page() (bnc#947957). - hwpoison, hugetlb: lock_page/unlock_page does not match for handling a free hugepage (bnc#947957,). - ipr: Fix incorrect trace indexing (bsc#940913). - ipr: Fix invalid array indexing for HRRQ (bsc#940913). - ipv6: fix tunnel error handling (bsc#952579). - ipvs: Fix reuse connection if real server is dead (bnc#945827). - ipvs: drop first packet to dead server (bsc#946078). - kernel: correct uc_sigmask of the compat signal frame (bnc#946214). - kernel: fix incorrect use of DIAG44 in continue_trylock_relax() (bnc#946214). - kexec: Fix race between panic() and crash_kexec() called directly (bnc#937444). - ktime: add ktime_after and ktime_before helpe (bsc#904348). - lib/string.c: introduce memchr_inv() (bnc#930788). - lpfc: Fix cq_id masking problem (bsc#944677). - macvlan: Support bonding events bsc#948521 - memory-failure: do code refactor of soft_offline_page() (bnc#947957). - memory-failure: fix an error of mce_bad_pages statistics (bnc#947957). - memory-failure: use num_poisoned_pages instead of mce_bad_pages (bnc#947957). - memory-hotplug: update mce_bad_pages when removing the memory (bnc#947957). - mm/memory-failure.c: fix wrong num_poisoned_pages in handling memory error on thp (bnc#947957). - mm/memory-failure.c: recheck PageHuge() after hugetlb page migrate successfully (bnc#947957). - mm/migrate.c: pair unlock_page() and lock_page() when migrating huge pages (bnc#947957). - mm: exclude reserved pages from dirtyable memory 32b fix (bnc#940017, bnc#949298). - mm: fix GFP_THISNODE callers and clarify (bsc#954950). - mm: remove GFP_THISNODE (bsc#954950). - mm: sl[au]b: add knowledge of PFMEMALLOC reserve pages (Swap over NFS). - net/core: Add VF link state control policy (bsc#950298). - netfilter: xt_recent: fix namespace destroy path (bsc#879378). - panic/x86: Allow cpus to save registers even if they (bnc#940946). - panic/x86: Fix re-entrance problem due to panic on (bnc#937444). - pktgen: clean up ktime_t helpers (bsc#904348). - qla2xxx: Do not reset adapter if SRB handle is in range (bsc#944993). - qla2xxx: Remove decrement of sp reference count in abort handler (bsc#944993). - qla2xxx: Remove unavailable firmware files (bsc#921081). - qla2xxx: do not clear slot in outstanding cmd array (bsc#944993). - qlge: Fix qlge_update_hw_vlan_features to handle if interface is down (bsc#930835). - quota: Fix deadlock with suspend and quotas (bsc#935123). - rcu: Eliminate deadlock between CPU hotplug and expedited grace periods (bsc#949706). - rtc: cmos: Cancel alarm timer if alarm time is equal to now+1 seconds (bsc#930145). - rtnetlink: Fix VF IFLA policy (bsc#950298). - rtnetlink: fix VF info size (bsc#950298). - s390/dasd: fix disconnected device with valid path mask (bnc#946214). - s390/dasd: fix invalid PAV assignment after suspend/resume (bnc#946214). - s390/dasd: fix list_del corruption after lcu changes (bnc#954984). - s390/pci: handle events for unused functions (bnc#946214). - s390/pci: improve handling of hotplug event 0x301 (bnc#946214). - s390/pci: improve state check when processing hotplug events (bnc#946214). - sched/core: Fix task and run queue sched_info::run_delay inconsistencies (bnc#949100). - sg: fix read() error reporting (bsc#926774). - usb: xhci: apply XHCI_AVOID_BEI quirk to all Intel xHCI controllers (bnc#944989). - usbback: correct copy length for partial transfers (bsc#941202). - usbvision fix overflow of interfaces array (bnc#950998). - veth: extend device features (bsc#879381). - vfs: Provide function to get superblock and wait for it to thaw (bsc#935123). - vmxnet3: adjust ring sizes when interface is down (bsc#950750). - vmxnet3: fix ethtool ring buffer size setting (bsc#950750). - writeback: Skip writeback for frozen filesystem (bsc#935123). - x86, pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE (bnc#937256). - x86/evtchn: make use of PHYSDEVOP_map_pirq. - x86: mm: drop TLB flush from ptep_set_access_flags (bsc#948330). - x86: mm: only do a local tlb flush in ptep_set_access_flags() (bsc#948330). - xen: x86, pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE (bnc#937256). - xfs: Fix lost direct IO write in the last block (bsc#949744). - xfs: Fix softlockup in xfs_inode_ag_walk() (bsc#948347). - xfs: add EOFBLOCKS inode tagging/untagging (bnc#930788). - xfs: add XFS_IOC_FREE_EOFBLOCKS ioctl (bnc#930788). - xfs: add background scanning to clear eofblocks inodes (bnc#930788). - xfs: add inode