Oval Definition:oval:org.opensuse.security:def:78389
Revision Date:2015-12-17Version:1
Title:Security update for the Linux Kernel (Important)
Description:



The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.51 to receive various security and bugfixes.

Following features were added: - hwrng: Add a driver for the hwrng found in power7+ systems (fate#315784).

Following security bugs were fixed: - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel did not validate attempted changes to the MTU value, which allowed context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. (bsc#955354) - CVE-2015-5156: The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel attempted to support a FRAGLIST feature without proper memory allocation, which allowed guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets (bnc#940776). - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440). - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936). - CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux kernel did not properly handle rename actions inside a bind mount, which allowed local users to bypass an intended container protection mechanism by renaming a directory, related to a 'double-chroot attack (bnc#926238). - CVE-2015-7990: RDS: Verify the underlying transport exists before creating a connection, preventing possible DoS (bsc#952384).

The following non-security bugs were fixed: - af_iucv: avoid path quiesce of severed path in shutdown() (bnc#954986, LTC#131684). - alsa: hda - Disable 64bit address for Creative HDA controllers (bnc#814440). - alsa: hda - Fix noise problems on Thinkpad T440s (boo#958504). - alsa: hda - Fix noise problems on Thinkpad T440s (boo#958504). - apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task (bsc#921949). - audit: correctly record file names with different path name types (bsc#950013). - audit: create private file name copies when auditing inodes (bsc#950013). - bcache: Add btree_insert_node() (bnc#951638). - bcache: Add explicit keylist arg to btree_insert() (bnc#951638). - bcache: backing device set to clean after finishing detach (bsc#951638). - bcache: backing device set to clean after finishing detach (bsc#951638). - bcache: Clean up keylist code (bnc#951638). - bcache: Convert btree_insert_check_key() to btree_insert_node() (bnc#951638). - bcache: Convert bucket_wait to wait_queue_head_t (bnc#951638). - bcache: Convert try_wait to wait_queue_head_t (bnc#951638). - bcache: Explicitly track btree node's parent (bnc#951638). - bcache: Fix a bug when detaching (bsc#951638). - bcache: Fix a lockdep splat in an error path (bnc#951638). - bcache: Fix a shutdown bug (bsc#951638). - bcache: Fix more early shutdown bugs (bsc#951638). - bcache: Fix sysfs splat on shutdown with flash only devs (bsc#951638). - bcache: Insert multiple keys at a time (bnc#951638). - bcache: kill closure locking usage (bnc#951638). - bcache: Refactor journalling flow control (bnc#951638). - bcache: Refactor request_write() (bnc#951638). - bcache: Use blkdev_issue_discard() (bnc#951638). - btrfs: Adjust commit-transaction condition to avoid NO_SPACE more (bsc#958647). - btrfs: Adjust commit-transaction condition to avoid NO_SPACE more (bsc#958647). - btrfs: cleanup: remove no-used alloc_chunk in btrfs_check_data_free_space() (bsc#958647). - btrfs: cleanup: remove no-used alloc_chunk in btrfs_check_data_free_space() (bsc#958647). - btrfs: fix condition of commit transaction (bsc#958647). - btrfs: fix condition of commit transaction (bsc#958647). - btrfs: fix file corruption and data loss after cloning inline extents (bnc#956053). - btrfs: Fix out-of-space bug (bsc#958647). - btrfs: