[SUSE-SU-2016:3069-1] Security update for the Linux Kernel
Severity
Important
CVEs
10
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.
This feature was added:
- Support for the 2017 Intel Purley platform.
The following security bugs were fixed:
- CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed, which is reportedly exploited in the wild (bsc#1004418).
- CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721 (bnc#994759).
- CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566).
- CVE-2016-6828: Use after free in tcp_xmit_retransmit_queue or other tcp_ functions (bsc#994296)
- CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly determine the rate of challenge ACK segments, which made it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack (bnc#989152)
- CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a 'double fetch' vulnerability (bnc#991608)
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).
- CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the PIT counter values during state restoration, which allowed guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions (bnc#960689).
- CVE-2013-4312: The Linux kernel allowed local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket closing it, related to net/unix/af_unix.c and net/unix/garbage.c (bnc#839104).
- CVE-2016-7425: A buffer overflow in the Linux Kernel in arcmsr_iop_message_xfer() could have caused kernel heap corruption and arbitraty kernel code execution (bsc#999932)
The following non-security bugs were fixed:
- ahci: Order SATA device IDs for codename Lewisburg.
- AHCI: Remove obsolete Intel Lewisburg SATA RAID device IDs.
- ALSA: hda - Add Intel Lewisburg device IDs Audio.
- avoid dentry crash triggered by NFS (bsc#984194).
- blktap2: eliminate deadlock potential from shutdown path (bsc#909994).
- blktap2: eliminate race from deferred work queue handling (bsc#911687).
- bonding: always set recv_probe to bond_arp_rcv in arp monitor (bsc#977687).
- bonding: fix bond_arp_rcv setting and arp validate desync state (bsc#977687).
- btrfs: account for non-CoW'd blocks in btrfs_abort_transaction (bsc#983619).
- btrfs: ensure that file descriptor used with subvol ioctls is a dir (bsc#999600).
- cdc-acm: added sanity checking for probe() (bsc#993891).
- cxgb4: Set VPD size so we can read both VPD structures (bsc#976867).
- Delete patches.fixes/net-fix-crash-due-to-wrong-dev-in-calling.patch. (bsc#979514)
- fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
- fs/select: add vmalloc fallback for select(2) (bsc#1000189).
- fs/select: introduce SIZE_MAX (bsc#1000189).
- i2c: i801: add Intel Lewisburg device IDs.
- include/linux/mmdebug.h: should include linux/bug.h (bnc#971975 VM performance -- git fixes).
- increase CONFIG_NR_IRQS 512 -> 2048 reportedly irq error with multiple nvme and tg3 in the same machine is resolved by increasing CONFIG_NR_IRQS (bsc#998399)
- kabi, unix: properly account for FDs passed over unix sockets (bnc#839104).
- kaweth: fix firmware download (bsc#993890).
- kaweth: fix oops upon failed memory allocation (bsc#993890).
- KVM: x86: SYSENTER emulation is broken (bsc#994618).
- libfc: sanity check cpu number extracted from xid (bsc#988440).
- lpfc: call lpfc_sli_validate_fcp_iocb() with the hbalock held (bsc#951392).
- md: lockless I/O submission for RAID1 (bsc#982783).
- mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445).
- mpt2sas, mpt3sas: Fix panic when aer correct error occurred (bsc#997708).
- net: add pfmemalloc check in sk_add_backlog() (bnc#920016).
- netback: fix flipping mode (bsc#996664).
- nfs: Do not drop directory dentry which is in use (bsc#993127).
- nfs: Don't disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261).
- nfs: Don't write enable new pages while an invalidation is proceeding (bsc#999584).
- nfs: Fix a regression in the read() syscall (bsc#999584).
- nfs: Fix races in nfs_revalidate_mapping (bsc#999584).
- nfs: fix the handling of NFS_INO_INVALID_DATA flag in nfs_revalidate_mapping (bsc#999584).
- nfs: Fix writeback performance issue on cache invalidation (bsc#999584).
- nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261).
- nfsv4: do not check MAY_WRITE access bit in OPEN (bsc#985206).
- nfsv4: fix broken patch relating to v4 read delegations (bsc#956514, bsc#989261, bsc#979595).
- nfsv4: Fix range checking in __nfs4_get_acl_uncached and __nfs4_proc_set_acl (bsc#982218).
