openSUSE Security Update : the Linux Kernel (openSUSE-2017-287)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE Leap 42.1 kernel was updated to receive various security
and bugfixes.

The following security bugs were fixed :

- CVE-2017-6074: The dccp_rcv_state_process function in
net/dccp/input.c in the Linux kernel mishandled
DCCP_PKT_REQUEST packet data structures in the LISTEN
state, which allowed local users to cause a denial of
service (invalid free) or possibly have unspecified
other impact via an application that made an
IPV6_RECVPKTINFO setsockopt system call (bnc#1026024).

- CVE-2017-5986: Race condition in the
sctp_wait_for_sndbuf function in net/sctp/socket.c in
the Linux kernel allowed local users to cause a denial
of service (assertion failure and panic) via a
multithreaded application that peels off an association
in a certain buffer-full state (bnc#1025235).

- CVE-2017-5970: The ipv4_pktinfo_prepare function in
net/ipv4/ip_sockglue.c in the Linux kernel allowed
attackers to cause a denial of service (system crash)
via (1) an application that made crafted system calls or
possibly (2) IPv4 traffic with invalid IP options
(bnc#1024938).

- CVE-2017-5897: A potential remote denial of service
within the IPv6 GRE protocol was fixed. (bsc#1023762)

The following non-security bugs were fixed :

- btrfs: support NFSv2 export (bnc#929871).

- btrfs: Direct I/O: Fix space accounting (bsc#1025058).

- btrfs: add RAID 5/6 BTRFS_RBIO_REBUILD_MISSING operation
(bsc#1025069).

- btrfs: bail out if block group has different mixed flag
(bsc#1025072).

- btrfs: be more precise on errors when getting an inode
from disk (bsc#981038).

- btrfs: check pending chunks when shrinking fs to avoid
corruption (bnc#936445).

- btrfs: check prepare_uptodate_page() error code earlier
(bnc#966910).

- btrfs: do not BUG() during drop snapshot (bsc#1025076).

- btrfs: do not collect ordered extents when logging that
inode exists (bsc#977685).

- btrfs: do not initialize a space info as full to prevent
ENOSPC (bnc#944001).

- btrfs: do not leak reloc root nodes on error
(bsc#1025074).

- btrfs: fix block group ->space_info NULL pointer
dereference (bnc#935088).

- btrfs: fix chunk allocation regression leading to
transaction abort (bnc#938550).

- btrfs: fix crash on close_ctree() if cleaner starts new
transaction (bnc#938891).

- btrfs: fix deadlock between direct IO reads and buffered
writes (bsc#973855).

- btrfs: fix deadlock between direct IO write and
defrag/readpages (bnc#965344).

- btrfs: fix device replace of a missing RAID 5/6 device
(bsc#1025057).

- btrfs: fix empty symlink after creating symlink and
fsync parent dir (bsc#977685).

- btrfs: fix extent accounting for partial direct IO
writes (bsc#1025062).

- btrfs: fix file corruption after cloning inline extents
(bnc#942512).

- btrfs: fix file loss on log replay after renaming a file
and fsync (bsc#977685).

- btrfs: fix file read corruption after extent cloning and
fsync (bnc#946902).

- btrfs: fix fitrim discarding device area reserved for
boot loader's use (bsc#904489).

- btrfs: fix for incorrect directory entries after fsync
log replay (bsc#957805, bsc#977685).

- btrfs: fix hang when failing to submit bio of directIO
(bnc#942685).

- btrfs: fix incremental send failure caused by balance
(bsc#985850).

- btrfs: fix invalid page accesses in extent_same (dedup)
ioctl (bnc#968230).

- btrfs: fix listxattrs not listing all xattrs packed in
the same item (bsc#1025063).

- btrfs: fix loading of orphan roots leading to BUG_ON
(bsc#972844).

- btrfs: fix memory corruption on failure to submit bio
for direct IO (bnc#942685).

- btrfs: fix memory leak in do_walk_down (bsc#1025075).

- btrfs: fix memory leak in reading btree blocks
(bsc#1025071).

- btrfs: fix order by which delayed references are run
(bnc#949440).

- btrfs: fix page reading in extent_same ioctl leading to
csum errors (bnc#968230).

- btrfs: fix qgroup rescan worker initialization
(bsc#1025077).

- btrfs: fix qgroup sanity tests (bnc#951615).

- btrfs: fix race between balance and unused block group
deletion (bnc#938892).

- btrfs: fix race between fsync and lockless direct IO
writes (bsc#977685).

