openSUSE Security Update : the Linux Kernel (openSUSE-2017-929)

High Nessus Plugin ID 102509


The remote openSUSE host is missing a security update.


The openSUSE Leap 42.2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

- CVE-2017-1000111: Fixed a race condition in net-packet code that could be exploited to cause out-of-bounds memory access (bsc#1052365).

- CVE-2017-1000112: Fixed a race condition in net-packet code that could have been exploited by unprivileged users to gain root access. (bsc#1052311).

- CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994).

The following non-security bugs were fixed :

- IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151).

- bcache: force trigger gc (bsc#1038078).

- bcache: only recovery I/O error for writethrough mode (bsc#1043652).

- block: do not allow updates through sysfs until registration completes (bsc#1047027).

- ibmvnic: Check for transport event on driver resume (bsc#1051556, bsc#1052709).

- ibmvnic: Initialize SCRQ's during login renegotiation (bsc#1052223).

- ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).

- iommu/amd: Fix schedule-while-atomic BUG in initialization code (bsc1052533).

- libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175).

- libnvdimm: fix badblock range handling of ARS range (bsc#1023175).

- qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374).

- scsi_devinfo: fixup string compare (bsc#1037404).

- scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792).

- vfs: fix missing inode_get_dev sites (bsc#1052049).

- x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache() (bsc#1051399).


Update the affected the Linux Kernel packages.

See Also

Plugin Details

Severity: High

ID: 102509

File Name: openSUSE-2017-929.nasl

Version: $Revision: 3.2 $

Type: local

Agent: unix

Published: 2017/08/16

Modified: 2018/01/26

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C


Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-docs-html, p-cpe:/a:novell:opensuse:kernel-docs-pdf, p-cpe:/a:novell:opensuse:kernel-macros, p-cpe:/a:novell:opensuse:kernel-obs-build, p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource, p-cpe:/a:novell:opensuse:kernel-obs-qa, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-base, p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, cpe:/o:novell:opensuse:42.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2017/08/15

Exploitable With

Core Impact

Reference Information

CVE: CVE-2017-1000111, CVE-2017-1000112, CVE-2017-8831