1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2016:3069-1

[SUSE-SU-2016:3069-1] Security update for the Linux Kernel

Severity Important
CVEs 10
Info References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.

This feature was added:

  • Support for the 2017 Intel Purley platform.

The following security bugs were fixed:

  • CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed, which is reportedly exploited in the wild (bsc#1004418).
  • CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721 (bnc#994759).
  • CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566).
  • CVE-2016-6828: Use after free in tcp_xmit_retransmit_queue or other tcp_ functions (bsc#994296)
  • CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly determine the rate of challenge ACK segments, which made it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack (bnc#989152)
  • CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a 'double fetch' vulnerability (bnc#991608)
  • CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).
  • CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the PIT counter values during state restoration, which allowed guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions (bnc#960689).
  • CVE-2013-4312: The Linux kernel allowed local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket closing it, related to net/unix/af_unix.c and net/unix/garbage.c (bnc#839104).
  • CVE-2016-7425: A buffer overflow in the Linux Kernel in arcmsr_iop_message_xfer() could have caused kernel heap corruption and arbitraty kernel code execution (bsc#999932)

The following non-security bugs were fixed:

  • ahci: Order SATA device IDs for codename Lewisburg.
  • AHCI: Remove obsolete Intel Lewisburg SATA RAID device IDs.
  • ALSA: hda - Add Intel Lewisburg device IDs Audio.
  • avoid dentry crash triggered by NFS (bsc#984194).
  • blktap2: eliminate deadlock potential from shutdown path (bsc#909994).
  • blktap2: eliminate race from deferred work queue handling (bsc#911687).
  • bonding: always set recv_probe to bond_arp_rcv in arp monitor (bsc#977687).
  • bonding: fix bond_arp_rcv setting and arp validate desync state (bsc#977687).
  • btrfs: account for non-CoW'd blocks in btrfs_abort_transaction (bsc#983619).
  • btrfs: ensure that file descriptor used with subvol ioctls is a dir (bsc#999600).
  • cdc-acm: added sanity checking for probe() (bsc#993891).
  • cxgb4: Set VPD size so we can read both VPD structures (bsc#976867).
  • Delete patches.fixes/net-fix-crash-due-to-wrong-dev-in-calling.patch. (bsc#979514)
  • fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
  • fs/select: add vmalloc fallback for select(2) (bsc#1000189).
  • fs/select: introduce SIZE_MAX (bsc#1000189).
  • i2c: i801: add Intel Lewisburg device IDs.
  • include/linux/mmdebug.h: should include linux/bug.h (bnc#971975 VM performance -- git fixes).
  • increase CONFIG_NR_IRQS 512 -> 2048 reportedly irq error with multiple nvme and tg3 in the same machine is resolved by increasing CONFIG_NR_IRQS (bsc#998399)
  • kabi, unix: properly account for FDs passed over unix sockets (bnc#839104).
  • kaweth: fix firmware download (bsc#993890).
  • kaweth: fix oops upon failed memory allocation (bsc#993890).
  • KVM: x86: SYSENTER emulation is broken (bsc#994618).
  • libfc: sanity check cpu number extracted from xid (bsc#988440).
  • lpfc: call lpfc_sli_validate_fcp_iocb() with the hbalock held (bsc#951392).
  • md: lockless I/O submission for RAID1 (bsc#982783).
  • mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445).
  • mpt2sas, mpt3sas: Fix panic when aer correct error occurred (bsc#997708).
  • net: add pfmemalloc check in sk_add_backlog() (bnc#920016).
  • netback: fix flipping mode (bsc#996664).
