Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for the Linux Kernel

The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable
release, and also includes security and bugfixes.

Following security bugs were fixed:
- CVE-2016-0728: A reference leak in keyring handling with
join_session_keyring() could lead to local attackers gain root
privileges. (bsc#962075).
- CVE-2015-7550: A local user could have triggered a race between read and
revoke in keyctl (bnc#958951).
- CVE-2015-8767: A case can occur when sctp_accept() is called by the
user during a heartbeat timeout event after the 4-way handshake. Since
sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the
bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the
listening socket but released with the new association socket. The result
is a deadlock on any future attempts to take the listening socket lock. (bsc#961509)
- CVE-2015-8539: A negatively instantiated user key could have been used
by a local user to leverage privileges (bnc#958463).
- CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in
drivers/net/ppp/pptp.c in the Linux kernel did not verify an address
length, which allowed local users to obtain sensitive information from
kernel memory and bypass the KASLR protection mechanism via a crafted
application (bnc#959190).
- CVE-2015-8543: The networking implementation in the Linux kernel
did not validate protocol identifiers for certain protocol families,
which allowed local users to cause a denial of service (NULL function
pointer dereference and system crash) or possibly gain privileges by
leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application
(bnc#958886).
- CVE-2015-8575: Validate socket address length in sco_sock_bind() to
prevent information leak (bsc#959399).
- CVE-2015-8551, CVE-2015-8552: xen/pciback: For
XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled
(bsc#957990).
- CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers
could have lead to double fetch vulnerabilities, causing denial of
service or arbitrary code execution (depending on the configuration)
(bsc#957988).

The following non-security bugs were fixed:
- ALSA: hda - Add a fixup for Thinkpad X1 Carbon 2nd (bsc#958439).
- ALSA: hda - Apply click noise workaround for Thinkpads generically (bsc#958439).
- ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).
- ALSA: hda - Flush the pending probe work at remove (boo#960710).
- ALSA: hda - Set codec to D3 at reboot/shutdown on Thinkpads (bsc#958439).
- Add Cavium Thunderx network enhancements
- Add RHEL to kernel-obs-build
- Backport amd xgbe fixes and features
- Backport arm64 patches from SLE12-SP1-ARM.
- Btrfs: fix the number of transaction units needed to remove a block group (bsc#950178).
- Btrfs: use global reserve when deleting unused block group after ENOSPC (bsc#950178).
- Documentation: nousb is a module parameter (bnc#954324).
- Driver for IBM System i/p VNIC protocol.
- Enable CONFIG_PINCTRL_CHERRYVIEW (boo#954532) Needed for recent tablets/laptops. CONFIG_PINCTRL_BAYTRAIL is still disabled as it can't be built as a module.
- Fix PCI generic host controller
- Fix kABI breakage for max_dev_sectors addition to queue_limits (boo#961263).
- HID: multitouch: Fetch feature reports on demand for Win8 devices (boo#954532).
- HID: multitouch: fix input mode switching on some Elan panels (boo#954532).
- Implement enable/disable for Display C6 state (boo#960021).
- Input: aiptek - fix crash on detecting device without endpoints (bnc#956708).
- Linux 4.1.15 (boo#954647 bsc#955422).
- Move kabi patch to patches.kabi directory
- Obsolete compat-wireless, rts5229 and rts_pstor KMPs These are found in SLE11-SP3, now replaced with the upstream drivers.
- PCI: generic: Pass starting bus number to pci_scan_root_bus().
- Revert "block: remove artifical max_hw_sectors cap" (boo#961263).
- Set system time through RTC device
- Update arm64 config files. Enabled DRM_AST in the vanilla kernel since it is now enabled in the default kernel.
- Update config files: CONFIG_IBMVNIC=m
- block/sd: Fix device-imposed transfer length limits (boo#961263).
- block: bump BLK_DEF_MAX_SECTORS to 2560 (boo#961263).
- drm/i915/skl: Add DC5 Trigger Sequence (boo#960021).
- drm/i915/skl: Add DC6 Trigger sequence (boo#960021).
- drm/i915/skl: Add support to load SKL CSR firmware (boo#960021).
- drm/i915/skl: Add the INIT power domain to the MISC I/O power well (boo#960021).
- drm/i915/skl: Deinit/init the display at suspend/resume (boo#960021).
- drm/i915/skl: Fix DMC API version in firmware file name (boo#960021).
- drm/i915/skl: Fix WaDisableChickenBitTSGBarrierAckForFFSliceCS (boo#960021).
- drm/i915/skl: Fix stepping check for a couple of W/As (boo#960021).
- drm/i915/skl: Fix the CTRL typo in the DPLL_CRTL1 defines (boo#960021).
- drm/i915/skl: Implement WaDisableVFUnitClockGating (boo#960021).
- drm/i915/skl: Implement enable/disable for Display C5 state (boo#960021).
- drm/i915/skl: Make the Misc I/O power well part of the PLLS domain (boo#960021).
- drm/i915/skl: add F0 stepping ID (boo#960021).
- drm/i915/skl: enable WaForceContextSaveRestoreNonCoherent (boo#960021).
- drm/i915: Clear crtc atomic flags at beginning of transaction (boo#960021).
- drm/i915: Fix CSR MMIO address check (boo#960021).
- drm/i915: Switch to full atomic helpers for plane updates/disable, take two (boo#960021).
- drm/i915: set CDCLK if DPLL0 enabled during resuming from S3 (boo#960021).
- ethernet/atheros/alx: sanitize buffer sizing and padding (boo#952621).
- genksyms: Handle string literals with spaces in reference files (bsc#958510).
- group-source-files: mark module.lds as devel file ld: cannot open linker script file /usr/src/linux-4.2.5-1/arch/arm/kernel/module.lds: No such file or directory
- hwrng: core - sleep interruptible in read (bnc#962597).
- ipv6: distinguish frag queues by device for multicast and link-local packets (bsc#955422).
- kABI fixes for linux-4.1.15.
- rpm/compute-PATCHVERSION.sh: Skip stale directories in the package dir
- rpm/constraints.in: Bump disk space requirements up a bit Require 10GB on s390x, 20GB elsewhere.
- rpm/constraints.in: Require 14GB worth of disk space on POWER The builds started to fail randomly due to ENOSPC errors.
- rpm/kernel-binary.spec.in: Do not explicitly set DEBUG_SECTION_MISMATCH CONFIG_DEBUG_SECTION_MISMATCH is a selectable Kconfig option since 2.6.39 and is enabled in our configs.
- rpm/kernel-binary.spec.in: Do not obsolete ocfs2-kmp (bnc#865259)865259
- rpm/kernel-binary.spec.in: Fix build if no UEFI certs are installed
- rpm/kernel-binary.spec.in: Install libopenssl-devel for newer sign-file
- rpm/kernel-binary.spec.in: No scriptlets in kernel-zfcpdump The kernel should not be added to the bootloader nor are there any KMPs.
- rpm/kernel-binary.spec.in: Obsolete the -base package from SLE11 (bnc#865096)
- rpm/kernel-binary.spec.in: Use parallel make in all invocations Also, remove the lengthy comment, since we are using a standard rpm macro now.
- thinkpad_acpi: Do not yell on unsupported brightness interfaces (boo#957152).
- usb: make "nousb" a clear module parameter (bnc#954324).
- usbvision fix overflow of interfaces array (bnc#950998).
- x86/microcode/amd: Do not overwrite final patch levels (bsc#913996).
- x86/microcode/amd: Extract current patch level read to a function (bsc#913996).
- xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set (bsc#957990 XSA-157).
- xhci: refuse loading if nousb is used (bnc#954324).

