   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2016:3069-1
Rating:             important
References:         #1000189 #1001419 #1002165 #1004418 #732582 
                    #839104 #843236 #909994 #911687 #915183 #920016 
                    #934760 #951392 #956514 #960689 #963655 #971975 
                    #971989 #974620 #976867 #977687 #979514 #979595 
                    #979681 #980371 #982218 #982783 #983535 #983619 
                    #984102 #984194 #984992 #985206 #986362 #986365 
                    #986445 #987565 #988440 #989152 #989261 #989779 
                    #991608 #991665 #991923 #992566 #993127 #993890 
                    #993891 #994296 #994436 #994618 #994759 #994926 
                    #996329 #996664 #997708 #998399 #999584 #999600 
                    #999932 
Cross-References:   CVE-2013-4312 CVE-2015-7513 CVE-2016-0823
                    CVE-2016-3841 CVE-2016-4997 CVE-2016-4998
                    CVE-2016-5195 CVE-2016-5696 CVE-2016-6480
                    CVE-2016-6828 CVE-2016-7425
Affected Products:
                    SUSE Linux Enterprise Real Time Extension 11-SP4
                    SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________

   An update that solves 11 vulnerabilities and has 49 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various
   security and bugfixes.

   This feature was added:

   - Support for the 2017 Intel Purley platform.

   The following security bugs were fixed:

   - CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed,
     which is reportedly exploited in the wild (bsc#1004418).
   - CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the
     Linux kernel allowed local users to obtain sensitive physical-address
     information by reading a pagemap file, aka Android internal bug 25739721
     (bnc#994759).
   - CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options
     data, which allowed local users to gain privileges or cause a denial of
     service (use-after-free and system crash) via a crafted sendmsg system
     call (bnc#992566).
   - CVE-2016-6828: Use after free in tcp_xmit_retransmit_queue or other tcp_
     functions (bsc#994296)
   - CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly
     determine the rate of challenge ACK segments, which made it easier for
     man-in-the-middle attackers to hijack TCP sessions via a blind in-window
     attack (bnc#989152)
   - CVE-2016-6480: Race condition in the ioctl_send_fib function in
     drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users     to cause a denial of service (out-of-bounds access or system crash) by
     changing a certain size value, aka a "double fetch" vulnerability
     (bnc#991608)
   - CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE
     setsockopt implementations in the netfilter subsystem in the Linux
     kernel allowed local users to gain privileges or cause a denial of
     service (memory corruption) by leveraging in-container root access to
     provide a crafted offset value that triggers an unintended decrement
     (bnc#986362).
   - CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the
     PIT counter values during state restoration, which allowed guest OS
     users to cause a denial of service (divide-by-zero error and host OS
     crash) via a zero value, related to the kvm_vm_ioctl_set_pit and
     kvm_vm_ioctl_set_pit2 functions (bnc#960689).
   - CVE-2013-4312: The Linux kernel allowed local users to bypass
     file-descriptor limits and cause a denial of service (memory
     consumption) by sending each descriptor over a UNIX socket closing it,
     related to net/unix/af_unix.c and net/unix/garbage.c (bnc#839104).
   - CVE-2016-7425: A buffer overflow in the Linux Kernel in
     arcmsr_iop_message_xfer() could have caused kernel heap corruption and
     arbitraty kernel code execution (bsc#999932)

   The following non-security bugs were fixed:

