openSUSE Security Update : the Linux Kernel (openSUSE-2017-286)

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE Leap 42.2 kernel was updated to 4.4.49 to receive various
security and bugfixes.

The following security bugs were fixed :

- CVE-2017-5986: A userlevel triggerable BUG_ON on
sctp_wait_for_sndbuf was fixed. (bsc#1025235)

- CVE-2017-5970: The ipv4_pktinfo_prepare function in
net/ipv4/ip_sockglue.c in the Linux kernel allowed
attackers to cause a denial of service (system crash)
via (1) an application that made crafted system calls or
possibly (2) IPv4 traffic with invalid IP options

- CVE-2017-5897: A potential remote denial of service
within the IPv6 GRE protocol was fixed. (bsc#1023762)

- CVE-2017-6074: The dccp_rcv_state_process function in
net/dccp/input.c in the Linux kernel mishandled
DCCP_PKT_REQUEST packet data structures in the LISTEN
state, which allowed local users to cause a denial of
service (invalid free) or possibly have unspecified
other impact via an application that makes an
IPV6_RECVPKTINFO setsockopt system call. (bsc#1026024).

The following non-security bugs were fixed :

- btrfs: fix btrfs_compat_ioctl failures on non-compat
ioctls (bsc#1018100).

- iwlwifi: Expose the default fallback ucode API to module
info (boo#1021082, boo#1023884).

- kabi: protect struct tcp_fastopen_cookie (kabi).

- md: ensure md devices are freed before module is
unloaded (bsc#1022304).

- md: Fix a regression reported by bsc#1020048 in
patch (bsc#982783,bsc#998106,bsc#1020048).

- net: ethtool: Initialize buffer when querying device
channel settings (bsc#969479 FATE#320634).

- net: implement netif_cond_dbg macro (bsc#1019168).

- sfc: reduce severity of PIO buffer alloc failures

- sfc: refactor debug-or-warnings printks (bsc#1019168).

- xfs_dmapi: fix the debug compilation of xfs_dmapi

- xfs: do not allow di_size with high bit set

- xfs: exclude never-released buffers from buftarg I/O
accounting (bsc#1024508).

- xfs: fix broken multi-fsb buffer logging (bsc#1024081).

- xfs: fix buffer overflow
dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).

- xfs: fix up xfs_swap_extent_forks inline extent handling

- xfs: track and serialize in-flight async buffers against
unmount (bsc#1024508).

- xfs: track and serialize in-flight async buffers against
unmount - kABI (bsc#1024508).

See also :

Solution :

Update the affected the Linux Kernel packages.

Risk factor :

High / CVSS Base Score : 7.5
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 97366 ()

Bugtraq ID:

CVE ID: CVE-2017-5897

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now