openSUSE Security Update : the Linux Kernel (openSUSE-2016-1438)

high Nessus Plugin ID 95744
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote openSUSE host is missing a security update.

Description

The openSUSE 14.2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

- CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604).

The following non-security bugs were fixed :

- 8250_pci: Fix potential use-after-free in error path (bsc#1013001).

- block_dev: do not test bdev->bd_contains when it is not stable (bsc#1008557).

- drm/i915/vlv: Disable HPD in valleyview_crt_detect_hotplug() (bsc#1014120).

- drm/i915/vlv: Make intel_crt_reset() per-encoder (bsc#1014120).

- drm/i915/vlv: Reset the ADPA in vlv_display_power_well_init() (bsc#1014120).

- drm/i915: Enable polling when we do not have hpd (bsc#1014120).

- i2c: designware-baytrail: Add support for cherrytrail (bsc#1011913).

- i2c: designware-baytrail: Pass dw_i2c_dev into helper functions (bsc#1011913).

- i2c: designware: Prevent runtime suspend during adapter registration (bsc#1011913).

- i2c: designware: Use transfer timeout from ioctl I2C_TIMEOUT (bsc#1011913).

- i2c: designware: retry transfer on transient failure (bsc#1011913).

- powerpc/xmon: Add xmon command to dump process/task similar to ps(1) (fate#322020).

- sched/fair: Fix incorrect task group ->load_avg (bsc#981825).

- serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013001).

- target: fix tcm_rbd_gen_it_nexus for emulated XCOPY state (bsc#1003606).

- x86/PCI: VMD: Synchronize with RCU freeing MSI IRQ descs (bsc#1006827).

Solution

Update the affected the Linux Kernel packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1003606

https://bugzilla.opensuse.org/show_bug.cgi?id=1006827

https://bugzilla.opensuse.org/show_bug.cgi?id=1008557

https://bugzilla.opensuse.org/show_bug.cgi?id=1011913

https://bugzilla.opensuse.org/show_bug.cgi?id=1013001

https://bugzilla.opensuse.org/show_bug.cgi?id=1013604

https://bugzilla.opensuse.org/show_bug.cgi?id=1014120

https://bugzilla.opensuse.org/show_bug.cgi?id=981825

Plugin Details

Severity: High

ID: 95744

File Name: openSUSE-2016-1438.nasl

Version: 3.5

Type: local

Agent: unix

Published: 12/13/2016

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-docs-html, p-cpe:/a:novell:opensuse:kernel-docs-pdf, p-cpe:/a:novell:opensuse:kernel-macros, p-cpe:/a:novell:opensuse:kernel-obs-build, p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource, p-cpe:/a:novell:opensuse:kernel-obs-qa, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-base, p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, cpe:/o:novell:opensuse:42.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 12/12/2016

Reference Information

CVE: CVE-2016-9576