  • nfs: Do not drop directory dentry which is in use (bsc#993127).
  • nfs: Don't disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261).
  • nfs: Don't write enable new pages while an invalidation is proceeding (bsc#999584).
  • nfs: Fix a regression in the read() syscall (bsc#999584).
  • nfs: Fix races in nfs_revalidate_mapping (bsc#999584).
  • nfs: fix the handling of NFS_INO_INVALID_DATA flag in nfs_revalidate_mapping (bsc#999584).
  • nfs: Fix writeback performance issue on cache invalidation (bsc#999584).
  • nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261).
  • nfsv4: do not check MAY_WRITE access bit in OPEN (bsc#985206).
  • nfsv4: fix broken patch relating to v4 read delegations (bsc#956514, bsc#989261, bsc#979595).
  • nfsv4: Fix range checking in __nfs4_get_acl_uncached and __nfs4_proc_set_acl (bsc#982218).
  • pci: Add pci_set_vpd_size() to set VPD size (bsc#976867).
  • pciback: fix conf_space read/write overlap check.
  • powerpc: add kernel parameter iommu_alloc_quiet (bsc#994926).
  • ppp: defer netns reference release for ppp channel (bsc#980371).
  • random32: add prandom_u32_max (bsc#989152).
  • rpm/constraints.in: Bump x86 disk space requirement to 20GB Clamav tends to run out of space nowadays.
  • s390/dasd: fix hanging device after clear subchannel (bnc#994436).
  • sata: Adding Intel Lewisburg device IDs for SATA.
  • sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule() (bnc#1001419).
  • sched/core: Fix a race between try_to_wake_up() and a woken up task (bnc#1002165).
  • sched: Fix possible divide by zero in avg_atom() calculation (bsc#996329).
  • scsi_dh_rdac: retry inquiry for UNIT ATTENTION (bsc#934760).
  • scsi: do not print 'reservation conflict' for TEST UNIT READY (bsc#984102).
  • scsi: ibmvfc: add FC Class 3 Error Recovery support (bsc#984992).
  • scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)
  • scsi: ibmvfc: Set READ FCP_XFER_READY DISABLED bit in PRLI (bsc#984992).
  • scsi_scan: Send TEST UNIT READY to LUN0 before LUN scanning (bnc#843236,bsc#989779).
  • tmpfs: change final i_blocks BUG to WARNING (bsc#991923).
  • Update patches.drivers/fcoe-0102-fcoe-ensure-that-skb-placed-on-the-fip_recv_list-are.patch (add bsc#732582 reference).
  • USB: fix typo in wMaxPacketSize validation (bsc#991665).
  • USB: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665).
  • vlan: don't deliver frames for unknown vlans to protocols (bsc#979514).
  • vlan: mask vlan prio bits (bsc#979514).
  • xenbus: inspect the correct type in xenbus_dev_request_and_reply().
  • xen: x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).
  • xfs: Avoid grabbing ilock when file size is not changed (bsc#983535).
  • xfs: Silence warnings in xfs_vm_releasepage() (bnc#915183 bsc#987565).
ID
SUSE-SU-2016:3069-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2016/suse-su-20163069-1/
Published
2016-12-09T13:20:33
(7 years ago)
Modified
2016-12-09T13:20:33
(7 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_3069-1.json
Suse URL for SUSE-SU-2016:3069-1 https://www.suse.com/support/update/announcement/2016/suse-su-20163069-1/
Suse E-Mail link for SUSE-SU-2016:3069-1 https://lists.suse.com/pipermail/sle-security-updates/2016-December/002461.html
Bugzilla SUSE Bug 1000189 https://bugzilla.suse.com/1000189
Bugzilla SUSE Bug 1001419 https://bugzilla.suse.com/1001419
Bugzilla SUSE Bug 1002165 https://bugzilla.suse.com/1002165
Bugzilla SUSE Bug 1004418 https://bugzilla.suse.com/1004418
Bugzilla SUSE Bug 732582 https://bugzilla.suse.com/732582
Bugzilla SUSE Bug 839104 https://bugzilla.suse.com/839104
Bugzilla SUSE Bug 843236 https://bugzilla.suse.com/843236
Bugzilla SUSE Bug 909994 https://bugzilla.suse.com/909994
Bugzilla SUSE Bug 911687 https://bugzilla.suse.com/911687
Bugzilla SUSE Bug 915183 https://bugzilla.suse.com/915183
