openSUSE Security Update : the Linux Kernel (openSUSE-2016-1211) (Dirty COW)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE 13.1 kernel was updated to fix bugs and security issues.

The following security bugs were fixed :

- CVE-2016-8666: The IP stack in the Linux kernel allowed
remote attackers to cause a denial of service (stack
consumption and panic) or possibly have unspecified
other impact by triggering use of the GRO path for
packets with tunnel stacking, as demonstrated by
interleaved IPv4 headers and GRE headers, a related
issue to CVE-2016-7039 (bnc#1001486).

- CVE-2016-5195: A local privilege escalation using
MAP_PRIVATE was fixed, which is reportedly exploited in
the wild (bsc#1004418).

The following non-security bugs were fixed :

- sched/core: Fix a race between try_to_wake_up() and a
woken up task (bsc#1002165, bsc#1001419).

- sched/core: Fix an SMP ordering race in try_to_wake_up()
vs. schedule() (bnc#1001419).

- tunnels: Do not apply GRO to multiple layers of
encapsulation (bsc#1001486).

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1001419
https://bugzilla.opensuse.org/show_bug.cgi?id=1001486
https://bugzilla.opensuse.org/show_bug.cgi?id=1002165
https://bugzilla.opensuse.org/show_bug.cgi?id=1004418

Solution :

Update the affected the Linux Kernel packages.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 94239 ()

Bugtraq ID:

CVE ID: CVE-2016-5195
CVE-2016-7039
CVE-2016-8666

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now