openSUSE Security Update : kdump (openSUSE-2016-1215)

Medium Nessus Plugin ID 94240


The remote openSUSE host is missing a security update.


This update for kdump provides several fixes and enhancements :

- Refresh kdumprd if /etc/hosts or /etc/nsswitch.conf is changed. (bsc#943214)

- Add a separate systemd service to rebuild kdumprd at boot. (bsc#943214)

- Improve network setup in the kdump environment by reading configuration from wicked by default (system configuration files are used as a fallback).

- Use the last mount entry in kdump_get_mountpoints().

- Remove 'notsc' from the kdump kernel command line.

- Handle dump files with many program headers.
(bsc#932339, bsc#970708)

- Fall back to stat() if file type is DT_UNKNOWN.

- Remove vm. sysctls from kdump initrd. (bsc#927451, bsc#987862)

- Use the exit code of kexec, not that of 'local'.

- Convert sysroot to a bind mount in kdump initrd.

- Distinguish between Xenlinux (aka Xenified or SUSE) and pvops Xen kernels, as the latter can run on bare metal.

- CVE-2016-5759: Use full path to dracut as argument to bash. (bsc#989972, bsc#990200)

This update was imported from the SUSE:SLE-12-SP1:Update update project.


Update the affected kdump packages.

See Also

Plugin Details

Severity: Medium

ID: 94240

File Name: openSUSE-2016-1215.nasl

Version: $Revision: 1.3 $

Type: local

Agent: unix

Published: 2016/10/25

Modified: 2018/01/26

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C


Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kdump, p-cpe:/a:novell:opensuse:kdump-debuginfo, p-cpe:/a:novell:opensuse:kdump-debugsource, cpe:/o:novell:opensuse:42.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2016/10/24

Reference Information

CVE: CVE-2016-5759