SUSE SLED12 / SLES12 Security Update : kernel-source (SUSE-SU-2015:1727-1)
high Nessus Plugin ID 86378
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The SUSE Linux Enterprise 12 kernel was updated to 3.12.48-52.27 to receive various security and bugfixes.Following security bugs were fixed :
- CVE-2015-7613: A flaw was found in the Linux kernel IPC code that could lead to arbitrary code execution. The ipc_addid() function initialized a shared object that has unset uid/gid values. Since the fields are not initialized, the check can falsely succeed. (bsc#948536)
- CVE-2015-5156: When a guests KVM network devices is in a bridge configuration the kernel can create a situation in which packets are fragmented in an unexpected fashion. The GRO functionality can create a situation in which multiple SKB's are chained together in a single packets fraglist (by design). (bsc#940776)
- CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI (bsc#938706).
- CVE-2015-6252: A flaw was found in the way the Linux kernel's vhost driver treated userspace provided log file descriptor when processing the VHOST_SET_LOG_FD ioctl command. The file descriptor was never released and continued to consume kernel memory. A privileged local user with access to the /dev/vhost-net files could use this flaw to create a denial-of-service attack (bsc#942367).
- CVE-2015-5697: The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.
(bnc#939994)
- CVE-2015-6937: A NULL pointer dereference flaw was found in the Reliable Datagram Sockets (RDS) implementation allowing a local user to cause system DoS. A verification was missing that the underlying transport exists when a connection was created. (bsc#945825)
- CVE-2015-5283: A NULL pointer dereference flaw was found in SCTP implementation allowing a local user to cause system DoS. Creation of multiple sockets in parallel when system doesn't have SCTP module loaded can lead to kernel panic. (bsc#947155)
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
To install this SUSE Security Update use YaST online_update.Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Workstation Extension 12 :
zypper in -t patch SUSE-SLE-WE-12-2015-668=1
SUSE Linux Enterprise Software Development Kit 12 :
zypper in -t patch SUSE-SLE-SDK-12-2015-668=1
SUSE Linux Enterprise Server 12 :
zypper in -t patch SUSE-SLE-SERVER-12-2015-668=1
SUSE Linux Enterprise Module for Public Cloud 12 :
zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-668=1
SUSE Linux Enterprise Live Patching 12 :
zypper in -t patch SUSE-SLE-Live-Patching-12-2015-668=1
SUSE Linux Enterprise Desktop 12 :
zypper in -t patch SUSE-SLE-DESKTOP-12-2015-668=1
To bring your system up-to-date, use 'zypper patch'.
See Also
https://bugzilla.suse.com/show_bug.cgi?id=856382
https://bugzilla.suse.com/show_bug.cgi?id=886785
https://bugzilla.suse.com/show_bug.cgi?id=898159
https://bugzilla.suse.com/show_bug.cgi?id=907973
https://bugzilla.suse.com/show_bug.cgi?id=908950
https://bugzilla.suse.com/show_bug.cgi?id=912183
https://bugzilla.suse.com/show_bug.cgi?id=914818
https://bugzilla.suse.com/show_bug.cgi?id=916543
https://bugzilla.suse.com/show_bug.cgi?id=920016
https://bugzilla.suse.com/show_bug.cgi?id=922071
https://bugzilla.suse.com/show_bug.cgi?id=924722
https://bugzilla.suse.com/show_bug.cgi?id=929092
https://bugzilla.suse.com/show_bug.cgi?id=929871
https://bugzilla.suse.com/show_bug.cgi?id=930813
https://bugzilla.suse.com/show_bug.cgi?id=932285
https://bugzilla.suse.com/show_bug.cgi?id=932350
https://bugzilla.suse.com/show_bug.cgi?id=934430
https://bugzilla.suse.com/show_bug.cgi?id=934942
https://bugzilla.suse.com/show_bug.cgi?id=934962
https://bugzilla.suse.com/show_bug.cgi?id=936556
https://bugzilla.suse.com/show_bug.cgi?id=936773
https://bugzilla.suse.com/show_bug.cgi?id=937609
https://bugzilla.suse.com/show_bug.cgi?id=937612
https://bugzilla.suse.com/show_bug.cgi?id=937613
https://bugzilla.suse.com/show_bug.cgi?id=937616
https://bugzilla.suse.com/show_bug.cgi?id=938550
https://bugzilla.suse.com/show_bug.cgi?id=938706
https://bugzilla.suse.com/show_bug.cgi?id=938891
https://bugzilla.suse.com/show_bug.cgi?id=938892
https://bugzilla.suse.com/show_bug.cgi?id=938893
https://bugzilla.suse.com/show_bug.cgi?id=939145
https://bugzilla.suse.com/show_bug.cgi?id=939266
https://bugzilla.suse.com/show_bug.cgi?id=939716
https://bugzilla.suse.com/show_bug.cgi?id=939834
https://bugzilla.suse.com/show_bug.cgi?id=939994
https://bugzilla.suse.com/show_bug.cgi?id=940398
https://bugzilla.suse.com/show_bug.cgi?id=940545
https://bugzilla.suse.com/show_bug.cgi?id=940679
https://bugzilla.suse.com/show_bug.cgi?id=940776
https://bugzilla.suse.com/show_bug.cgi?id=940912
https://bugzilla.suse.com/show_bug.cgi?id=940925
https://bugzilla.suse.com/show_bug.cgi?id=940965
https://bugzilla.suse.com/show_bug.cgi?id=941098
https://bugzilla.suse.com/show_bug.cgi?id=941305
https://bugzilla.suse.com/show_bug.cgi?id=941908
https://bugzilla.suse.com/show_bug.cgi?id=941951
https://bugzilla.suse.com/show_bug.cgi?id=942160
https://bugzilla.suse.com/show_bug.cgi?id=942204
https://bugzilla.suse.com/show_bug.cgi?id=942307
https://bugzilla.suse.com/show_bug.cgi?id=942367
https://bugzilla.suse.com/show_bug.cgi?id=948536
https://www.suse.com/security/cve/CVE-2015-5156/
https://www.suse.com/security/cve/CVE-2015-5157/
https://www.suse.com/security/cve/CVE-2015-5283/
https://www.suse.com/security/cve/CVE-2015-5697/
https://www.suse.com/security/cve/CVE-2015-6252/
https://www.suse.com/security/cve/CVE-2015-6937/
Plugin Details
Severity: High
ID: 86378
File Name: suse_SU-2015-1727-1.nasl
Version: 2.24
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 10/14/2015
Updated: 1/6/2021
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 5.3
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Temporal Vector: E:U/RL:OF/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debugsource, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-extra, p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-xen, p-cpe:/a:novell:suse_linux:kernel-xen-base, p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo, p-cpe:/a:novell:suse_linux:kernel-xen-debugsource, p-cpe:/a:novell:suse_linux:kernel-xen-devel, cpe:/o:novell:suse_linux:12
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 10/6/2015
Vulnerability Publication Date: 8/31/2015
Reference Information
CVE: CVE-2015-5156, CVE-2015-5157, CVE-2015-5283, CVE-2015-5697, CVE-2015-6252, CVE-2015-6937, CVE-2015-7613
BID: 76005