id filtering to eofblocks scan (bnc#930788). - xfs: add minimum file size filtering to eofblocks scan (bnc#930788). - xfs: create function to scan and clear EOFBLOCKS inodes (bnc#930788). - xfs: create helper to check whether to free eofblocks on inode (bnc#930788). - xfs: introduce a common helper xfs_icluster_size_fsb (bsc#932805). - xfs: make xfs_free_eofblocks() non-static, return EAGAIN on trylock failure (bnc#930788). - xfs: support a tag-based inode_ag_iterator (bnc#930788). - xfs: support multiple inode id filtering in eofblocks scan (bnc#930788). - xfs: use xfs_icluster_size_fsb in xfs_bulkstat (bsc#932805). - xfs: use xfs_icluster_size_fsb in xfs_ialloc_inode_init (bsc#932805). - xfs: use xfs_icluster_size_fsb in xfs_ifree_cluster (bsc#932805). - xfs: use xfs_icluster_size_fsb in xfs_imap (bsc#932805). - xhci: Add spurious wakeup quirk for LynxPoint-LP controllers (bnc#949981). - xhci: Calculate old endpoints correctly on device reset (bnc#944831). - xhci: For streams the css flag most be read from the stream-ctx on ep stop (bnc#945691). - xhci: change xhci 1.0 only restrictions to support xhci 1.1 (bnc#949502). - xhci: fix isoc endpoint dequeue from advancing too far on transaction error (bnc#944837). - xhci: silence TD warning (bnc#939955). - xhci: use uninterruptible sleep for waiting for internal operations (bnc#939955). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-kernel-source-12278=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-kernel-source-12278=1 - SUSE Linux Enterprise Server 11-EXTRA: zypper in -t patch slexsp3-kernel-source-12278=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-kernel-source-12278=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-source-12278=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): kernel-docs-3.0.101-68.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-3.0.101-68.1 kernel-default-base-3.0.101-68.1 kernel-default-devel-3.0.101-68.1 kernel-source-3.0.101-68.1 kernel-syms-3.0.101-68.1 kernel-trace-3.0.101-68.1 kernel-trace-base-3.0.101-68.1 kernel-trace-devel-3.0.101-68.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): kernel-ec2-3.0.101-68.1 kernel-ec2-base-3.0.101-68.1 kernel-ec2-devel-3.0.101-68.1 kernel-xen-3.0.101-68.1 kernel-xen-base-3.0.101-68.1 kernel-xen-devel-3.0.101-68.1 - SUSE Linux Enterprise Server 11-SP4 (s390x): kernel-default-man-3.0.101-68.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64): kernel-ppc64-3.0.101-68.1 kernel-ppc64-base-3.0.101-68.1 kernel-ppc64-devel-3.0.101-68.1 - SUSE Linux Enterprise Server 11-SP4 (i586): kernel-pae-3.0.101-68.1 kernel-pae-base-3.0.101-68.1 kernel-pae-devel-3.0.101-68.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-3.0.101-68.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64): kernel-xen-extra-3.0.101-68.1 - SUSE Linux Enterprise Server 11-EXTRA (x86_64): kernel-trace-extra-3.0.101-68.1 - SUSE Linux Enterprise Server 11-EXTRA (ppc64): kernel-ppc64-extra-3.0.101-68.1 - SUSE Linux Enterprise Server 11-EXTRA (i586): kernel-pae-extra-3.0.101-68.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): kernel-default-3.0.101-68.1 kernel-default-base-3.0.101-68.1 kernel-default-devel-3.0.101-68.1 kernel-default-extra-3.0.101-68.1 kernel-source-3.0.101-68.1 kernel-syms-3.0.101-68.1 kernel-trace-devel-3.0.101-68.1 kernel-xen-3.0.101-68.1 kernel-xen-base-3.0.101-68.1 kernel-xen-devel-3.0.101-68.1 kernel-xen-extra-3.0.101-68.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586): kernel-pae-3.0.101-68.1 kernel-pae-base-3.0.101-68.1 kernel-pae-devel-3.0.101-68.1 kernel-pae-extra-3.0.101-68.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-debuginfo-3.0.101-68.1 kernel-default-debugsource-3.0.101-68.1 kernel-trace-debuginfo-3.0.101-68.1 kernel-trace-debugsource-3.0.101-68.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64): kernel-default-devel-debuginfo-3.0.101-68.1 kernel-trace-devel-debuginfo-3.0.101-68.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-68.1 kernel-ec2-debugsource-3.0.101-68.1 kernel-xen-debuginfo-3.0.101-68.1 kernel-xen-debugsource-3.0.101-68.1 kernel-xen-devel-debuginfo-3.0.101-68.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64): kernel-ppc64-debuginfo-3.0.101-68.1 kernel-ppc64-debugsource-3.0.101-68.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586): kernel-pae-debuginfo-3.0.101-68.1 kernel-pae-debugsource-3.0.101-68.1 kernel-pae-devel-debuginfo-3.0.101-68.1

