SUSE SLES12 Security Update : systemd (SUSE-SU-2016:2475-1)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote SUSE host is missing one or more security updates.

Description :

This update for systemd fixes the following security issue :

- CVE-2016-7796: A zero-length message received over
systemd's notification socket could make
manager_dispatch_notify_fd() return an error and, as a
side effect, disable the notification handler
completely. As the notification socket is
world-writable, this could have allowed a local user to
perform a denial-of-service attack against systemd.
(bsc#1001765) Additionally, the following non-security
fixes are included :

- Fix HMAC calculation when appending a data object to
journal. (bsc#1000435)

- Never accept file descriptors from file systems with
mandatory locking enabled. (bsc#954374)

- Do not warn about missing install info with 'preset'.
(bsc#970293)

- Save /run/systemd/users/UID before starting
[email protected] (bsc#996269)

- Make sure that /var/lib/systemd/sysv-convert/database is
always initialized. (bsc#982211)

- Remove daylight saving time handling and tzfile parser.
(bsc#990074)

- Make sure directory watch is started before cryptsetup.
(bsc#987173)

- Introduce sd_pid_notify() and sd_pid_notifyf() APIs.
(bsc#987857)

- Set KillMode=mixed for our daemons that fork worker
processes.

- Add nosuid and nodev options to tmp.mount.

- Don't start console-getty.service when /dev/console is
missing. (bsc#982251)

- Correct segmentation fault in udev/path_id due to
missing NULL check. (bsc#982210)

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.suse.com/1000435
https://bugzilla.suse.com/1001765
https://bugzilla.suse.com/954374
https://bugzilla.suse.com/970293
https://bugzilla.suse.com/982210
https://bugzilla.suse.com/982211
https://bugzilla.suse.com/982251
https://bugzilla.suse.com/987173
https://bugzilla.suse.com/987857
https://bugzilla.suse.com/990074
https://bugzilla.suse.com/996269
https://www.suse.com/security/cve/CVE-2016-7796.html
http://www.nessus.org/u?16f84457

Solution :

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server for SAP 12:zypper in -t patch
SUSE-SLE-SAP-12-2016-1447=1

SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch
SUSE-SLE-SERVER-12-2016-1447=1

To bring your system up-to-date, use 'zypper patch'.

Risk factor :

Medium / CVSS Base Score : 4.9
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 4.0
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 93936 ()

Bugtraq ID:

CVE ID: CVE-2016-7796

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now