Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for the Linux Kernel

The openSUSE 13.1 kernel was updated to 3.12.62 to receive various security and bugfixes.

The following security bugs were fixed:
- CVE-2014-9904: The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel did not properly check for an integer overflow, which allowed local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call (bnc#986811).
- CVE-2015-7833: The usbvision driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor (bnc#950998).
- CVE-2015-8551: The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allowed local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks (bnc#957990).
- CVE-2015-8552: The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allowed local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks (bnc#957990).
- CVE-2015-8845: The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms did not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allowed local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application (bnc#975531 bsc#975533).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bnc#979867).
- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. (bsc#983143)
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bnc#963762).
- CVE-2016-3672: The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel did not properly randomize the legacy base address, which made it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits (bnc#974308).
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755).
- CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call. (bnc#978401)
- CVE-2016-4486: The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#978822).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bnc#979548 bsc#980363).
- CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface. (bsc#979213)
- CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize certain r1 data structures, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (bnc#979879).
- CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions (bnc#980371).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).
- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary. (bnc#986365).
- CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel did not initialize a certain structure member, which allowed remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message (bnc#983213).
- CVE-2016-5828: The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms mishandled transactional state, which allowed local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call. (bsc#986569)
- CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572).

The following non-security bugs were fixed:
- Add wait_event_cmd() (bsc#953048).
- alsa: hrtimer: Handle start/stop more properly (bsc#973378).
- base: make module_create_drivers_dir race-free (bnc#983977).
- btrfs: be more precise on errors when getting an inode from disk (bsc#981038).
- btrfs: do not use src fd for printk (bsc#980348).
- btrfs: improve performance on fsync against new inode after rename/unlink (bsc#981038).
- btrfs: qgroup: Fix qgroup accounting when creating snapshot (bsc#972933).
- btrfs: serialize subvolume mounts with potentially mismatching rw flags (bsc#951844).
- cdc_ncm: workaround for EM7455 "silent" data interface (bnc#988552).
- ceph: tolerate bad i_size for symlink inode (bsc#985232).
- drm/mgag200: Add support for a new G200eW3 chipset (bsc#983904).
- drm/mgag200: Add support for a new rev of G200e (bsc#983904).
- drm/mgag200: Black screen fix for G200e rev 4 (bsc#983904).
- drm/mgag200: remove unused variables (bsc#983904).
- drm: qxl: Workaround for buggy user-space (bsc#981344).
- EDAC: Correct channel count limit (bsc#979521).
- EDAC: Remove arbitrary limit on number of channels (bsc#979521).
- EDAC, sb_edac: Add support for duplicate device IDs (bsc#979521).
- EDAC/sb_edac: Fix computation of channel address (bsc#979521).
- EDAC, sb_edac: Fix rank lookup on Broadwell (bsc#979521).
- EDAC, sb_edac: Fix TAD presence check for sbridge_mci_bind_devs() (bsc#979521).
- EDAC: Use static attribute groups for managing sysfs entries (bsc#979521).
- efifb: Add support for 64-bit frame buffer addresses (bsc#973499).
- efifb: Fix 16 color palette entry calculation (bsc#983318).
- efifb: Fix KABI of screen_info struct (bsc#973499).
- ehci-pci: enable interrupt on BayTrail (bnc#947337).
- enic: set netdev->vlan_features (bsc#966245).
- fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
- hid-elo: kill not flush the work (bnc#982354).
- iommu/vt-d: Enable QI on all IOMMUs before setting root entry (bsc#975772).
- ipvs: count pre-established TCP states as active (bsc#970114).
- kabi: prevent spurious modversion changes after bsc#982544 fix (bsc#982544).
- kabi/severities: Added raw3270_* PASS to allow IBM LTC changes. (bnc#979922, LTC#141736)
- ktime: make ktime_divns exported on 32-bit architectures.
- md: be careful when testing resync_max against curr_resync_completed (bsc#953048).