   - ahci: Order SATA device IDs for codename Lewisburg.
   - AHCI: Remove obsolete Intel Lewisburg SATA RAID device IDs.
   - ALSA: hda - Add Intel Lewisburg device IDs Audio.
   - avoid dentry crash triggered by NFS (bsc#984194).
   - blktap2: eliminate deadlock potential from shutdown path (bsc#909994).
   - blktap2: eliminate race from deferred work queue handling (bsc#911687).
   - bonding: always set recv_probe to bond_arp_rcv in arp monitor
     (bsc#977687).
   - bonding: fix bond_arp_rcv setting and arp validate desync state
     (bsc#977687).
   - btrfs: account for non-CoW'd blocks in btrfs_abort_transaction
     (bsc#983619).
   - btrfs: ensure that file descriptor used with subvol ioctls is a dir
     (bsc#999600).
   - cdc-acm: added sanity checking for probe() (bsc#993891).
   - cxgb4: Set VPD size so we can read both VPD structures (bsc#976867).
   - Delete patches.fixes/net-fix-crash-due-to-wrong-dev-in-calling.patch.
     (bsc#979514)
   - fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
   - fs/select: add vmalloc fallback for select(2) (bsc#1000189).
   - fs/select: introduce SIZE_MAX (bsc#1000189).
   - i2c: i801: add Intel Lewisburg device IDs.
   - include/linux/mmdebug.h: should include linux/bug.h (bnc#971975 VM
     performance -- git fixes).
   - increase CONFIG_NR_IRQS 512 -> 2048 reportedly irq error with multiple
     nvme and tg3 in the same machine is resolved by increasing
     CONFIG_NR_IRQS (bsc#998399)
   - kabi, unix: properly account for FDs passed over unix sockets
     (bnc#839104).
   - kaweth: fix firmware download (bsc#993890).
   - kaweth: fix oops upon failed memory allocation (bsc#993890).
   - KVM: x86: SYSENTER emulation is broken (bsc#994618).
   - libfc: sanity check cpu number extracted from xid (bsc#988440).
   - lpfc: call lpfc_sli_validate_fcp_iocb() with the hbalock held
     (bsc#951392).
   - md: lockless I/O submission for RAID1 (bsc#982783).
   - mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED
     (VM Functionality, bnc#986445).
   - mpt2sas, mpt3sas: Fix panic when aer correct error occurred (bsc#997708).
   - net: add pfmemalloc check in sk_add_backlog() (bnc#920016).
   - netback: fix flipping mode (bsc#996664).
   - nfs: Do not drop directory dentry which is in use (bsc#993127).
   - nfs: Don't disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261).
   - nfs: Don't write enable new pages while an invalidation is proceeding
     (bsc#999584).
   - nfs: Fix a regression in the read() syscall (bsc#999584).
   - nfs: Fix races in nfs_revalidate_mapping (bsc#999584).
   - nfs: fix the handling of NFS_INO_INVALID_DATA flag in
     nfs_revalidate_mapping (bsc#999584).
   - nfs: Fix writeback performance issue on cache invalidation (bsc#999584).
   - nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261).
   - nfsv4: do not check MAY_WRITE access bit in OPEN (bsc#985206).
   - nfsv4: fix broken patch relating to v4 read delegations (bsc#956514,
     bsc#989261, bsc#979595).
   - nfsv4: Fix range checking in __nfs4_get_acl_uncached and
     __nfs4_proc_set_acl (bsc#982218).
   - pci: Add pci_set_vpd_size() to set VPD size (bsc#976867).
   - pciback: fix conf_space read/write overlap check.
   - powerpc: add kernel parameter iommu_alloc_quiet (bsc#994926).
   - ppp: defer netns reference release for ppp channel (bsc#980371).
   - random32: add prandom_u32_max (bsc#989152).
   - rpm/constraints.in: Bump x86 disk space requirement to 20GB Clamav tends
     to run out of space nowadays.
   - s390/dasd: fix hanging device after clear subchannel (bnc#994436).
   - sata: Adding Intel Lewisburg device IDs for SATA.
   - sched/core: Fix an SMP ordering race in try_to_wake_up() vs.  schedule()
     (bnc#1001419).
   - sched/core: Fix a race between try_to_wake_up() and a woken up task
     (bnc#1002165).
   - sched: Fix possible divide by zero in avg_atom() calculation
     (bsc#996329).
   - scsi_dh_rdac: retry inquiry for UNIT ATTENTION (bsc#934760).
   - scsi: do not print "reservation conflict" for TEST UNIT READY
     (bsc#984102).
   - scsi: ibmvfc: add FC Class 3 Error Recovery support (bsc#984992).
   - scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)
   - scsi: ibmvfc: Set READ FCP_XFER_READY DISABLED bit in PRLI (bsc#984992).
   - scsi_scan: Send TEST UNIT READY to LUN0 before LUN scanning
     (bnc#843236,bsc#989779).
   - tmpfs: change final i_blocks BUG to WARNING (bsc#991923).
   - Update
   patches.drivers/fcoe-0102-fcoe-ensure-that-skb-placed-on-the-fip_recv_list-
     are.patch (add bsc#732582 reference).
   - USB: fix typo in wMaxPacketSize validation (bsc#991665).
   - USB: validate wMaxPacketValue entries in endpoint descriptors     (bnc#991665).
   - vlan: don't deliver frames for unknown vlans to protocols (bsc#979514).
   - vlan: mask vlan prio bits (bsc#979514).
   - xenbus: inspect the correct type in xenbus_dev_request_and_reply().
   - xen: x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).
   - xfs: Avoid grabbing ilock when file size is not changed (bsc#983535).
   - xfs: Silence warnings in xfs_vm_releasepage() (bnc#915183 bsc#987565).