- btrfs: fix race waiting for qgroup rescan worker
(bnc#960300).

- btrfs: fix regression running delayed references when
using qgroups (bnc#951615).

- btrfs: fix regression when running delayed references
(bnc#951615).

- btrfs: fix relocation incorrectly dropping data
references (bsc#990384).

- btrfs: fix shrinking truncate when the no_holes feature
is enabled (bsc#1025053).

- btrfs: fix sleeping inside atomic context in qgroup
rescan worker (bnc#960300).

- btrfs: fix stale dir entries after removing a link and
fsync (bnc#942925).

- btrfs: fix unreplayable log after snapshot delete +
parent dir fsync (bsc#977685).

- btrfs: fix warning in backref walking (bnc#966278).

- btrfs: fix warning of bytes_may_use (bsc#1025065).

- btrfs: fix wrong check for btrfs_force_chunk_alloc()
(bnc#938550).

- btrfs: handle quota reserve failure properly
(bsc#1005666).

- btrfs: incremental send, check if orphanized dir inode
needs delayed rename (bsc#1025049).

- btrfs: incremental send, do not delay directory renames
unnecessarily (bsc#1025048).

- btrfs: incremental send, fix clone operations for
compressed extents (fate#316463).

- btrfs: incremental send, fix premature rmdir operations
(bsc#1025064).

- btrfs: keep dropped roots in cache until transaction
commit (bnc#935087, bnc#945649, bnc#951615).

- btrfs: remove misleading handling of missing device
scrub (bsc#1025055).

- btrfs: remove unnecessary locking of cleaner_mutex to
avoid deadlock (bsc#904489).

- btrfs: return gracefully from balance if fs tree is
corrupted (bsc#1025073).

- btrfs: send, do not bug on inconsistent snapshots
(bsc#985850).

- btrfs: send, fix corner case for reference overwrite
detection (bsc#1025080).

- btrfs: send, fix file corruption due to incorrect
cloning operations (bsc#1025060).

- btrfs: set UNWRITTEN for prealloc'ed extents in fiemap
(bsc#1025047).

- btrfs: test_check_exists: Fix infinite loop when
searching for free space entries (bsc#987192).

- btrfs: use btrfs_get_fs_root in resolve_indirect_ref
(bnc#935087, bnc#945649).

- btrfs: use received_uuid of parent during send
(bsc#1025051).

- btrfs: wake up extent state waiters on unlock through
clear_extent_bits (bsc#1025050).

- btrfs: Add handler for invalidate page (bsc#963193).

- btrfs: Add qgroup tracing (bnc#935087, bnc#945649).

- btrfs: Avoid truncate tailing page if fallocate range
does not exceed inode size (bsc#1025059).

- btrfs: Continue write in case of can_not_nocow
(bsc#1025070).

- btrfs: Ensure proper sector alignment for
btrfs_free_reserved_data_space (bsc#1005666).

- btrfs: Export and move leaf/subtree qgroup helpers to
qgroup.c (bsc#983087).

- btrfs: Fix a data space underflow warning (bsc#985562,
bsc#975596, bsc#984779).

- btrfs: Handle unaligned length in extent_same
(bsc#937609).

- btrfs: abort transaction on btrfs_reloc_cow_block()
(bsc#1025081).

- btrfs: add missing discards when unpinning extents with
-o discard (bsc#904489).

- btrfs: advertise which crc32c implementation is being
used on mount (bsc#946057).

- btrfs: allow dedupe of same inode (bsc#1025067).

- btrfs: backref: Add special time_seq == (u64)-1 case for
btrfs_find_all_roots() (bnc#935087, bnc#945649).

- btrfs: backref: Do not merge refs which are not for same
block (bnc#935087, bnc#945649).

- btrfs: btrfs_issue_discard ensure offset/length are
aligned to sector boundaries (bsc#904489).

- btrfs: change max_inline default to 2048 (bsc#949472).

- btrfs: delayed-ref: Cleanup the unneeded functions
(bnc#935087, bnc#945649).

- btrfs: delayed-ref: Use list to replace the ref_root in
ref_head (bnc#935087, bnc#945649).

- btrfs: delayed-ref: double free in
btrfs_add_delayed_tree_ref() (bsc#1025079).

- btrfs: delayed_ref: Add new function to record reserved
space into delayed ref (bsc#963193).

- btrfs: delayed_ref: release and free qgroup reserved at
proper timing (bsc#963193).

- btrfs: disable defrag of tree roots.

- btrfs: do not create or leak aliased root while cleaning
up orphans (bsc#994881).