- pci: Add pci_set_vpd_size() to set VPD size (bsc#976867).
- pciback: fix conf_space read/write overlap check.
- powerpc: add kernel parameter iommu_alloc_quiet (bsc#994926).
- ppp: defer netns reference release for ppp channel (bsc#980371).
- random32: add prandom_u32_max (bsc#989152).
- rpm/constraints.in: Bump x86 disk space requirement to 20GB Clamav tends to run out of space nowadays.
- s390/dasd: fix hanging device after clear subchannel (bnc#994436).
- sata: Adding Intel Lewisburg device IDs for SATA.
- sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule() (bnc#1001419).
- sched/core: Fix a race between try_to_wake_up() and a woken up task (bnc#1002165).
- sched: Fix possible divide by zero in avg_atom() calculation (bsc#996329).
- scsi_dh_rdac: retry inquiry for UNIT ATTENTION (bsc#934760).
- scsi: do not print 'reservation conflict' for TEST UNIT READY (bsc#984102).
- scsi: ibmvfc: add FC Class 3 Error Recovery support (bsc#984992).
- scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)
- scsi: ibmvfc: Set READ FCP_XFER_READY DISABLED bit in PRLI (bsc#984992).
- scsi_scan: Send TEST UNIT READY to LUN0 before LUN scanning (bnc#843236,bsc#989779).
- tmpfs: change final i_blocks BUG to WARNING (bsc#991923).
- Update patches.drivers/fcoe-0102-fcoe-ensure-that-skb-placed-on-the-fip_recv_list-are.patch (add bsc#732582 reference).
- USB: fix typo in wMaxPacketSize validation (bsc#991665).
- USB: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665).
- vlan: don't deliver frames for unknown vlans to protocols (bsc#979514).
- vlan: mask vlan prio bits (bsc#979514).
- xenbus: inspect the correct type in xenbus_dev_request_and_reply().
- xen: x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).
- xfs: Avoid grabbing ilock when file size is not changed (bsc#983535).
- xfs: Silence warnings in xfs_vm_releasepage() (bnc#915183 bsc#987565).
- ID
- SUSE-SU-2016:3069-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2016/suse-su-20163069-1/
- Published
-
2016-12-09T13:20:33
(7 years ago) - Modified
-
2016-12-09T13:20:33
(7 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2016-648
- ALAS-2016-718
- ALAS-2016-726
- ALAS-2016-740
- ALAS-2016-757
- ASA-201610-11
- ASA-201610-14
- CISA-2022:0303
- CISCO-SA-20161026-LINUX
- DSA-3434-1
- DSA-3448-1
- DSA-3503-1
- DSA-3607-1
- DSA-3659-1
- DSA-3696-1
- ELSA-2016-0855
- ELSA-2016-1633
- ELSA-2016-1664
- ELSA-2016-1847
- ELSA-2016-2098
- ELSA-2016-2105
- ELSA-2016-2124
- ELSA-2016-2574
- ELSA-2016-3559
- ELSA-2016-3565
- ELSA-2016-3566
- ELSA-2016-3567
- ELSA-2016-3594
- ELSA-2016-3595
- ELSA-2016-3617
- ELSA-2016-3618
- ELSA-2016-3619
- ELSA-2016-3632
- ELSA-2016-3633
- ELSA-2016-3634
- ELSA-2016-3644
- ELSA-2016-3645
- ELSA-2016-3646
- ELSA-2017-0036
- ELSA-2017-0086
- ELSA-2017-0817
- ELSA-2017-3508
- ELSA-2017-3509
