Security update for the Linux Kernel

The openSUSE Leap 42.1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:
- CVE-2016-2847: Limit the per-user amount of pages allocated in pipes (bsc#970948).
- CVE-2016-3136: mct_u232: add sanity checking in probe (bnc#970955).
- CVE-2016-2188: iowarrior: fix oops with malicious USB descriptors (bnc#970956).
- CVE-2016-3138: cdc-acm: more sanity checking (bnc#970911).
- CVE-2016-3137: cypress_m8: add endpoint sanity check (bnc#970970).
- CVE-2016-3951: cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind (bnc#974418).
- CVE-2016-3140: digi_acceleport: do sanity checking for the number of ports (bnc#970892).
- CVE-2016-2186: powermate: fix oops with malicious USB descriptors (bnc#970958).
- CVE-2016-2185: usb_driver_claim_interface: add sanity checking (bnc#971124).
- CVE-2016-3689: ims-pcu: sanity check against missing interfaces (bnc#971628).
- CVE-2016-3156: ipv4: Do not do expensive useless work during inetdev destroy (bsc#971360).

The following non-security bugs were fixed:
- ALSA: timer: Call notifier in the same spinlock (bsc#973378).
- ALSA: timer: Protect the whole snd_timer_close() with open race (bsc#973378).
- ALSA: timer: Sync timer deletion at closing the system timer (bsc#973378).
- ALSA: timer: Use mod_timer() for rearming the system timer (bsc#973378).
- Backport arm64 patches from SLE12-SP1-ARM
- Fix kABI additions for pipe: limit the per-user amount of pages allocated in pipes.
- Revert "drm/radeon: call hpd_irq_event on resume" (boo#975868).
- Update config files. Enable RTC_HCTOSYS, build I2C_XGENE_SLIMPRO as a module.
- backends: guarantee one time reads of shared ring contents (bsc#957988).
- ext4: fix races between buffered IO and collapse / insert range (bsc#972174).
- ext4: fix races between page faults and hole punching (bsc#972174).
- ext4: fix races of writeback with punch hole and zero range (bsc#972174).
- ext4: move unlocked dio protection from ext4_alloc_file_blocks() (bsc#972174).
- net: thunderx: Use napi_schedule_irqoff()
- netback: do not use last request to determine minimum Tx credit (bsc#957988).

Fixed bugs
bnc#957988
VUL-0: CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents (XSA-155)
bnc#970892
VUL-0: CVE-2016-3140: kernel-source: crash on invalid USB device descriptors (digi_acceleport driver)
bnc#970911
VUL-0: CVE-2016-3138: kernel-source: crash on invalid USB device descriptors (cdc_acm driver)
bnc#970948
VUL-0: CVE-2016-2847: kernel-source: limit the per-user amount of pages allocated in pipes
bnc#970955
VUL-1: CVE-2016-3136 kernel-source: Crash on invalid USB device descriptors (mct_u232 driver)
bnc#970956
VUL-0: CVE-2016-2188: kernel-source: Kernel panic on invalid USB device descriptor (iowarrior driver)
bnc#970958
VUL-0: CVE-2016-2186: kernel-source: Kernel panic on invalid USB device descriptor (powermate driver)
bnc#970970
VUL-1: CVE-2016-3137: kernel-source: Crash on invalid USB device descriptors (cypress_m8 driver)
bnc#971124
VUL-1: CVE-2016-2185: kernel: Kernel panic on invalid USB device descriptor (ati_remote2 driver)
bnc#971360
VUL-0: CVE-2016-3156: kernel-source: ipv4: denial of service when destroying a network interface
bnc#971628
VUL-1: CVE-2016-3689: kernel: ims-pcu driver can be oopsed by malicious device
bnc#972174
VUL-1: CVE-2015-8839: kernel: ext4 data corruption due to punch hole races
bnc#973378
[syzkaller] snd_timer BUG: KASAN: use-after-free in snd_timer_interrupt
bnc#974418
VUL-0: CVE-2016-3951: kernel: usbnet: memory corruption triggered by invalid USB descriptor allowing for DoS
bnc#975868
xorg crash after upgrade to 4.1.20
Selected Binaries
openSUSE Build Service is sponsored by