openSUSE Security Update : the Linux Kernel (openSUSE-2015-879)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The Linux Kernel was updated to 4.1.13 and fixes the following
issues :

Security issues fixed :

- CVE-2015-8104: The KVM subsystem in the Linux kernel
allowed guest OS users to cause a denial of service
(host OS panic or hang) by triggering many #DB (aka
Debug) exceptions, related to svm.c.

- CVE-2015-5307: The KVM subsystem in the Linux kernel
allowed guest OS users to cause a denial of service
(host OS panic or hang) by triggering many #AC (aka
Alignment Check) exceptions, related to svm.c and vmx.c.

- CVE-2015-6937: The __rds_conn_create function in
net/rds/connection.c in the Linux kernel allowed local
users to cause a denial of service (NULL pointer
dereference and system crash) or possibly have
unspecified other impact by using a socket that was not
properly bound.

- CVE-2015-7990: A local denial of service due to an
incomplete fix of CVE-2015-6937 could lead to crashes
(local denial of service).

- CVE-2015-7799: The slhc_init function in
drivers/net/slip/slhc.c in the Linux kernel did not
ensure that certain slot numbers are valid, which
allowed local users to cause a denial of service (NULL
pointer dereference and system crash) via a crafted
PPPIOCSMAXCID ioctl call.

Bugs fixed :

- alsa: hda - apply hp headphone fixups more generically
(boo#954876).

- alsa: hda - add fixup for acer aspire one cloudbook 14
(boo#954876).

- alsa: hda - fix headphone noise after dell xps 13 resume
back from S3 (boo#954876).

- alsa: hda - fix noise on dell latitude e6440
(boo#954876).

- alsa: hda/hdmi - apply skylake fix-ups to broxton
display codec (boo#954647).

- alsa: hda - add codec id for broxton display audio codec
(boo#954647).

- alsa: hda/realtek - dell xps one alc3260 speaker no
sound after resume back (boo#954647).

- alsa: hda - yet another fix for dell headset mic with
alc3266 (boo#954647).

- alsa: hda - fix dell laptop for internal mic/headset mic
(boo#954647).

- alsa: hda - remove no physical connection pins from
pin_quirk table (boo#954647).

- alsa: hda - add pin quirk for the headset mic jack
detection on Dell laptop (boo#954647).

- alsa: hda - fix the headset mic that will not work on
dell desktop machine (boo#954647).

- alsa: hda - remove one pin from alc292_standard_pins
(boo#954647).

- alsa: hda - add dock support for thinkpad w541
(17aa:2211) (boo#954647).

- alsa: hda/realtek: enable hp amp and mute led on hp
folio 9480m [v3] (boo#954647).

- alsa: hda/realtek - support dell headset mode for alc298
(boo#954647).

- alsa: hda/realtek - support headset mode for alc298
(boo#954647).

- x86/evtchn: make use of physdevop_map_pirq.

- blktap: also call blkif_disconnect() when frontend
switched to closed (boo#952976).

- blktap: refine mm tracking (boo#952976).

- update xen patches to linux 4.1.13.

- Backport arm64 patches from sle12-sp1-arm.

- Backport pci-ea patches

- Enable drm_ast driver

- Fix thunderx edac store function

- Update arm64 config files. Align arm64 vanilla
configuration with default.

- rtlwifi: rtl8821ae: fix lockups on boot (boo#944978).

- ethernet/atheros/alx: add killer e2400 device id
(boo#955363).

- drm/i915: don't override output type for ddi hdmi
(boo#955190).

- drm/i915: set best_encoder field of connector_state also
when disabling (boo#955190).

- drm/i915: add hotplug activation period to hotplug
update mask (boo#955365).

- drm/i915: avoid race of intel_crt_detect_hotplug() with
hpd interrupt, v2 (boo#955365).

- drm/i915: shut up gen8+ sde irq dmesg noise
(boo#954757).

- ipv6: fix tunnel error handling (boo#952579).

- Update config files (boo#951533).

- iwlwifi: add new pci ids for the 8260 series
(boo#954421).

- iwlwifi: edit the 3165 series and 8000 series pci ids
(boo#954421).

- x86/efi-bgrt: switch pr_err() to pr_debug() for invalid
bgrt (boo#953559).

- x86/tsc: let high latency pit fail fast in
quick_pit_calibrate() (boo#953717).

- Backport arm64 patches from sle12-sp1-arm branch
Backports to fix Seattle xgbe driver. Fix EL2 page table
for systems with high amount of memory. Needed for KVM
to work. Convert WARN_ON in numa implementation to
pr_warn.

- input: elantech - add fujitsu lifebook u745 to force
crc_enabled (boo#883192).

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=883192
https://bugzilla.opensuse.org/show_bug.cgi?id=944978
https://bugzilla.opensuse.org/show_bug.cgi?id=945825
https://bugzilla.opensuse.org/show_bug.cgi?id=948758
https://bugzilla.opensuse.org/show_bug.cgi?id=949936
https://bugzilla.opensuse.org/show_bug.cgi?id=951533
https://bugzilla.opensuse.org/show_bug.cgi?id=952384
https://bugzilla.opensuse.org/show_bug.cgi?id=952579
https://bugzilla.opensuse.org/show_bug.cgi?id=952976
https://bugzilla.opensuse.org/show_bug.cgi?id=953527
https://bugzilla.opensuse.org/show_bug.cgi?id=953559
https://bugzilla.opensuse.org/show_bug.cgi?id=953717
https://bugzilla.opensuse.org/show_bug.cgi?id=954404
https://bugzilla.opensuse.org/show_bug.cgi?id=954421
https://bugzilla.opensuse.org/show_bug.cgi?id=954647
https://bugzilla.opensuse.org/show_bug.cgi?id=954757
https://bugzilla.opensuse.org/show_bug.cgi?id=954876
https://bugzilla.opensuse.org/show_bug.cgi?id=955190
https://bugzilla.opensuse.org/show_bug.cgi?id=955363
https://bugzilla.opensuse.org/show_bug.cgi?id=955365
https://bugzilla.opensuse.org/show_bug.cgi?id=956856

Solution :

Update the affected the Linux Kernel packages.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 87391 ()

Bugtraq ID:

CVE ID: CVE-2015-5307
CVE-2015-6937
CVE-2015-7799
CVE-2015-7990
CVE-2015-8104

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now