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Real Time Extension 11-SP4:

      zypper in -t patch slertesp4-kernel-source-12880=1

   - SUSE Linux Enterprise Debuginfo 11-SP4:

      zypper in -t patch dbgsp4-kernel-source-12880=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Real Time Extension 11-SP4 (x86_64):

      kernel-rt-3.0.101.rt130-65.1
      kernel-rt-base-3.0.101.rt130-65.1
      kernel-rt-devel-3.0.101.rt130-65.1
      kernel-rt_trace-3.0.101.rt130-65.1
      kernel-rt_trace-base-3.0.101.rt130-65.1
      kernel-rt_trace-devel-3.0.101.rt130-65.1
      kernel-source-rt-3.0.101.rt130-65.1
      kernel-syms-rt-3.0.101.rt130-65.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64):

      kernel-rt-debuginfo-3.0.101.rt130-65.1
      kernel-rt-debugsource-3.0.101.rt130-65.1
      kernel-rt_debug-debuginfo-3.0.101.rt130-65.1
      kernel-rt_debug-debugsource-3.0.101.rt130-65.1
      kernel-rt_trace-debuginfo-3.0.101.rt130-65.1
      kernel-rt_trace-debugsource-3.0.101.rt130-65.1


References:

   https://www.suse.com/security/cve/CVE-2013-4312.html
   https://www.suse.com/security/cve/CVE-2015-7513.html
   https://www.suse.com/security/cve/CVE-2016-0823.html
   https://www.suse.com/security/cve/CVE-2016-3841.html
   https://www.suse.com/security/cve/CVE-2016-4997.html
   https://www.suse.com/security/cve/CVE-2016-4998.html
   https://www.suse.com/security/cve/CVE-2016-5195.html
   https://www.suse.com/security/cve/CVE-2016-5696.html
   https://www.suse.com/security/cve/CVE-2016-6480.html
   https://www.suse.com/security/cve/CVE-2016-6828.html
   https://www.suse.com/security/cve/CVE-2016-7425.html
   https://bugzilla.suse.com/1000189
   https://bugzilla.suse.com/1001419
   https://bugzilla.suse.com/1002165
   https://bugzilla.suse.com/1004418
   https://bugzilla.suse.com/732582
   https://bugzilla.suse.com/839104
   https://bugzilla.suse.com/843236
   https://bugzilla.suse.com/909994
   https://bugzilla.suse.com/911687
   https://bugzilla.suse.com/915183
   https://bugzilla.suse.com/920016
   https://bugzilla.suse.com/934760
   https://bugzilla.suse.com/951392
   https://bugzilla.suse.com/956514
   https://bugzilla.suse.com/960689
   https://bugzilla.suse.com/963655
   https://bugzilla.suse.com/971975
   https://bugzilla.suse.com/971989
   https://bugzilla.suse.com/974620
   https://bugzilla.suse.com/976867
   https://bugzilla.suse.com/977687
   https://bugzilla.suse.com/979514
   https://bugzilla.suse.com/979595
   https://bugzilla.suse.com/979681
   https://bugzilla.suse.com/980371
   https://bugzilla.suse.com/982218
   https://bugzilla.suse.com/982783
   https://bugzilla.suse.com/983535
   https://bugzilla.suse.com/983619
   https://bugzilla.suse.com/984102
   https://bugzilla.suse.com/984194
   https://bugzilla.suse.com/984992
   https://bugzilla.suse.com/985206
   https://bugzilla.suse.com/986362
   https://bugzilla.suse.com/986365
   https://bugzilla.suse.com/986445
   https://bugzilla.suse.com/987565
   https://bugzilla.suse.com/988440
   https://bugzilla.suse.com/989152
   https://bugzilla.suse.com/989261
   https://bugzilla.suse.com/989779
   https://bugzilla.suse.com/991608
   https://bugzilla.suse.com/991665
   https://bugzilla.suse.com/991923
   https://bugzilla.suse.com/992566
   https://bugzilla.suse.com/993127
   https://bugzilla.suse.com/993890
   https://bugzilla.suse.com/993891
   https://bugzilla.suse.com/994296
   https://bugzilla.suse.com/994436
   https://bugzilla.suse.com/994618
   https://bugzilla.suse.com/994759
   https://bugzilla.suse.com/994926
   https://bugzilla.suse.com/996329
   https://bugzilla.suse.com/996664
   https://bugzilla.suse.com/997708
   https://bugzilla.suse.com/998399
   https://bugzilla.suse.com/999584
   https://bugzilla.suse.com/999600
   https://bugzilla.suse.com/999932