- btrfs: do not update mtime/ctime on deduped inodes
(bsc#937616).

- btrfs: explictly delete unused block groups in
close_ctree and ro-remount (bsc#904489).

- btrfs: extent-tree: Add new version of
btrfs_check_data_free_space and
btrfs_free_reserved_data_space (bsc#963193).

- btrfs: extent-tree: Add new version of
btrfs_delalloc_reserve/release_space (bsc#963193).

- btrfs: extent-tree: Switch to new check_data_free_space
and free_reserved_data_space (bsc#963193).

- btrfs: extent-tree: Switch to new delalloc space reserve
and release (bsc#963193).

- btrfs: extent-tree: Use ref_node to replace unneeded
parameters in __inc_extent_ref() and __free_extent()
(bnc#935087, bnc#945649).

- btrfs: extent_io: Introduce needed structure for
recoding set/clear bits (bsc#963193).

- btrfs: extent_io: Introduce new function
clear_record_extent_bits() (bsc#963193).

- btrfs: extent_io: Introduce new function
set_record_extent_bits (bsc#963193).

- btrfs: fallocate: Add support to accurate qgroup reserve
(bsc#963193).

- btrfs: fix btrfs_compat_ioctl failures on non-compat
ioctls (bsc#1018100).

- btrfs: fix clone / extent-same deadlocks (bsc#937612).

- btrfs: fix deadlock with extent-same and readpage
(bsc#937612).

- btrfs: fix resending received snapshot with parent
(bsc#1025061).

- btrfs: handle non-fatal errors in btrfs_qgroup_inherit()
(bsc#972951).

- btrfs: increment ctx->pos for every emitted or skipped
dirent in readdir (bsc#981709).

- btrfs: iterate over unused chunk space in FITRIM
(bsc#904489).

- btrfs: make btrfs_issue_discard return bytes discarded
(bsc#904489).

- btrfs: make file clone aware of fatal signals
(bsc#1015787).

- btrfs: pass unaligned length to btrfs_cmp_data()
(bsc#937609).

- btrfs: properly track when rescan worker is running
(bsc#989953).

- btrfs: provide super_operations->inode_get_dev
(bsc#927455).

- btrfs: qgroup: Add function qgroup_update_counters()
(bnc#935087, bnc#945649).

- btrfs: qgroup: Add function qgroup_update_refcnt()
(bnc#935087, bnc#945649).

- btrfs: qgroup: Add handler for NOCOW and inline
(bsc#963193).

- btrfs: qgroup: Add new function to record old_roots
(bnc#935087, bnc#945649).

- btrfs: qgroup: Add new qgroup calculation function
btrfs_qgroup_account_extents() (bnc#935087, bnc#945649).

- btrfs: qgroup: Add new trace point for qgroup data
reserve (bsc#963193).

- btrfs: qgroup: Add the ability to skip given qgroup for
old/new_roots (bnc#935087, bnc#945649).

- btrfs: qgroup: Avoid calling
btrfs_free_reserved_data_space in clear_bit_hook
(bsc#963193).

- btrfs: qgroup: Check if qgroup reserved space leaked
(bsc#963193).

- btrfs: qgroup: Cleanup old inaccurate facilities
(bsc#963193).

- btrfs: qgroup: Cleanup open-coded old/new_refcnt update
and read (bnc#935087, bnc#945649).

- btrfs: qgroup: Cleanup the old ref_node-oriented
mechanism (bnc#935087, bnc#945649).

- btrfs: qgroup: Do not copy extent buffer to do qgroup
rescan (bnc#960300).

- btrfs: qgroup: Fix a race in delayed_ref which leads to
abort trans (bsc#963193).

- btrfs: qgroup: Fix a rebase bug which will cause qgroup
double free (bsc#963193).

- btrfs: qgroup: Fix a regression in qgroup reserved space
(bnc#935087, bnc#945649).

- btrfs: qgroup: Fix qgroup accounting when creating
snapshot (bsc#972993).

- btrfs: qgroup: Fix qgroup data leaking by using subtree
tracing (bsc#983087).

- btrfs: qgroup: Introduce btrfs_qgroup_reserve_data
function (bsc#963193).

- btrfs: qgroup: Introduce functions to release/free
qgroup reserve data space (bsc#963193).

- btrfs: qgroup: Introduce new functions to reserve/free
metadata (bsc#963193).

- btrfs: qgroup: Make snapshot accounting work with new
extent-oriented qgroup (bnc#935087, bnc#945649).