- ELSA-2017-3510
- ELSA-2017-3533
- ELSA-2017-3534
- ELSA-2017-3535
- ELSA-2019-4316
- ELSA-2019-4317
- FEDORA-2016-1c409313f4
- FEDORA-2016-26e19f042a
- FEDORA-2016-2e5ebfed6d
- FEDORA-2016-2f25d12c51
- FEDORA-2016-5d43766e33
- FEDORA-2016-5e24d8c350
- FEDORA-2016-63ee0999e4
- FEDORA-2016-723350dd75
- FEDORA-2016-784d5526d8
- FEDORA-2016-9a16b2e14e
- FEDORA-2016-b59fd603be
- FEDORA-2016-c3558808cd
- FEDORA-2016-c8a0c7eece
- FEDORA-2016-db4b75b352
- FEDORA-2016-f1adaaadc6
- FEDORA-2016-f3d1f79398
- openSUSE-SU-2020:0554-1
- RHSA-2016:0855
- RHSA-2016:1632
- RHSA-2016:1633
- RHSA-2016:1664
- RHSA-2016:1847
- RHSA-2016:1875
- RHSA-2016:2098
- RHSA-2016:2105
- RHSA-2016:2110
- RHSA-2016:2574
- RHSA-2016:2584
- RHSA-2017:0036
- RHSA-2017:0086
- RHSA-2017:0091
- RHSA-2017:0372
- RHSA-2017:0817
- SSA:2016-305-01
- SUSE-SU-2016:1709-1
- SUSE-SU-2016:1710-1
- SUSE-SU-2016:1937-1
- SUSE-SU-2016:1985-1
- SUSE-SU-2016:2018-1
- SUSE-SU-2016:2105-1
- SUSE-SU-2016:2174-1
- SUSE-SU-2016:2175-1
- SUSE-SU-2016:2177-1
- SUSE-SU-2016:2178-1
- SUSE-SU-2016:2179-1
- SUSE-SU-2016:2180-1
- SUSE-SU-2016:2181-1
- SUSE-SU-2016:2230-1
- SUSE-SU-2016:2245-1
- SUSE-SU-2016:2585-1
- SUSE-SU-2016:2592-1
- SUSE-SU-2016:2593-1
- SUSE-SU-2016:2596-1
- SUSE-SU-2016:2614-1
- SUSE-SU-2016:2629-1
- SUSE-SU-2016:2630-1
- SUSE-SU-2016:2631-1
- SUSE-SU-2016:2632-1
- SUSE-SU-2016:2633-1
- SUSE-SU-2016:2634-1
- SUSE-SU-2016:2635-1
- SUSE-SU-2016:2636-1
- SUSE-SU-2016:2637-1
- SUSE-SU-2016:2638-1
- SUSE-SU-2016:2655-1
- SUSE-SU-2016:2657-1
- SUSE-SU-2016:2658-1
- SUSE-SU-2016:2659-1
- SUSE-SU-2016:2673-1
- SUSE-SU-2016:2674-1
- SUSE-SU-2016:2912-1
- SUSE-SU-2016:2976-1
- SUSE-SU-2016:3304-1
- SUSE-SU-2017:0181-1
- SUSE-SU-2017:0333-1
- SUSE-SU-2017:0437-1
- SUSE-SU-2017:0471-1
- SUSE-SU-2017:0494-1
- SUSE-SU-2017:1102-1
- SUSE-SU-2017:1990-1
- SUSE-SU-2017:2342-1
- USN-2886-1
- USN-2886-2
- USN-2887-1
- USN-2887-2
- USN-2888-1
- USN-2889-1
- USN-2889-2
- USN-2890-1
- USN-2890-2
- USN-2890-3
- USN-2908-1
- USN-2908-2
- USN-2908-3
- USN-2929-1
- USN-2929-2
- USN-2931-1
- USN-2932-1
- USN-2967-1
- USN-2967-2
- USN-3016-1
- USN-3016-2
- USN-3016-3
- USN-3016-4
- USN-3017-1
- USN-3017-2
- USN-3017-3
- USN-3018-1
- USN-3018-2
- USN-3019-1
- USN-3020-1
- USN-3070-1
- USN-3070-2
- USN-3070-3
- USN-3070-4
- USN-3071-1
- USN-3071-2
- USN-3072-1
- USN-3072-2
- USN-3083-1
- USN-3083-2
- USN-3097-1
- USN-3097-2
- USN-3098-1
- USN-3098-2
- USN-3099-1
- USN-3099-2
- USN-3099-3
- USN-3099-4
- USN-3104-1
- USN-3104-2
- USN-3105-1
- USN-3105-2
- USN-3106-1
- USN-3106-2
- USN-3106-3
- USN-3106-4
- USN-3107-1
- USN-3107-2
- USN-3144-1
- USN-3144-2
- USN-3145-1
- USN-3145-2
- USN-3146-1
- USN-3146-2
- USN-3147-1
- USN-3161-3
- USN-3161-4
- USN-3162-2
- USN-3338-1
- VU:243144
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |