New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 8.9
Synopsis
The remote openSUSE host is missing a security update.
Description
Linux kernel was updated to kernel 3.4.42 fixing various bugs and security issues.
- Refresh patches.suse/SUSE-bootsplash. Fix bootsplash breakage due to stable fix (bnc#813963)
- Linux 3.4.39.
- kABI: protect struct tracer.
- Linux 3.4.38 (bnc#808829,CVE-2013-0913).
- patches.kabi/kabi-protect-struct-sk_buff.patch: kABI:
protect struct sk_buff.
- patches.kabi/kabi-ipv4-remove-inclusion.patch: kABI:
ipv4, remove inclusion.
- USB: io_ti: Fix NULL dereference in chase_port() (bnc#806976, CVE-2013-1774).
- Linux 3.4.37 (bnc#809155 bnc#809330 bnc#809748 CVE-2013-1848).
- Linux 3.4.36.
- KVM: Convert MSR_KVM_SYSTEM_TIME to use gfn_to_hva_cache_init (bnc#806980 CVE-2013-1797).
- KVM: Fix bounds checking in ioapic indirect register read (bnc#806980 CVE-2013-1798).
- KVM: Fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (bnc#806980 CVE-2013-1796).
- kabi/severities: Allow kvm abi changes - kvm modules are self consistent
- loopdev: fix a deadlock (bnc#809748).
- block: use i_size_write() in bd_set_size() (bnc#809748).
- drm/i915: bounds check execbuffer relocation count (bnc#808829,CVE-2013-0913).
- TTY: do not reset master's packet mode (bnc#809330).
- Update patches.fixes/ext3-Fix-format-string-issues.patch (bnc#809155 CVE-2013-1848).
- ext3: Fix format string issues (bnc#809155).
- Linux 3.4.35 (bnc#802153).
- Linux 3.4.34 (CVE-2013-1763 CVE-2013-1767 bnc#792500 bnc#806138 bnc#805633).
- tmpfs: fix use-after-free of mempolicy object (bnc#806138, CVE-2013-1767).
Solution
Update the affected kernel packages.