openSUSE Security Update : the Linux Kernel (openSUSE-2016-869)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE Leap 42.1 was updated to 4.1.27 to receive various
security and bugfixes.

The following security bugs were fixed :

- CVE-2016-4997: A buffer overflow in 32bit
compat_setsockopt iptables handling could lead to a
local privilege escalation. (bsc#986362)

- CVE-2016-5829: Multiple heap-based buffer overflows in
the hiddev_ioctl_usage function in
drivers/hid/usbhid/hiddev.c in the Linux kernel allow
local users to cause a denial of service or possibly
have unspecified other impact via a crafted (1)
HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call
(bnc#986572).

- CVE-2016-4470: The key_reject_and_link function in
security/keys/key.c in the Linux kernel did not ensure
that a certain data structure is initialized, which
allowed local users to cause a denial of service (system
crash) via vectors involving a crafted keyctl request2
command (bnc#984755).

- CVE-2016-4794: Use-after-free vulnerability in
mm/percpu.c in the Linux kernel allowed local users to
cause a denial of service (BUG) or possibly have
unspecified other impact via crafted use of the mmap and
bpf system calls (bnc#980265).

The following non-security bugs were fixed :

- Refresh patches.xen/xen-netback-coalesce: Restore
copying of SKBs with head exceeding page size
(bsc#978469).

- Refresh patches.xen/xen3-patch-2.6.26 (fix PAT
initialization).

- Refresh patches.xen/xen3-patch-2.6.39 (fix ia32_compat
inheritance).

- Refresh patches.xen/xen3-patch-3.14: Suppress atomic
file position updates for /proc/xen/xenbus (bsc#970275).

- Refresh patches.xen/xen3-patch-3.16 (drop redundant
addition of a comment).

- Refresh patches.xen/xen3-patch-4.1.7-8.

- base: make module_create_drivers_dir race-free
(bnc#983977).

- ipvs: count pre-established TCP states as active
(bsc#970114).

- net: thunderx: Fix TL4 configuration for secondary Qsets
(bsc#986530).

- net: thunderx: Fix link status reporting (bsc#986530).

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=970114
https://bugzilla.opensuse.org/show_bug.cgi?id=970275
https://bugzilla.opensuse.org/show_bug.cgi?id=978469
https://bugzilla.opensuse.org/show_bug.cgi?id=980265
https://bugzilla.opensuse.org/show_bug.cgi?id=983977
https://bugzilla.opensuse.org/show_bug.cgi?id=984755
https://bugzilla.opensuse.org/show_bug.cgi?id=986362
https://bugzilla.opensuse.org/show_bug.cgi?id=986530
https://bugzilla.opensuse.org/show_bug.cgi?id=986572

Solution :

Update the affected the Linux Kernel packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 92308 ()

Bugtraq ID:

CVE ID: CVE-2016-4470
CVE-2016-4794
CVE-2016-4997
CVE-2016-5829

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now