New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 8.9
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThe openSUSE Leap 42.1 was updated to 4.1.27 to receive various security and bugfixes.
The following security bugs were fixed :
- CVE-2016-4997: A buffer overflow in 32bit compat_setsockopt iptables handling could lead to a local privilege escalation. (bsc#986362)
- CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572).
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755).
- CVE-2016-4794: Use-after-free vulnerability in mm/percpu.c in the Linux kernel allowed local users to cause a denial of service (BUG) or possibly have unspecified other impact via crafted use of the mmap and bpf system calls (bnc#980265).
The following non-security bugs were fixed :
- Refresh patches.xen/xen-netback-coalesce: Restore copying of SKBs with head exceeding page size (bsc#978469).
- Refresh patches.xen/xen3-patch-2.6.26 (fix PAT initialization).
- Refresh patches.xen/xen3-patch-2.6.39 (fix ia32_compat inheritance).
- Refresh patches.xen/xen3-patch-3.14: Suppress atomic file position updates for /proc/xen/xenbus (bsc#970275).
- Refresh patches.xen/xen3-patch-3.16 (drop redundant addition of a comment).
- Refresh patches.xen/xen3-patch-4.1.7-8.
- base: make module_create_drivers_dir race-free (bnc#983977).
- ipvs: count pre-established TCP states as active (bsc#970114).
- net: thunderx: Fix TL4 configuration for secondary Qsets (bsc#986530).
- net: thunderx: Fix link status reporting (bsc#986530).
SolutionUpdate the affected the Linux Kernel packages.