SuSE: 2016:3069-1: important: the Linux Kernel

December 9, 2016

An update that solves 11 vulnerabilities and has 49 fixes An update that solves 11 vulnerabilities and has 49 fixes An update that solves 11 vulnerabilities and has 49 fixes is now...

Summary

The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes. This feature was added: - Support for the 2017 Intel Purley platform. The following security bugs were fixed: - CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed, which is reportedly exploited in the wild (bsc#1004418). - CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721 (bnc#994759). - CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566). - CVE-2016-6828: Use after free in tcp_xmit_retransmit_queue or other tcp_ functions (bsc#994296) - CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly determine the rate of challenge ACK segments, which made it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack (bnc#989152) - CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability (bnc#991608) - CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362). - CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the PIT counter values during state restoration, which allowed guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions (bnc#960689). - CVE-2013-4312: The Linux kernel allowed local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket closing it, related to net/unix/af_unix.c and net/unix/garbage.c (bnc#839104). - CVE-2016-7425: A buffer overflow in the Linux Kernel in arcmsr_iop_message_xfer() could have caused kernel heap corruption and arbitraty kernel code execution (bsc#999932) The following non-security bugs were fixed: - ahci: Order SATA device IDs for codename Lewisburg. - AHCI: Remove obsolete Intel Lewisburg SATA RAID device IDs. - ALSA: hda - Add Intel Lewisburg device IDs Audio. - avoid dentry crash triggered by NFS (bsc#984194). - blktap2: eliminate deadlock potential from shutdown path (bsc#909994). - blktap2: eliminate race from deferred work queue handling (bsc#911687). - bonding: always set recv_probe to bond_arp_rcv in arp monitor (bsc#977687). - bonding: fix bond_arp_rcv setting and arp validate desync state (bsc#977687). - btrfs: account for non-CoW'd blocks in btrfs_abort_transaction (bsc#983619). - btrfs: ensure that file descriptor used with subvol ioctls is a dir (bsc#999600). - cdc-acm: added sanity checking for probe() (bsc#993891). - cxgb4: Set VPD size so we can read both VPD structures (bsc#976867). - Delete patches.fixes/net-fix-crash-due-to-wrong-dev-in-calling.patch. (bsc#979514) - fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681) - fs/select: add vmalloc fallback for select(2) (bsc#1000189). - fs/select: introduce SIZE_MAX (bsc#1000189). - i2c: i801: add Intel Lewisburg device IDs. - include/linux/mmdebug.h: should include linux/bug.h (bnc#971975 VM performance -- git fixes). - increase CONFIG_NR_IRQS 512 -> 2048 reportedly irq error with multiple nvme and tg3 in the same machine is resolved by increasing CONFIG_NR_IRQS (bsc#998399) - kabi, unix: properly account for FDs passed over unix sockets (bnc#839104). - kaweth: fix firmware download (bsc#993890). - kaweth: fix oops upon failed memory allocation (bsc#993890). - KVM: x86: SYSENTER emulation is broken (bsc#994618). - libfc: sanity check cpu number extracted from xid (bsc#988440). - lpfc: call lpfc_sli_validate_fcp_iocb() with the hbalock held (bsc#951392). - md: lockless I/O submission for RAID1 (bsc#982783). - mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445). - mpt2sas, mpt3sas: Fix panic when aer correct error occurred (bsc#997708). - net: add pfmemalloc