openSUSE Security Update : the Linux Kernel (openSUSE-2015-879)

Medium Nessus Plugin ID 87391

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.2

Synopsis

The remote openSUSE host is missing a security update.

Description

The Linux Kernel was updated to 4.1.13 and fixes the following issues :

Security issues fixed :

- CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.

- CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.

- CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.

- CVE-2015-7990: A local denial of service due to an incomplete fix of CVE-2015-6937 could lead to crashes (local denial of service).

- CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.

Bugs fixed :

- alsa: hda - apply hp headphone fixups more generically (boo#954876).

- alsa: hda - add fixup for acer aspire one cloudbook 14 (boo#954876).

- alsa: hda - fix headphone noise after dell xps 13 resume back from S3 (boo#954876).

- alsa: hda - fix noise on dell latitude e6440 (boo#954876).

- alsa: hda/hdmi - apply skylake fix-ups to broxton display codec (boo#954647).

- alsa: hda - add codec id for broxton display audio codec (boo#954647).

- alsa: hda/realtek - dell xps one alc3260 speaker no sound after resume back (boo#954647).

- alsa: hda - yet another fix for dell headset mic with alc3266 (boo#954647).

- alsa: hda - fix dell laptop for internal mic/headset mic (boo#954647).

- alsa: hda - remove no physical connection pins from pin_quirk table (boo#954647).

- alsa: hda - add pin quirk for the headset mic jack detection on Dell laptop (boo#954647).

- alsa: hda - fix the headset mic that will not work on dell desktop machine (boo#954647).

- alsa: hda - remove one pin from alc292_standard_pins (boo#954647).

- alsa: hda - add dock support for thinkpad w541 (17aa:2211) (boo#954647).

- alsa: hda/realtek: enable hp amp and mute led on hp folio 9480m [v3] (boo#954647).

- alsa: hda/realtek - support dell headset mode for alc298 (boo#954647).

- alsa: hda/realtek - support headset mode for alc298 (boo#954647).

- x86/evtchn: make use of physdevop_map_pirq.

- blktap: also call blkif_disconnect() when frontend switched to closed (boo#952976).

- blktap: refine mm tracking (boo#952976).

- update xen patches to linux 4.1.13.

- Backport arm64 patches from sle12-sp1-arm.

- Backport pci-ea patches

- Enable drm_ast driver

- Fix thunderx edac store function

- Update arm64 config files. Align arm64 vanilla configuration with default.

- rtlwifi: rtl8821ae: fix lockups on boot (boo#944978).

- ethernet/atheros/alx: add killer e2400 device id (boo#955363).

- drm/i915: don't override output type for ddi hdmi (boo#955190).

- drm/i915: set best_encoder field of connector_state also when disabling (boo#955190).

- drm/i915: add hotplug activation period to hotplug update mask (boo#955365).

- drm/i915: avoid race of intel_crt_detect_hotplug() with hpd interrupt, v2 (boo#955365).

- drm/i915: shut up gen8+ sde irq dmesg noise (boo#954757).

- ipv6: fix tunnel error handling (boo#952579).

- Update config files (boo#951533).

- iwlwifi: add new pci ids for the 8260 series (boo#954421).

- iwlwifi: edit the 3165 series and 8000 series pci ids (boo#954421).

- x86/efi-bgrt: switch pr_err() to pr_debug() for invalid bgrt (boo#953559).

- x86/tsc: let high latency pit fail fast in quick_pit_calibrate() (boo#953717).

- Backport arm64 patches from sle12-sp1-arm branch Backports to fix Seattle xgbe driver. Fix EL2 page table for systems with high amount of memory. Needed for KVM to work. Convert WARN_ON in numa implementation to pr_warn.

- input: elantech - add fujitsu lifebook u745 to force crc_enabled (boo#883192).

Solution

Update the affected the Linux Kernel packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=883192

https://bugzilla.opensuse.org/show_bug.cgi?id=944978

https://bugzilla.opensuse.org/show_bug.cgi?id=945825

https://bugzilla.opensuse.org/show_bug.cgi?id=948758

https://bugzilla.opensuse.org/show_bug.cgi?id=949936

https://bugzilla.opensuse.org/show_bug.cgi?id=951533

https://bugzilla.opensuse.org/show_bug.cgi?id=952384

https://bugzilla.opensuse.org/show_bug.cgi?id=952579

https://bugzilla.opensuse.org/show_bug.cgi?id=952976

https://bugzilla.opensuse.org/show_bug.cgi?id=953527

https://bugzilla.opensuse.org/show_bug.cgi?id=953559

https://bugzilla.opensuse.org/show_bug.cgi?id=953717

https://bugzilla.opensuse.org/show_bug.cgi?id=954404

https://bugzilla.opensuse.org/show_bug.cgi?id=954421

https://bugzilla.opensuse.org/show_bug.cgi?id=954647

https://bugzilla.opensuse.org/show_bug.cgi?id=954757

https://bugzilla.opensuse.org/show_bug.cgi?id=954876

https://bugzilla.opensuse.org/show_bug.cgi?id=955190

https://bugzilla.opensuse.org/show_bug.cgi?id=955363

https://bugzilla.opensuse.org/show_bug.cgi?id=955365

https://bugzilla.opensuse.org/show_bug.cgi?id=956856

Plugin Details

Severity: Medium

ID: 87391

File Name: openSUSE-2015-879.nasl

Version: 2.5

Type: local

Agent: unix

Published: 2015/12/16

Updated: 2021/01/19

Dependencies: 12634

Risk Information

Risk Factor: Medium

VPR Score: 5.2

CVSS v2.0

Base Score: 5.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C

CVSS v3.0

Base Score: 5.8

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-docs-html, p-cpe:/a:novell:opensuse:kernel-docs-pdf, p-cpe:/a:novell:opensuse:kernel-ec2, p-cpe:/a:novell:opensuse:kernel-ec2-base, p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debugsource, p-cpe:/a:novell:opensuse:kernel-ec2-devel, p-cpe:/a:novell:opensuse:kernel-macros, p-cpe:/a:novell:opensuse:kernel-obs-build, p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource, p-cpe:/a:novell:opensuse:kernel-obs-qa, p-cpe:/a:novell:opensuse:kernel-obs-qa-xen, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debugsource, p-cpe:/a:novell:opensuse:kernel-pae-devel, p-cpe:/a:novell:opensuse:kernel-pv, p-cpe:/a:novell:opensuse:kernel-pv-base, p-cpe:/a:novell:opensuse:kernel-pv-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-pv-debuginfo, p-cpe:/a:novell:opensuse:kernel-pv-debugsource, p-cpe:/a:novell:opensuse:kernel-pv-devel, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debugsource, p-cpe:/a:novell:opensuse:kernel-xen-devel, cpe:/o:novell:opensuse:42.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2015/12/08

Reference Information

CVE: CVE-2015-5307, CVE-2015-6937, CVE-2015-7799, CVE-2015-7990, CVE-2015-8104