Fixed bugs
bnc#865096
[Test Case 1366807] kernel-default-base-3.12.10-2.3 package conflicts during upgrade SLES11SP3 to SLES12Beta1
bnc#865259
[Test Case 1279393] [Build 0094] ocfs2-kmp-* not installed by default
bnc#913996
Applying Critical Updates Causes System to no longer boot (ucode-intel / ucode-amd problem?)
bnc#950178
Can't rename files (on btrfs)
bnc#950998
VUL-1: CVE-2015-7833: kernel: usbvision: crash on invalid USB device descriptors
bnc#952621
alx ethernet driver crashes with fatal interrupt 0x4019607, resetting
bnc#954324
nousb boot option has no effect (42.1 and Tumbleweed)
bnc#954532
Elantech Touchpad on Acer Aspire R11 not detected
bnc#954647
Fixes for Dell headset are missing from Leap 4.1.x kernel
bnc#955422
fragmented IPv6 multicast frames sometimes missing with bridged macvlan
bnc#956708
VUL-0: CVE-2015-7515: kernel: aiptek: crash on invalid USB device descriptors
bnc#957152
thinkpad_acpi: Unsupported brightness interface
bnc#957988
VUL-0: CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents (XSA-155)
bnc#957990
VUL-0: CVE-2015-8551,CVE-2015-8552,CVE-2015-8553: kernel: xen: Linux pciback missing sanity checks leading to crash (XSA-157)
bnc#958439
Noise in headphones when shutting down or rebooting
bnc#958463
VUL-0: CVE-2015-8539: kernel: Fix handling of stored error in a negatively instantiated user key
bnc#958504
Constant background noise on T440s and loud cracking noise after audio powersave
bnc#958510
Spurious 'modversion changed' messages in drivers/edac
bnc#958886
VUL-1: CVE-2015-8543: kernel-source: connect IPv6/SOCK_RAW connect causes a denial of service
bnc#958951
VUL-0: CVE-2015-7550: kernel: User triggerable crash from race between key read and rey revoke
bnc#959190
VUL-1: CVE-2015-8569: kernel: information leak using getsockname
bnc#959399
VUL-1: CVE-2015-8575: kernel-source: information leak from getsockname in bluetooth/sco
bnc#960021
Incomplete Skylake graphics support in 4.1.x kernel
bnc#960710
crash when unloading+loading snd_hda_intel
bnc#961263
NCQ Timeout with SMR drives (e.g. Seagate 8tb hdd)
bnc#961509
VUL-0: CVE-2015-8767: kernel: SCTP denial of service during heartbeat timeout functions
bnc#962075
VUL-0: CVE-2016-0728: kernel: Use-after-free vulnerability in keyring facility
bnc#962597
virtio_rng causes long stalls during shutdown
CVE-CVE-2015-8767
CVE-CVE-2016-0728
CVE-CVE-2015-7550
CVE-CVE-2015-8539
CVE-CVE-2015-8569
CVE-CVE-2015-8575
CVE-CVE-2015-8543
CVE-CVE-2015-8551
CVE-CVE-2015-8552
CVE-CVE-2015-8550
Selected Binaries
openSUSE Build Service is sponsored by
Places