check in sk_add_backlog() (bnc#920016). - netback: fix flipping mode (bsc#996664). - nfs: Do not drop directory dentry which is in use (bsc#993127). - nfs: Don't disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261). - nfs: Don't write enable new pages while an invalidation is proceeding (bsc#999584). - nfs: Fix a regression in the read() syscall (bsc#999584). - nfs: Fix races in nfs_revalidate_mapping (bsc#999584). - nfs: fix the handling of NFS_INO_INVALID_DATA flag in nfs_revalidate_mapping (bsc#999584). - nfs: Fix writeback performance issue on cache invalidation (bsc#999584). - nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261). - nfsv4: do not check MAY_WRITE access bit in OPEN (bsc#985206). - nfsv4: fix broken patch relating to v4 read delegations (bsc#956514, bsc#989261, bsc#979595). - nfsv4: Fix range checking in __nfs4_get_acl_uncached and __nfs4_proc_set_acl (bsc#982218). - pci: Add pci_set_vpd_size() to set VPD size (bsc#976867). - pciback: fix conf_space read/write overlap check. - powerpc: add kernel parameter iommu_alloc_quiet (bsc#994926). - ppp: defer netns reference release for ppp channel (bsc#980371). - random32: add prandom_u32_max (bsc#989152). - rpm/constraints.in: Bump x86 disk space requirement to 20GB Clamav tends to run out of space nowadays. - s390/dasd: fix hanging device after clear subchannel (bnc#994436). - sata: Adding Intel Lewisburg device IDs for SATA. - sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule() (bnc#1001419). - sched/core: Fix a race between try_to_wake_up() and a woken up task (bnc#1002165). - sched: Fix possible divide by zero in avg_atom() calculation (bsc#996329). - scsi_dh_rdac: retry inquiry for UNIT ATTENTION (bsc#934760). - scsi: do not print "reservation conflict" for TEST UNIT READY (bsc#984102). - scsi: ibmvfc: add FC Class 3 Error Recovery support (bsc#984992). - scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989) - scsi: ibmvfc: Set READ FCP_XFER_READY DISABLED bit in PRLI (bsc#984992). - scsi_scan: Send TEST UNIT READY to LUN0 before LUN scanning (bnc#843236,bsc#989779). - tmpfs: change final i_blocks BUG to WARNING (bsc#991923). - Update patches.drivers/fcoe-0102-fcoe-ensure-that-skb-placed-on-the-fip_recv_list- are.patch (add bsc#732582 reference). - USB: fix typo in wMaxPacketSize validation (bsc#991665). - USB: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665). - vlan: don't deliver frames for unknown vlans to protocols (bsc#979514). - vlan: mask vlan prio bits (bsc#979514). - xenbus: inspect the correct type in xenbus_dev_request_and_reply(). - xen: x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620). - xfs: Avoid grabbing ilock when file size is not changed (bsc#983535). - xfs: Silence warnings in xfs_vm_releasepage() (bnc#915183 bsc#987565). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 11-SP4: zypper in -t patch slertesp4-kernel-source-12880=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-source-12880=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time Extension 11-SP4 (x86_64): kernel-rt-3.0.101.rt130-65.1 kernel-rt-base-3.0.101.rt130-65.1 kernel-rt-devel-3.0.101.rt130-65.1 kernel-rt_trace-3.0.101.rt130-65.1 kernel-rt_trace-base-3.0.101.rt130-65.1 kernel-rt_trace-devel-3.0.101.rt130-65.1 kernel-source-rt-3.0.101.rt130-65.1 kernel-syms-rt-3.0.101.rt130-65.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64): kernel-rt-debuginfo-3.0.101.rt130-65.1 kernel-rt-debugsource-3.0.101.rt130-65.1 kernel-rt_debug-debuginfo-3.0.101.rt130-65.1 kernel-rt_debug-debugsource-3.0.101.rt130-65.1 kernel-rt_trace-debuginfo-3.0.101.rt130-65.1 kernel-rt_trace-debugsource-3.0.101.rt130-65.1