Fix out-of-space bug (bsc#958647). - btrfs: Fix tail space processing in find_free_dev_extent() (bsc#958647). - btrfs: Fix tail space processing in find_free_dev_extent() (bsc#958647). - btrfs: fix the number of transaction units needed to remove a block group (bsc#958647). - btrfs: fix the number of transaction units needed to remove a block group (bsc#958647). - btrfs: fix truncation of compressed and inlined extents (bnc#956053). - btrfs: Set relative data on clear btrfs_block_group_cache->pinned (bsc#958647). - btrfs: Set relative data on clear btrfs_block_group_cache->pinned (bsc#958647). - btrfs: use global reserve when deleting unused block group after ENOSPC (bsc#958647). - btrfs: use global reserve when deleting unused block group after ENOSPC (bsc#958647). - cache: Fix sysfs splat on shutdown with flash only devs (bsc#951638). - cpu: Defer smpboot kthread unparking until CPU known to scheduler (bsc#936773). - cpusets, isolcpus: exclude isolcpus from load balancing in cpusets (bsc#957395). - cxgb4i: Increased the value of MAX_IMM_TX_PKT_LEN from 128 to 256 bytes (bsc#950580). - dlm: make posix locks interruptible, (bsc#947241). - dmapi: Fix xfs dmapi to not unlock & lock XFS_ILOCK_EXCL (bsc#949744). - dm: do not start current request if it would've merged with the previous (bsc#904348). - dm: impose configurable deadline for dm_request_fn's merge heuristic (bsc#904348). - dm-snap: avoid deadock on s->lock when a read is split (bsc#939826). - dm sysfs: introduce ability to add writable attributes (bsc#904348). - drm: Allocate new master object when client becomes master (bsc#956876, bsc#956801). - drm: Fix KABI of 'struct drm_file' (bsc#956876, bsc#956801). - drm/i915: add hotplug activation period to hotplug update mask (bsc#953980). - drm/i915: clean up backlight conditional build (bsc#941113). - drm/i915: debug print on backlight register (bsc#941113). - drm/i915: do full backlight setup at enable time (bsc#941113). - drm/i915: do not save/restore backlight registers in KMS (bsc#941113). - drm/i915: Eliminate lots of WARNs when there's no backlight present (bsc#941113). - drm/i915: fix gen2-gen3 backlight set (bsc#941113,bsc#953971). - drm/i915: Fix gen3 self-refresh watermarks (bsc#953830,bsc#953971). - drm/i915: Fix missing backlight update during panel disablement (bsc#941113). - drm/i915: Fix SRC_COPY width on 830/845g (bsc#758040). - drm/i915: gather backlight information at setup (bsc#941113). - drm/i915: handle backlight through chip specific functions (bsc#941113). - drm/i915: Ignore 'digital output' and 'not HDMI output' bits for eDP detection (bsc#949192). - drm/i915: make asle notifications update backlight on all connectors (bsc#941113). - drm/i915: make backlight info per-connector (bsc#941113). - drm/i915: move backlight level setting in enable/disable to hooks (bsc#941113). - drm/i915: move opregion asle request handling to a work queue (bsc#953826). - drm/i915: nuke get max backlight functions (bsc#941113). - drm/i915/opregion: fix build error on CONFIG_ACPI=n (bsc#953826). - drm/i915: restore backlight precision when converting from ACPI (bsc#941113). - drm/i915/tv: add ->get_config callback (bsc#953830). - drm/i915: use backlight legacy combination mode also for i915gm/i945gm (bsc#941113). - drm/i915: use the initialized backlight max value instead of reading it (bsc#941113). - drm/i915: vlv does not have pipe field in backlight registers (bsc#941113). - fanotify: fix notification of groups with inode & mount marks (bsc#955533). - Fix remove_and_add_spares removes drive added as spare in slot_store (bsc#956717). - genksyms: Handle string literals with spaces in