openSUSE Security Update : the Linux Kernel (openSUSE-2016-256)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE 13.2 kernel was updated to receive security and bugfixes.

It also fixes a regression that caused the Chromium sandbox to no
longer work (bsc#965356).

Following security bugs were fixed :

- CVE-2016-2069: A flaw was discovered in a way the Linux
deals with paging structures. When Linux invalidates a
paging structure that is not in use locally, it could,
in principle, race against another CPU that is switching
to a process that uses the paging structure in question,
causing a local denial service (machine crash).
(bnc#963767).

- CVE-2016-0723: Race condition in the tty_ioctl function
in drivers/tty/tty_io.c in the Linux kernel allowed
local users to obtain sensitive information from kernel
memory or cause a denial of service (use-after-free and
system crash) by making a TIOCGETD ioctl call during
processing of a TIOCSETD ioctl call (bnc#961500).

The following non-security bugs were fixed :

- Bluetooth: ath3k: workaround the compatibility issue
with xHCI controller (bnc#907378).

- kABI fix for addition of user_namespace.flags field
(bnc#965308, bnc#965356).

- userns: Add a knob to disable setgroups on a per user
namespace basis (bnc#965308, bnc#965356).

- userns: Allow setting gid_maps without privilege when
setgroups is disabled (bnc#965308, bnc#965356).

- userns: Rename id_map_mutex to userns_state_mutex
(bnc#965308, bnc#965356).

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=907378
https://bugzilla.opensuse.org/show_bug.cgi?id=961500
https://bugzilla.opensuse.org/show_bug.cgi?id=963767
https://bugzilla.opensuse.org/show_bug.cgi?id=965308
https://bugzilla.opensuse.org/show_bug.cgi?id=965356

Solution :

Update the affected the Linux Kernel packages.

Risk factor :

Medium / CVSS Base Score : 5.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 88927 ()

Bugtraq ID:

CVE ID: CVE-2016-0723
CVE-2016-2069

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now