Bugzilla SUSE Bug 920016 https://bugzilla.suse.com/920016
Bugzilla SUSE Bug 934760 https://bugzilla.suse.com/934760
Bugzilla SUSE Bug 951392 https://bugzilla.suse.com/951392
Bugzilla SUSE Bug 956514 https://bugzilla.suse.com/956514
Bugzilla SUSE Bug 960689 https://bugzilla.suse.com/960689
Bugzilla SUSE Bug 963655 https://bugzilla.suse.com/963655
Bugzilla SUSE Bug 971975 https://bugzilla.suse.com/971975
Bugzilla SUSE Bug 971989 https://bugzilla.suse.com/971989
Bugzilla SUSE Bug 974620 https://bugzilla.suse.com/974620
Bugzilla SUSE Bug 976867 https://bugzilla.suse.com/976867
Bugzilla SUSE Bug 977687 https://bugzilla.suse.com/977687
Bugzilla SUSE Bug 979514 https://bugzilla.suse.com/979514
Bugzilla SUSE Bug 979595 https://bugzilla.suse.com/979595
Bugzilla SUSE Bug 979681 https://bugzilla.suse.com/979681
Bugzilla SUSE Bug 980371 https://bugzilla.suse.com/980371
Bugzilla SUSE Bug 982218 https://bugzilla.suse.com/982218
Bugzilla SUSE Bug 982783 https://bugzilla.suse.com/982783
Bugzilla SUSE Bug 983535 https://bugzilla.suse.com/983535
Bugzilla SUSE Bug 983619 https://bugzilla.suse.com/983619
Bugzilla SUSE Bug 984102 https://bugzilla.suse.com/984102
Bugzilla SUSE Bug 984194 https://bugzilla.suse.com/984194
Bugzilla SUSE Bug 984992 https://bugzilla.suse.com/984992
Bugzilla SUSE Bug 985206 https://bugzilla.suse.com/985206
Bugzilla SUSE Bug 986362 https://bugzilla.suse.com/986362
Bugzilla SUSE Bug 986365 https://bugzilla.suse.com/986365
Bugzilla SUSE Bug 986445 https://bugzilla.suse.com/986445
Bugzilla SUSE Bug 987565 https://bugzilla.suse.com/987565
Bugzilla SUSE Bug 988440 https://bugzilla.suse.com/988440
Bugzilla SUSE Bug 989152 https://bugzilla.suse.com/989152
Bugzilla SUSE Bug 989261 https://bugzilla.suse.com/989261
Bugzilla SUSE Bug 989779 https://bugzilla.suse.com/989779
Bugzilla SUSE Bug 991608 https://bugzilla.suse.com/991608
Bugzilla SUSE Bug 991665 https://bugzilla.suse.com/991665
Bugzilla SUSE Bug 991923 https://bugzilla.suse.com/991923
Bugzilla SUSE Bug 992566 https://bugzilla.suse.com/992566
Bugzilla SUSE Bug 993127 https://bugzilla.suse.com/993127
Bugzilla SUSE Bug 993890 https://bugzilla.suse.com/993890
Bugzilla SUSE Bug 993891 https://bugzilla.suse.com/993891
Bugzilla SUSE Bug 994296 https://bugzilla.suse.com/994296
Bugzilla SUSE Bug 994436 https://bugzilla.suse.com/994436
Bugzilla SUSE Bug 994618 https://bugzilla.suse.com/994618
Bugzilla SUSE Bug 994759 https://bugzilla.suse.com/994759
Bugzilla SUSE Bug 994926 https://bugzilla.suse.com/994926
Bugzilla SUSE Bug 996329 https://bugzilla.suse.com/996329
Bugzilla SUSE Bug 996664 https://bugzilla.suse.com/996664
Bugzilla SUSE Bug 997708 https://bugzilla.suse.com/997708
Bugzilla SUSE Bug 998399 https://bugzilla.suse.com/998399
Bugzilla SUSE Bug 999584 https://bugzilla.suse.com/999584
Bugzilla SUSE Bug 999600 https://bugzilla.suse.com/999600
Bugzilla SUSE Bug 999932 https://bugzilla.suse.com/999932
CVE SUSE CVE CVE-2013-4312 page https://www.suse.com/security/cve/CVE-2013-4312/
CVE SUSE CVE CVE-2015-7513 page https://www.suse.com/security/cve/CVE-2015-7513/
CVE SUSE CVE CVE-2016-0823 page https://www.suse.com/security/cve/CVE-2016-0823/
CVE SUSE CVE CVE-2016-3841 page https://www.suse.com/security/cve/CVE-2016-3841/
CVE SUSE CVE CVE-2016-4997 page https://www.suse.com/security/cve/CVE-2016-4997/
CVE SUSE CVE CVE-2016-5195 page https://www.suse.com/security/cve/CVE-2016-5195/
CVE SUSE CVE CVE-2016-5696 page https://www.suse.com/security/cve/CVE-2016-5696/
CVE SUSE CVE CVE-2016-6480 page https://www.suse.com/security/cve/CVE-2016-6480/
CVE SUSE CVE CVE-2016-6828 page https://www.suse.com/security/cve/CVE-2016-6828/
CVE SUSE CVE CVE-2016-7425 page https://www.suse.com/security/cve/CVE-2016-7425/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date