- md: do_release_stripe(): No need to call md_wakeup_thread() twice (bsc#953048).
- md: make sure MD_RECOVERY_DONE is clear before starting recovery/resync (bsc#953048).
- md/raid56: Do not perform reads to support writes until stripe is ready.
- md/raid5: add handle_flags arg to break_stripe_batch_list (bsc#953048).
- md/raid5: allow the stripe_cache to grow and shrink (bsc#953048).
- md/raid5: always set conf->prev_chunk_sectors and ->prev_algo (bsc#953048).
- md/raid5: avoid races when changing cache size (bsc#953048).
- md/raid5: avoid reading parity blocks for full-stripe write to degraded array (bsc#953048).
- md/raid5: be more selective about distributing flags across batch (bsc#953048).
- md/raid5: break stripe-batches when the array has failed (bsc#953048).
- md/raid5: call break_stripe_batch_list from handle_stripe_clean_event (bsc#953048).
- md/raid5: change ->inactive_blocked to a bit-flag (bsc#953048).
- md/raid5: clear R5_NeedReplace when no longer needed (bsc#953048).
- md/raid5: close race between STRIPE_BIT_DELAY and batching (bsc#953048).
- md/raid5: close recently introduced race in stripe_head management.
- md/raid5: consider updating reshape_position at start of reshape (bsc#953048).
- md/raid5: deadlock between retry_aligned_read with barrier io (bsc#953048).
- md/raid5: do not do chunk aligned read on degraded array (bsc#953048).
- md/raid5: do not index beyond end of array in need_this_block() (bsc#953048).
- md/raid5: do not let shrink_slab shrink too far (bsc#953048).
- md/raid5: duplicate some more handle_stripe_clean_event code in break_stripe_batch_list (bsc#953048).
- md/raid5: Ensure a batch member is not handled prematurely (bsc#953048).
- md/raid5: ensure device failure recorded before write request returns (bsc#953048).
- md/raid5: ensure whole batch is delayed for all required bitmap updates (bsc#953048).
- md/raid5: fix allocation of 'scribble' array (bsc#953048).
- md/raid5: fix another livelock caused by non-aligned writes (bsc#953048).
- md/raid5: fix handling of degraded stripes in batches (bsc#953048).
- md/raid5: fix init_stripe() inconsistencies (bsc#953048).
- md/raid5: fix locking in handle_stripe_clean_event() (bsc#953048).
- md/raid5: fix newly-broken locking in get_active_stripe.
- md/raid5: For stripe with R5_ReadNoMerge, we replace REQ_FLUSH with REQ_NOMERGE.
- md/raid5: handle possible race as reshape completes (bsc#953048).
- md/raid5: ignore released_stripes check (bsc#953048).
- md/raid5: more incorrect BUG_ON in handle_stripe_fill (bsc#953048).
- md/raid5: move max_nr_stripes management into grow_one_stripe and drop_one_stripe (bsc#953048).
- md/raid5: need_this_block: start simplifying the last two conditions (bsc#953048).
- md/raid5: need_this_block: tidy/fix last condition (bsc#953048).
- md/raid5: new alloc_stripe() to allocate an initialize a stripe (bsc#953048).
- md/raid5: pass gfp_t arg to grow_one_stripe() (bsc#953048).
- md/raid5: per hash value and exclusive wait_for_stripe (bsc#953048).
- md/raid5: preserve STRIPE_PREREAD_ACTIVE in break_stripe_batch_list.
- md/raid5: remove condition test from check_break_stripe_batch_list (bsc#953048).
- md/raid5: remove incorrect "min_t()" when calculating writepos (bsc#953048).
- md/raid5: remove redundant check in stripe_add_to_batch_list() (bsc#953048).
- md/raid5: separate large if clause out of fetch_block() (bsc#953048).
- md/raid5: separate out the easy conditions in need_this_block (bsc#953048).
- md/raid5: split wait_for_stripe and introduce wait_for_quiescent (bsc#953048).
- md/raid5: strengthen check on reshape_position at run (bsc#953048).