reference files (bsc#958510). - genksyms: Handle string literals with spaces in reference files (bsc#958510). - hwrng: Add a driver for the hwrng found in power7+ systems (fate#315784). in the non-RT kernel to minimize the differences. - ipv4: Do not increase PMTU with Datagram Too Big message (bsc#955224). - ipv6: distinguish frag queues by device for multicast and link-local packets (bsc#955422). - ixgbe: fix broken PFC with X550 (bsc#951864). - ixgbe: use correct fcoe ddp max check (bsc#951864). - kabi: Fix spurious kabi change in mm/util.c. - kABI: protect struct ahci_host_priv. - kabi: Restore kabi in struct iscsi_tpg_attrib (bsc#954635). - kabi: Restore kabi in struct se_cmd (bsc#954635). - kabi: Restore kabi in struct se_subsystem_api (bsc#954635). - ktime: add ktime_after and ktime_before helper (bsc#904348). - mm: factor commit limit calculation (VM Performance). - mm: get rid of 'vmalloc_info' from /proc/meminfo (VM Performance). - mm: hugetlbfs: skip shared VMAs when unmapping private pages to satisfy a fault (Automatic NUMA Balancing (fate#315482)). - mm: remove PG_waiters from PAGE_FLAGS_CHECK_AT_FREE (bnc#943959). - mm: vmscan: never isolate more pages than necessary (VM Performance). - Move ktime_after patch to the networking section - nfsrdma: Fix regression in NFSRDMA server (bsc#951110). - pci: Drop 'setting latency timer' messages (bsc#956047). - pci: Update VPD size with correct length (bsc#924493). - perf/x86/intel/uncore: Delete an unnecessary check before pci_dev_put() call (bsc#955136). - perf/x86/intel/uncore: Delete an unnecessary check before pci_dev_put() call (bsc#955136). - perf/x86/intel/uncore: Fix multi-segment problem of perf_event_intel_uncore (bsc#955136). - perf/x86/intel/uncore: Fix multi-segment problem of perf_event_intel_uncore (bsc#955136). - pm, hinernate: use put_page in release_swap_writer (bnc#943959). - rcu: Eliminate deadlock between CPU hotplug and expedited grace periods (bsc#949706). - Re-add copy_page_vector_to_user() - ring-buffer: Always run per-cpu ring buffer resize with schedule_work_on() (bnc#956711). - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224). - rpm/constraints.in: Require 14GB worth of disk space on POWER The builds started to fail randomly due to ENOSPC errors. - rpm/kernel-binary.spec.in: Always build zImage for ARM - rpm/kernel-binary.spec.in: Do not explicitly set DEBUG_SECTION_MISMATCH CONFIG_DEBUG_SECTION_MISMATCH is a selectable Kconfig option since 2.6.39 and is enabled in our configs. - rpm/kernel-binary.spec.in: Drop the %build_src_dir macro It is the parent directory of the O= directory. - rpm/kernel-binary.spec.in: really pass down %{?_smp_mflags} - rpm/kernel-binary.spec.in: Use parallel make in all invocations Also, remove the lengthy comment, since we are using a standard rpm macro now. - rpm/kernel-binary.spec.in: Use upstream script to support config.addon - s390/dasd: fix disconnected device with valid path mask (bnc#954986, LTC#132707). - s390/dasd: fix invalid PAV assignment after suspend/resume (bnc#954986, LTC#132706). - s390/dasd: fix list_del corruption after lcu changes (bnc#954986, LTC#133077). - sched: Call select_idle_sibling() when not affine_sd (Scheduler Performance). - sched/core: Fix task and run queue sched_info::run_delay inconsistencies (bnc#949100). - sched, isolcpu: make cpu_isolated_map visible outside scheduler (bsc#957395). - sched/numa: Check all nodes when placing a pseudo-interleaved group (Automatic NUMA Balancing (fate#315482)). - sched/numa: Fix math underflow in task_tick_numa() (Automatic NUMA Balancing (fate#315482)). - sched/numa: Only consider less busy nodes as numa balancing