- btrfs: qgroup: Record possible quota-related extent for
qgroup (bnc#935087, bnc#945649).

- btrfs: qgroup: Switch rescan to new mechanism
(bnc#935087, bnc#945649).

- btrfs: qgroup: Switch self test to extent-oriented
qgroup mechanism (bnc#935087, bnc#945649).

- btrfs: qgroup: Switch to new extent-oriented qgroup
mechanism (bnc#935087, bnc#945649).

- btrfs: qgroup: Use new metadata reservation
(bsc#963193).

- btrfs: qgroup: account shared subtree during snapshot
delete (bnc#935087, bnc#945649).

- btrfs: qgroup: exit the rescan worker during umount
(bnc#960300).

- btrfs: qgroup: fix quota disable during rescan
(bnc#960300).

- btrfs: remove old tree_root dirent processing in
btrfs_real_readdir() (bsc#981709).

- btrfs: serialize subvolume mounts with potentially
mismatching rw flags (bsc#951844).

- btrfs: skip superblocks during discard (bsc#904489).

- btrfs: syslog when quota is disabled.

- btrfs: syslog when quota is enabled

- btrfs: ulist: Add ulist_del() function (bnc#935087,
bnc#945649).

- btrfs: use the new VFS super_block_dev (bnc#865869).

- btrfs: waiting on qgroup rescan should not always be
interruptible (bsc#992712).

- fs/super.c: add new super block sub devices
super_block_dev (bnc#865869).

- fs/super.c: fix race between freeze_super() and
thaw_super() (bsc#1025066).

- kabi: only use sops->get_inode_dev with proper fsflag
(bsc#927455).

- qgroup: Prevent qgroup->reserved from going subzero
(bsc#993841).

- vfs: add super_operations->get_inode_dev (bsc#927455).

- xfs: do not allow di_size with high bit set
(bsc#1024234).

- xfs: exclude never-released buffers from buftarg I/O
accounting (bsc#1024508).

- xfs: fix broken multi-fsb buffer logging (bsc#1024081).

- xfs: fix up xfs_swap_extent_forks inline extent handling
(bsc#1023888).

- xfs: track and serialize in-flight async buffers against
unmount - kABI (bsc#1024508).

- xfs: track and serialize in-flight async buffers against
unmount (bsc#1024508).

