openSUSE Security Update : the Linux Kernel (openSUSE-2017-929)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE Leap 42.2 kernel was updated to receive various security
and bugfixes.

The following security bugs were fixed :

- CVE-2017-1000111: Fixed a race condition in net-packet
code that could be exploited to cause out-of-bounds
memory access (bsc#1052365).

- CVE-2017-1000112: Fixed a race condition in net-packet
code that could have been exploited by unprivileged
users to gain root access. (bsc#1052311).

- CVE-2017-8831: The saa7164_bus_get function in
drivers/media/pci/saa7164/saa7164-bus.c in the Linux
kernel allowed local users to cause a denial of service
(out-of-bounds array access) or possibly have
unspecified other impact by changing a certain
sequence-number value, aka a 'double fetch'
vulnerability (bnc#1037994).

The following non-security bugs were fixed :

- IB/hfi1: Wait for QSFP modules to initialize
(bsc#1019151).

- bcache: force trigger gc (bsc#1038078).

- bcache: only recovery I/O error for writethrough mode
(bsc#1043652).

- block: do not allow updates through sysfs until
registration completes (bsc#1047027).

- ibmvnic: Check for transport event on driver resume
(bsc#1051556, bsc#1052709).

- ibmvnic: Initialize SCRQ's during login renegotiation
(bsc#1052223).

- ibmvnic: Report rx buffer return codes as netdev_dbg
(bsc#1052794).

- iommu/amd: Fix schedule-while-atomic BUG in
initialization code (bsc1052533).

- libnvdimm, pmem: fix a NULL pointer BUG in
nd_pmem_notify (bsc#1023175).

- libnvdimm: fix badblock range handling of ARS range
(bsc#1023175).

- qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773,
LTC#157374).

- scsi_devinfo: fixup string compare (bsc#1037404).

- scsi_dh_alua: suppress errors from unsupported devices
(bsc#1038792).

- vfs: fix missing inode_get_dev sites (bsc#1052049).

- x86/dmi: Switch dmi_remap() from ioremap() to
ioremap_cache() (bsc#1051399).

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1019151
https://bugzilla.opensuse.org/show_bug.cgi?id=1023175
https://bugzilla.opensuse.org/show_bug.cgi?id=1037404
https://bugzilla.opensuse.org/show_bug.cgi?id=1037994
https://bugzilla.opensuse.org/show_bug.cgi?id=1038078
https://bugzilla.opensuse.org/show_bug.cgi?id=1038792
https://bugzilla.opensuse.org/show_bug.cgi?id=1043652
https://bugzilla.opensuse.org/show_bug.cgi?id=1047027
https://bugzilla.opensuse.org/show_bug.cgi?id=1051399
https://bugzilla.opensuse.org/show_bug.cgi?id=1051556
https://bugzilla.opensuse.org/show_bug.cgi?id=1052049
https://bugzilla.opensuse.org/show_bug.cgi?id=1052223
https://bugzilla.opensuse.org/show_bug.cgi?id=1052311
https://bugzilla.opensuse.org/show_bug.cgi?id=1052365
https://bugzilla.opensuse.org/show_bug.cgi?id=1052533
https://bugzilla.opensuse.org/show_bug.cgi?id=1052709
https://bugzilla.opensuse.org/show_bug.cgi?id=1052773
https://bugzilla.opensuse.org/show_bug.cgi?id=1052794

Solution :

Update the affected the Linux Kernel packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 102509 ()

Bugtraq ID:

CVE ID: CVE-2017-1000111
CVE-2017-1000112
CVE-2017-8831

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now