openSUSE Security Update : the Linux Kernel (openSUSE-2015-879)

medium Nessus Plugin ID 87391
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote openSUSE host is missing a security update.


The Linux Kernel was updated to 4.1.13 and fixes the following issues :

Security issues fixed :

- CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.

- CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.

- CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.

- CVE-2015-7990: A local denial of service due to an incomplete fix of CVE-2015-6937 could lead to crashes (local denial of service).

- CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.

Bugs fixed :

- alsa: hda - apply hp headphone fixups more generically (boo#954876).

- alsa: hda - add fixup for acer aspire one cloudbook 14 (boo#954876).

- alsa: hda - fix headphone noise after dell xps 13 resume back from S3 (boo#954876).

- alsa: hda - fix noise on dell latitude e6440 (boo#954876).

- alsa: hda/hdmi - apply skylake fix-ups to broxton display codec (boo#954647).

- alsa: hda - add codec id for broxton display audio codec (boo#954647).

- alsa: hda/realtek - dell xps one alc3260 speaker no sound after resume back (boo#954647).

- alsa: hda - yet another fix for dell headset mic with alc3266 (boo#954647).

- alsa: hda - fix dell laptop for internal mic/headset mic (boo#954647).

- alsa: hda - remove no physical connection pins from pin_quirk table (boo#954647).

- alsa: hda - add pin quirk for the headset mic jack detection on Dell laptop (boo#954647).

- alsa: hda - fix the headset mic that will not work on dell desktop machine (boo#954647).

- alsa: hda - remove one pin from alc292_standard_pins (boo#954647).

- alsa: hda - add dock support for thinkpad w541 (17aa:2211) (boo#954647).

- alsa: hda/realtek: enable hp amp and mute led on hp folio 9480m [v3] (boo#954647).

- alsa: hda/realtek - support dell headset mode for alc298 (boo#954647).

- alsa: hda/realtek - support headset mode for alc298 (boo#954647).

- x86/evtchn: make use of physdevop_map_pirq.

- blktap: also call blkif_disconnect() when frontend switched to closed (boo#952976).

- blktap: refine mm tracking (boo#952976).

- update xen patches to linux 4.1.13.

- Backport arm64 patches from sle12-sp1-arm.

- Backport pci-ea patches

- Enable drm_ast driver

- Fix thunderx edac store function

- Update arm64 config files. Align arm64 vanilla configuration with default.

- rtlwifi: rtl8821ae: fix lockups on boot (boo#944978).

- ethernet/atheros/alx: add killer e2400 device id (boo#955363).

- drm/i915: don't override output type for ddi hdmi (boo#955190).

- drm/i915: set best_encoder field of connector_state also when disabling (boo#955190).

- drm/i915: add hotplug activation period to hotplug update mask (boo#955365).

- drm/i915: avoid race of intel_crt_detect_hotplug() with hpd interrupt, v2 (boo#955365).

- drm/i915: shut up gen8+ sde irq dmesg noise (boo#954757).

- ipv6: fix tunnel error handling (boo#952579).

- Update config files (boo#951533).

- iwlwifi: add new pci ids for the 8260 series (boo#954421).

- iwlwifi: edit the 3165 series and 8000 series pci ids (boo#954421).

- x86/efi-bgrt: switch pr_err() to pr_debug() for invalid bgrt (boo#953559).

- x86/tsc: let high latency pit fail fast in quick_pit_calibrate() (boo#953717).

- Backport arm64 patches from sle12-sp1-arm branch Backports to fix Seattle xgbe driver. Fix EL2 page table for systems with high amount of memory. Needed for KVM to work. Convert WARN_ON in numa implementation to pr_warn.

- input: elantech - add fujitsu lifebook u745 to force crc_enabled (boo#883192).


Update the affected the Linux Kernel packages.

See Also

Plugin Details

Severity: Medium

ID: 87391

File Name: openSUSE-2015-879.nasl

Version: 2.5

Type: local

Agent: unix

Published: 12/16/2015

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information


Risk Factor: Medium

Score: 4.7


Risk Factor: Medium

Base Score: 5.9

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:C


Risk Factor: Medium

Base Score: 5.8

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-docs-html, p-cpe:/a:novell:opensuse:kernel-docs-pdf, p-cpe:/a:novell:opensuse:kernel-ec2, p-cpe:/a:novell:opensuse:kernel-ec2-base, p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debugsource, p-cpe:/a:novell:opensuse:kernel-ec2-devel, p-cpe:/a:novell:opensuse:kernel-macros, p-cpe:/a:novell:opensuse:kernel-obs-build, p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource, p-cpe:/a:novell:opensuse:kernel-obs-qa, p-cpe:/a:novell:opensuse:kernel-obs-qa-xen, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debugsource, p-cpe:/a:novell:opensuse:kernel-pae-devel, p-cpe:/a:novell:opensuse:kernel-pv, p-cpe:/a:novell:opensuse:kernel-pv-base, p-cpe:/a:novell:opensuse:kernel-pv-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-pv-debuginfo, p-cpe:/a:novell:opensuse:kernel-pv-debugsource, p-cpe:/a:novell:opensuse:kernel-pv-devel, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debugsource, p-cpe:/a:novell:opensuse:kernel-xen-devel, cpe:/o:novell:opensuse:42.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 12/8/2015

Reference Information

CVE: CVE-2015-5307, CVE-2015-6937, CVE-2015-7799, CVE-2015-7990, CVE-2015-8104