destinations (Automatic NUMA Balancing (fate#315482)). - sched: Put expensive runtime debugging checks under a separate Kconfig entry (Scheduler performance). - scsi: hosts: update to use ida_simple for host_no (bsc#939926) - sunrpc/cache: make cache flushing more reliable (bsc#947478). - sunrpc: Fix oops when trace sunrpc_task events in nfs client (bnc#956703). - supported.conf: Support peak_pci and sja1000: These 2 CAN drivers are supported in the RT kernel for a long time so we can also support them - target/pr: fix core_scsi3_pr_seq_non_holder() caller (bnc#952666). - target: Send UA upon LUN RESET tmr completion (bsc#933514). - target: use 'se_dev_entry' when allocating UAs (bsc#933514). - Update config files. (bnc#955644) - Update kabi files with sbc_parse_cdb symbol change (bsc#954635). - usbvision fix overflow of interfaces array (bnc#950998). - vmxnet3: adjust ring sizes when interface is down (bsc#950750). - vmxnet3: Fix ethtool -S to return correct rx queue stats (bsc#950750). - x86/efi: Fix invalid parameter error when getting hibernation key (fate#316350, bsc#956284). - x86/evtchn: make use of PHYSDEVOP_map_pirq. - x86/mm: Add parenthesis for TLB tracepoint size calculation (VM Performance (Reduce IPIs during reclaim)). - x86/mm/hotplug: Modify PGD entry when removing memory (VM Functionality, bnc#955148). - x86/mm/hotplug: Pass sync_global_pgds() a correct argument in remove_pagetable() (VM Functionality, bnc#955148). - x86/tsc: Let high latency PIT fail fast in quick_pit_calibrate() (bsc#953717). - xen: fix boot crash in EC2 settings (bsc#956147). - xen: refresh patches.xen/xen-x86_64-m2p-strict (bsc#956147). - xen: Update Xen patches to 3.12.50. - xfs: always drain dio before extending aio write submission (bsc#949744). - xfs: DIO needs an ioend for writes (bsc#949744). - xfs: DIO write completion size updates race (bsc#949744). - xfs: DIO writes within EOF do not need an ioend (bsc#949744). - xfs: direct IO EOF zeroing needs to drain AIO (bsc#949744). - xfs: do not allocate an ioend for direct I/O completions (bsc#949744). - xfs: factor DIO write mapping from get_blocks (bsc#949744). - xfs: handle DIO overwrite EOF update completion correctly (bsc#949744). - xfs: move DIO mapping size calculation (bsc#949744). - xfs: using generic_file_direct_write() is unnecessary (bsc#949744). - xhci: Add spurious wakeup quirk for LynxPoint-LP controllers (bnc#951165). - xhci: Workaround to get Intel xHCI reset working more reliably (bnc#957546). - zfcp: fix fc_host port_type with NPIV (bnc#954986, LTC#132479).
Family:unixClass:patch
Status:Reference(s):758040
814440
904348
921949
924493
926238
933514
936773
939826
939926
940776
941113
941202
943959
944296
947241
947478
949100
949192
949706
949744
949936
950013
950580
950750
950998
951110
951165
951440
951638
951864
952384
952666
953717
953826
953830
953971
953980
954635
954986
955136
955148
955224
955354
955422
955533
955644
956047
956053
956147
956284
956703
956711
956717
956801
956876
957395
957546
958504
958510
958647
CVE-2015-0272
CVE-2015-2925
CVE-2015-5156
CVE-2015-7799
CVE-2015-7872
CVE-2015-7990
CVE-2015-8215
SUSE-SU-2015:2292-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • kernel-default-3.12.51-60.20.2 is installed
  • OR kernel-default-devel-3.12.51-60.20.2 is installed
  • OR kernel-default-extra-3.12.51-60.20.2 is installed
  • OR kernel-devel-3.12.51-60.20.2 is installed
  • OR kernel-macros-3.12.51-60.20.2 is installed
  • OR kernel-source-3.12.51-60.20.2 is installed
  • OR kernel-syms-3.12.51-60.20.2 is installed
  • OR kernel-xen-3.12.51-60.20.2 is installed
  • OR kernel-xen-devel-3.12.51-60.20.2 is installed
  • BACK