References

#1000189 #1001419 #1002165 #1004418 #732582

#839104 #843236 #909994 #911687 #915183 #920016

#934760 #951392 #956514 #960689 #963655 #971975

#971989 #974620 #976867 #977687 #979514 #979595

#979681 #980371 #982218 #982783 #983535 #983619

#984102 #984194 #984992 #985206 #986362 #986365

#986445 #987565 #988440 #989152 #989261 #989779

#991608 #991665 #991923 #992566 #993127 #993890

#993891 #994296 #994436 #994618 #994759 #994926

#996329 #996664 #997708 #998399 #999584 #999600

#999932

Cross- CVE-2013-4312 CVE-2015-7513 CVE-2016-0823

CVE-2016-3841 CVE-2016-4997 CVE-2016-4998

CVE-2016-5195 CVE-2016-5696 CVE-2016-6480

CVE-2016-6828 CVE-2016-7425

Affected Products:

SUSE Linux Enterprise Real Time Extension 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2013-4312.html

https://www.suse.com/security/cve/CVE-2015-7513.html

https://www.suse.com/security/cve/CVE-2016-0823.html

https://www.suse.com/security/cve/CVE-2016-3841.html

https://www.suse.com/security/cve/CVE-2016-4997.html

https://www.suse.com/security/cve/CVE-2016-4998.html

https://www.suse.com/security/cve/CVE-2016-5195.html

https://www.suse.com/security/cve/CVE-2016-5696.html

https://www.suse.com/security/cve/CVE-2016-6480.html

https://www.suse.com/security/cve/CVE-2016-6828.html

https://www.suse.com/security/cve/CVE-2016-7425.html

https://bugzilla.suse.com/1000189

https://bugzilla.suse.com/1001419

https://bugzilla.suse.com/1002165

https://bugzilla.suse.com/1004418

https://bugzilla.suse.com/732582

https://bugzilla.suse.com/839104

https://bugzilla.suse.com/843236

https://bugzilla.suse.com/909994

https://bugzilla.suse.com/911687

https://bugzilla.suse.com/915183

https://bugzilla.suse.com/920016

https://bugzilla.suse.com/934760

https://bugzilla.suse.com/951392

https://bugzilla.suse.com/956514

https://bugzilla.suse.com/960689

https://bugzilla.suse.com/963655

https://bugzilla.suse.com/971975

https://bugzilla.suse.com/971989

https://bugzilla.suse.com/974620

https://bugzilla.suse.com/976867

https://bugzilla.suse.com/977687

https://bugzilla.suse.com/979514

https://bugzilla.suse.com/979595

https://bugzilla.suse.com/979681

https://bugzilla.suse.com/980371

https://bugzilla.suse.com/982218

https://bugzilla.suse.com/982783

https://bugzilla.suse.com/983535

https://bugzilla.suse.com/983619

https://bugzilla.suse.com/984102

https://bugzilla.suse.com/984194

https://bugzilla.suse.com/984992

https://bugzilla.suse.com/985206

https://bugzilla.suse.com/986362

https://bugzilla.suse.com/986365

https://bugzilla.suse.com/986445

https://bugzilla.suse.com/987565

https://bugzilla.suse.com/988440

https://bugzilla.suse.com/989152

https://bugzilla.suse.com/989261

https://bugzilla.suse.com/989779

https://bugzilla.suse.com/991608

https://bugzilla.suse.com/991665

https://bugzilla.suse.com/991923

https://bugzilla.suse.com/992566

https://bugzilla.suse.com/993127

https://bugzilla.suse.com/993890

https://bugzilla.suse.com/993891

https://bugzilla.suse.com/994296

https://bugzilla.suse.com/994436

https://bugzilla.suse.com/994618

https://bugzilla.suse.com/994759

https://bugzilla.suse.com/994926

https://bugzilla.suse.com/996329

https://bugzilla.suse.com/996664

https://bugzilla.suse.com/997708

https://bugzilla.suse.com/998399

https://bugzilla.suse.com/999584

https://bugzilla.suse.com/999600

https://bugzilla.suse.com/999932

Severity

Announcement ID: SUSE-SU-2016:3069-1

Rating: important

Get the Latest News & Insights

SuSE: 2016:3069-1: important: the Linux Kernel

Summary

References

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By