openSUSE Security Update : the Linux Kernel (openSUSE-2015-686)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE 13.2 kernel was updated to receive various security and
bugfixes.

Following security bugs were fixed :

- CVE-2015-3290: arch/x86/entry/entry_64.S in the Linux
kernel on the x86_64 platform improperly relied on
espfix64 during nested NMI processing, which allowed
local users to gain privileges by triggering an NMI
within a certain instruction window (bnc#937969)

- CVE-2015-0272: It was reported that it's possible to
craft a Router Advertisement message which will bring
the receiver in a state where new IPv6 connections will
not be accepted until correct Router Advertisement
message received. (bsc#944296).

- CVE-2015-5283: The sctp_init function in
net/sctp/protocol.c in the Linux kernel had an incorrect
sequence of protocol-initialization steps, which allowed
local users to cause a denial of service (panic or
memory corruption) by creating SCTP sockets before all
of the steps have finished (bnc#947155).

- CVE-2015-1333: Memory leak in the __key_link_end
function in security/keys/keyring.c in the Linux kernel
allowed local users to cause a denial of service (memory
consumption) via many add_key system calls that refer to
existing keys. (bsc#938645)

- CVE-2015-5707: Integer overflow in the sg_start_req
function in drivers/scsi/sg.c in the Linux kernel
allowed local users to cause a denial of service or
possibly have unspecified other impact via a large
iov_count value in a write request. (bsc#940338)

- CVE-2015-2925: An attacker could potentially break out
of a namespace or container, depending on if he had
specific rights in these containers. (bsc#926238).

- CVE-2015-7872: A vulnerability in keyrings garbage
collector allowed a local user to trigger an oops was
found, caused by using request_key() or keyctl request2.
(bsc#951440)

The following non-security bugs were fixed :

- input: evdev - do not report errors form flush()
(bsc#939834).

- NFSv4: Recovery of recalled read delegations is broken
(bsc#942178).

- apparmor: temporary work around for bug while unloading
policy (boo#941867).

- config/x86_64/ec2: Align CONFIG_STRICT_DEVMEM
CONFIG_STRICT_DEVMEM is enabled in every other kernel
flavor, so enable it for x86_64/ec2 as well.

- kernel-obs-build: add btrfs to initrd This is needed for
kiwi builds.

- mmc: card: Do not access RPMB partitions for normal
read/write (bnc#941104).

- netback: coalesce (guest) RX SKBs as needed
(bsc#919154).

- rpm/kernel-obs-build.spec.in: Add virtio_rng to the
initrd. This allows to feed some randomness to the OBS
workers.

- xfs: Fix file type directory corruption for btree
directories (bsc#941305).

- xfs: ensure buffer types are set correctly (bsc#941305).

- xfs: inode unlink does not set AGI buffer type
(bsc#941305).

- xfs: set buf types when converting extent formats
(bsc#941305).

- xfs: set superblock buffer type correctly (bsc#941305).

- xhci: Add spurious wakeup quirk for LynxPoint-LP
controllers (bnc#951195).

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=919154
https://bugzilla.opensuse.org/show_bug.cgi?id=926238
https://bugzilla.opensuse.org/show_bug.cgi?id=937969
https://bugzilla.opensuse.org/show_bug.cgi?id=938645
https://bugzilla.opensuse.org/show_bug.cgi?id=939834
https://bugzilla.opensuse.org/show_bug.cgi?id=940338
https://bugzilla.opensuse.org/show_bug.cgi?id=941104
https://bugzilla.opensuse.org/show_bug.cgi?id=941305
https://bugzilla.opensuse.org/show_bug.cgi?id=941867
https://bugzilla.opensuse.org/show_bug.cgi?id=942178
https://bugzilla.opensuse.org/show_bug.cgi?id=944296
https://bugzilla.opensuse.org/show_bug.cgi?id=947155
https://bugzilla.opensuse.org/show_bug.cgi?id=951195
https://bugzilla.opensuse.org/show_bug.cgi?id=951440

Solution :

Update the affected the Linux Kernel packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 86668 ()

Bugtraq ID:

CVE ID: CVE-2015-0272
CVE-2015-1333
CVE-2015-2925
CVE-2015-3290
CVE-2015-5283
CVE-2015-5707
CVE-2015-7872

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now