- md/raid5: switch to use conf->chunk_sectors in place of mddev->chunk_sectors where possible (bsc#953048).
- md/raid5: use bio_list for the list of bios to return (bsc#953048).
- md/raid5: use ->lock to protect accessing raid5 sysfs attributes (bsc#953048).
- md: remove unwanted white space from md.c (bsc#953048).
- md: use set_bit/clear_bit instead of shift/mask for bi_flags changes (bsc#953048).
- mm: increase safety margin provided by PF_LESS_THROTTLE (bsc#956491).
- mm/swap.c: flush lru pvecs on compound page arrival (bnc#983721).
- net: Account for all vlan headers in skb_mac_gso_segment (bsc#968667).
- net: disable fragment reassembly if high_thresh is set to zero (bsc#970506).
- netfilter: bridge: do not leak skb in error paths (bsc#982544).
- netfilter: bridge: forward IPv6 fragmented packets (bsc#982544).
- netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in br_validate_ipv6 (bsc#982544).
- net: fix wrong mac_len calculation for vlans (bsc#968667).
- net/qlge: Avoids recursive EEH error (bsc#954847).
- net: Start with correct mac_len in skb_network_protocol (bsc#968667).
- nvme: don't poll the CQ from the kthread (bsc#975788, bsc#965087).
- PCI/AER: Clear error status registers during enumeration and restore (bsc#985978).
- perf/rapl: Fix sysfs_show() initialization for RAPL PMU (bsc#979489).
- perf/x86/intel: Add Intel RAPL PP1 energy counter support (bsc#979489).
- ppp: defer netns reference release for ppp channel (bsc#980371).
- qeth: delete napi struct when removing a qeth device (bnc#988215, LTC#143590).
- raid5: add a new flag to track if a stripe can be batched (bsc#953048).
- raid5: add an option to avoid copy data from bio to stripe cache (bsc#953048).
- raid5: avoid release list until last reference of the stripe (bsc#953048).
- raid5: batch adjacent full stripe write (bsc#953048).
- raid5: check faulty flag for array status during recovery (bsc#953048).
- RAID5: check_reshape() shouldn't call mddev_suspend (bsc#953048).
- raid5: fix a race of stripe count check.
- raid5: fix broken async operation chain (bsc#953048).
- raid5: get_active_stripe avoids device_lock.
- raid5: handle expansion/resync case with stripe batching (bsc#953048).
- raid5: handle io error of batch list (bsc#953048).
- raid5: make_request does less prepare wait.
- raid5: relieve lock contention in get_active_stripe().
- raid5: relieve lock contention in get_active_stripe().
- raid5: Retry R5_ReadNoMerge flag when hit a read error.
- RAID5: revert e9e4c377e2f563 to fix a livelock (bsc#953048).
- raid5: speedup sync_request processing (bsc#953048).
- raid5: track overwrite disk count (bsc#953048).
- raid5: update analysis state for failed stripe (bsc#953048).
- raid5: use flex_array for scribble data (bsc#953048).
- Refresh patches.xen/xen-netback-coalesce: Restore copying of SKBs with head exceeding page size (bsc#978469).
- s390/3270: add missing tty_kref_put (bnc#979922, LTC#141736).
- s390/3270: avoid endless I/O loop with disconnected 3270 terminals (bnc#979922, LTC#141736).
- s390/3270: fix garbled output on 3270 tty view (bnc#979922, LTC#141736).
- s390/3270: fix view reference counting (bnc#979922, LTC#141736).
- s390/3270: handle reconnect of a tty with a different size (bnc#979922, LTC#141736).
- s390/3270: hangup the 3270 tty after a disconnect (bnc#979922, LTC#141736).
- s390: fix test_fp_ctl inline assembly contraints (bnc#988215, LTC#143138).
- s390/mm: fix asce_bits handling with dynamic pagetable levels (bnc#979922, LTC#141456).
- s390/spinlock: avoid yield to non existent cpu (bnc#979922, LTC#141106).