References

#814440 #879378 #879381 #900610 #904348 #904965

#921081 #926774 #930145 #930770 #930788 #930835

#932805 #935123 #935757 #937256 #937444 #938706

#939826 #939926 #939955 #940017 #940913 #940946

#941202 #942938 #943786 #944296 #944677 #944831

#944837 #944989 #944993 #945691 #945825 #945827

#946078 #946214 #946309 #947957 #948330 #948347

#948521 #949100 #949298 #949502 #949706 #949744

#949936 #949981 #950298 #950750 #950998 #951440

#952084 #952384 #952579 #952976 #953527 #953799

#953980 #954404 #954628 #954950 #954984 #955673

#956709

Cross- CVE-2015-0272 CVE-2015-5157 CVE-2015-5307

CVE-2015-6937 CVE-2015-7509 CVE-2015-7799

CVE-2015-7872 CVE-2015-7990 CVE-2015-8104

CVE-2015-8215

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Server 11-EXTRA

SUSE Linux Enterprise Desktop 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2015-0272.html

https://www.suse.com/security/cve/CVE-2015-5157.html

https://www.suse.com/security/cve/CVE-2015-5307.html

https://www.suse.com/security/cve/CVE-2015-6937.html

https://www.suse.com/security/cve/CVE-2015-7509.html

https://www.suse.com/security/cve/CVE-2015-7799.html

https://www.suse.com/security/cve/CVE-2015-7872.html

https://www.suse.com/security/cve/CVE-2015-7990.html

https://www.suse.com/security/cve/CVE-2015-8104.html

https://www.suse.com/security/cve/CVE-2015-8215.html

https://bugzilla.suse.com/814440

https://bugzilla.suse.com/879378

https://bugzilla.suse.com/879381

https://bugzilla.suse.com/900610

https://bugzilla.suse.com/904348

https://bugzilla.suse.com/904965

https://bugzilla.suse.com/921081

https://bugzilla.suse.com/926774

https://bugzilla.suse.com/930145

https://bugzilla.suse.com/930770

https://bugzilla.suse.com/930788

https://bugzilla.suse.com/930835

https://bugzilla.suse.com/932805

https://bugzilla.suse.com/935123

https://bugzilla.suse.com/935757

https://bugzilla.suse.com/937256

https://bugzilla.suse.com/937444

https://bugzilla.suse.com/938706

https://bugzilla.suse.com/939826

https://bugzilla.suse.com/939926

https://bugzilla.suse.com/939955

https://bugzilla.suse.com/940017

https://bugzilla.suse.com/940913

https://bugzilla.suse.com/940946

https://bugzilla.suse.com/941202

https://bugzilla.suse.com/942938

https://bugzilla.suse.com/943786

https://bugzilla.suse.com/944296

https://bugzilla.suse.com/944677

https://bugzilla.suse.com/944831

https://bugzilla.suse.com/944837

https://bugzilla.suse.com/944989

https://bugzilla.suse.com/944993

https://bugzilla.suse.com/945691

https://bugzilla.suse.com/945825

https://bugzilla.suse.com/945827

https://bugzilla.suse.com/946078

https://bugzilla.suse.com/946214

https://bugzilla.suse.com/946309

https://bugzilla.suse.com/947957

https://bugzilla.suse.com/948330

https://bugzilla.suse.com/948347

https://bugzilla.suse.com/948521

https://bugzilla.suse.com/949100

https://bugzilla.suse.com/949298

https://bugzilla.suse.com/949502

https://bugzilla.suse.com/949706

https://bugzilla.suse.com/949744

https://bugzilla.suse.com/949936

https://bugzilla.suse.com/949981

https://bugzilla.suse.com/950298

https://bugzilla.suse.com/950750

https://bugzilla.suse.com/950998

https://bugzilla.suse.com/951440

https://bugzilla.suse.com/952084

https://bugzilla.suse.com/952384

https://bugzilla.suse.com/952579

https://bugzilla.suse.com/952976

https://bugzilla.suse.com/953527

https://bugzilla.suse.com/953799

https://bugzilla.suse.com/953980

https://bugzilla.suse.com/954404

https://bugzilla.suse.com/954628

https://bugzilla.suse.com/954950

https://bugzilla.suse.com/954984

https://bugzilla.suse.com/955673

https://bugzilla.suse.com/956709

Severity

Announcement ID: SUSE-SU-2015:2339-1

Rating: important

Get the Latest News & Insights

SuSE: 2015:2339-1: important: the Linux Kernel

Summary

References

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By