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1005666
https://bugzilla.opensuse.org/show_bug.cgi?id=1015787
https://bugzilla.opensuse.org/show_bug.cgi?id=1018100
https://bugzilla.opensuse.org/show_bug.cgi?id=1023762
https://bugzilla.opensuse.org/show_bug.cgi?id=1023888
https://bugzilla.opensuse.org/show_bug.cgi?id=1024081
https://bugzilla.opensuse.org/show_bug.cgi?id=1024234
https://bugzilla.opensuse.org/show_bug.cgi?id=1024508
https://bugzilla.opensuse.org/show_bug.cgi?id=1024938
https://bugzilla.opensuse.org/show_bug.cgi?id=1025047
https://bugzilla.opensuse.org/show_bug.cgi?id=1025048
https://bugzilla.opensuse.org/show_bug.cgi?id=1025049
https://bugzilla.opensuse.org/show_bug.cgi?id=1025050
https://bugzilla.opensuse.org/show_bug.cgi?id=1025051
https://bugzilla.opensuse.org/show_bug.cgi?id=1025053
https://bugzilla.opensuse.org/show_bug.cgi?id=1025055
https://bugzilla.opensuse.org/show_bug.cgi?id=1025057
https://bugzilla.opensuse.org/show_bug.cgi?id=1025058
https://bugzilla.opensuse.org/show_bug.cgi?id=1025059
https://bugzilla.opensuse.org/show_bug.cgi?id=1025060
https://bugzilla.opensuse.org/show_bug.cgi?id=1025061
https://bugzilla.opensuse.org/show_bug.cgi?id=1025062
https://bugzilla.opensuse.org/show_bug.cgi?id=1025063
https://bugzilla.opensuse.org/show_bug.cgi?id=1025064
https://bugzilla.opensuse.org/show_bug.cgi?id=1025065
https://bugzilla.opensuse.org/show_bug.cgi?id=1025066
https://bugzilla.opensuse.org/show_bug.cgi?id=1025067
https://bugzilla.opensuse.org/show_bug.cgi?id=1025069
https://bugzilla.opensuse.org/show_bug.cgi?id=1025070
https://bugzilla.opensuse.org/show_bug.cgi?id=1025071
https://bugzilla.opensuse.org/show_bug.cgi?id=1025072
https://bugzilla.opensuse.org/show_bug.cgi?id=1025073
https://bugzilla.opensuse.org/show_bug.cgi?id=1025074
https://bugzilla.opensuse.org/show_bug.cgi?id=1025075
https://bugzilla.opensuse.org/show_bug.cgi?id=1025076
https://bugzilla.opensuse.org/show_bug.cgi?id=1025077
https://bugzilla.opensuse.org/show_bug.cgi?id=1025079
https://bugzilla.opensuse.org/show_bug.cgi?id=1025080
https://bugzilla.opensuse.org/show_bug.cgi?id=1025081
https://bugzilla.opensuse.org/show_bug.cgi?id=1025235
https://bugzilla.opensuse.org/show_bug.cgi?id=1026024
https://bugzilla.opensuse.org/show_bug.cgi?id=865869
https://bugzilla.opensuse.org/show_bug.cgi?id=904489
https://bugzilla.opensuse.org/show_bug.cgi?id=927455
https://bugzilla.opensuse.org/show_bug.cgi?id=929871
https://bugzilla.opensuse.org/show_bug.cgi?id=935087
https://bugzilla.opensuse.org/show_bug.cgi?id=935088
https://bugzilla.opensuse.org/show_bug.cgi?id=936445
https://bugzilla.opensuse.org/show_bug.cgi?id=937609
https://bugzilla.opensuse.org/show_bug.cgi?id=937612
https://bugzilla.opensuse.org/show_bug.cgi?id=937616
https://bugzilla.opensuse.org/show_bug.cgi?id=938550
https://bugzilla.opensuse.org/show_bug.cgi?id=938891
https://bugzilla.opensuse.org/show_bug.cgi?id=938892
https://bugzilla.opensuse.org/show_bug.cgi?id=942512
https://bugzilla.opensuse.org/show_bug.cgi?id=942685
https://bugzilla.opensuse.org/show_bug.cgi?id=942925
https://bugzilla.opensuse.org/show_bug.cgi?id=944001
https://bugzilla.opensuse.org/show_bug.cgi?id=945649
https://bugzilla.opensuse.org/show_bug.cgi?id=946057
https://bugzilla.opensuse.org/show_bug.cgi?id=946902
https://bugzilla.opensuse.org/show_bug.cgi?id=949440
https://bugzilla.opensuse.org/show_bug.cgi?id=949472
https://bugzilla.opensuse.org/show_bug.cgi?id=951615
https://bugzilla.opensuse.org/show_bug.cgi?id=951844
https://bugzilla.opensuse.org/show_bug.cgi?id=957805
https://bugzilla.opensuse.org/show_bug.cgi?id=960300
https://bugzilla.opensuse.org/show_bug.cgi?id=963193
https://bugzilla.opensuse.org/show_bug.cgi?id=965344
https://bugzilla.opensuse.org/show_bug.cgi?id=966278
https://bugzilla.opensuse.org/show_bug.cgi?id=966910
https://bugzilla.opensuse.org/show_bug.cgi?id=968230
https://bugzilla.opensuse.org/show_bug.cgi?id=972844
https://bugzilla.opensuse.org/show_bug.cgi?id=972951
https://bugzilla.opensuse.org/show_bug.cgi?id=972993
https://bugzilla.opensuse.org/show_bug.cgi?id=973855
https://bugzilla.opensuse.org/show_bug.cgi?id=975596
https://bugzilla.opensuse.org/show_bug.cgi?id=977685
https://bugzilla.opensuse.org/show_bug.cgi?id=981038
https://bugzilla.opensuse.org/show_bug.cgi?id=981709
https://bugzilla.opensuse.org/show_bug.cgi?id=983087
https://bugzilla.opensuse.org/show_bug.cgi?id=984779
https://bugzilla.opensuse.org/show_bug.cgi?id=985562
https://bugzilla.opensuse.org/show_bug.cgi?id=985850
https://bugzilla.opensuse.org/show_bug.cgi?id=987192
https://bugzilla.opensuse.org/show_bug.cgi?id=989953
https://bugzilla.opensuse.org/show_bug.cgi?id=990384
https://bugzilla.opensuse.org/show_bug.cgi?id=992712
https://bugzilla.opensuse.org/show_bug.cgi?id=993841
https://bugzilla.opensuse.org/show_bug.cgi?id=994881

Solution :

Update the affected the Linux Kernel packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 97367 ()

Bugtraq ID:

CVE ID: CVE-2017-5897
CVE-2017-5970
CVE-2017-5986
CVE-2017-6074

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now