- sb_edac: correctly fetch DIMM width on Ivy Bridge and Haswell (bsc#979521).
- sb_edac: Fix a typo and a thinko in address handling for Haswell (bsc#979521).
- sb_edac: Fix support for systems with two home agents per socket (bsc#979521).
- sb_edac: look harder for DDRIO on Haswell systems (bsc#979521).
- sb_edac: support for Broadwell -EP and -EX (bsc#979521).
- sched/cputime: Fix clock_nanosleep()/clock_gettime() inconsistency (bnc#988498).
- sched/cputime: Fix cpu_timer_sample_group() double accounting (bnc#988498).
- sched: Provide update_curr callbacks for stop/idle scheduling classes (bnc#988498).
- sched/x86: Fix up typo in topology detection (bsc#974165).
- scsi: Increase REPORT_LUNS timeout (bsc#982282).
- series.conf: move netfilter section at the end of core networking
- series.conf: move stray netfilter patches to the right section
- target/rbd: do not put snap_context twice (bsc#981143).
- target/rbd: remove caw_mutex usage (bsc#981143).
- Update patches.drivers/0001-nvme-fix-max_segments-integer-truncation.patch (bsc#979419). Fix reference.
- Update patches.drivers/nvme-0106-init-nvme-queue-before-enabling-irq.patch (bsc#962742). Fix incorrect bugzilla referece.
- usb: quirk to stop runtime PM for Intel 7260 (bnc#984456).
- usb: xhci: Add broken streams quirk for Frescologic device id 1009 (bnc#982698).
- VSOCK: Fix lockdep issue (bsc#977417).
- VSOCK: sock_put wasn't safe to call in interrupt context (bsc#977417).
- wait: introduce wait_event_exclusive_cmd (bsc#953048).
- x86 EDAC, sb_edac.c: Repair damage introduced when "fixing" channel address (bsc#979521).
- x86 EDAC, sb_edac.c: Take account of channel hashing when needed (bsc#979521).
- x86/efi: parse_efi_setup() build fix (bsc#979485).
- x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).
- x86: Removed the free memblock of hibernat keys to avoid memory corruption (bsc#990058).
- x86, sched: Add new topology for multi-NUMA-node CPUs (bsc#974165).
- x86: standardize mmap_rnd() usage (bnc#974308).
- xen: fix i586 build after SLE12-SP1 commit 2f4c3ff45d5e.
- xfs: fix premature enospc on inode allocation (bsc#984148).
- xfs: get rid of XFS_IALLOC_BLOCKS macros (bsc#984148).
- xfs: get rid of XFS_INODE_CLUSTER_SIZE macros (bsc#984148).

Fixed bugs
bnc#947337
TGCS: Ichigan 6140-x3x No respond on device connected to USB port when BIOS set at USB2.0 mode
bnc#950998
VUL-1: CVE-2015-7833: kernel: usbvision: crash on invalid USB device descriptors
bnc#951844
Partner-L3: [HP HPS Bug] SLES12SP1 RC2 system boots to emergency mode
bnc#953048
Partner-L3: Software RAID 5 performance is poor with NVME devices
bnc#954847
CST830:Alpine:alp16p02:SLES11SP4:Mason:EEH:EEH causes lpar to crash/reboot
bnc#956491
change the deadlock behavior of loop-back mounted NFS
bnc#957990
VUL-0: CVE-2015-8551,CVE-2015-8552,CVE-2015-8553: kernel: xen: Linux pciback missing sanity checks leading to crash (XSA-157)
bnc#962742
During NVMe reset a race condition can lead to a kernel panic
bnc#963762
VUL-0: CVE-2016-2053: kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature()
bnc#966245
L3-Question: GSO-TSO Settings not reporting on the VLAN Interface for SLES 12
bnc#968667
poor network speed due to tso / gro enabled on ovs interfaces
bnc#970114
L3-Question: IPVS “least connection” distribution algorithm doesn't weight TCP SYNs correctly
bnc#970506
net.ipv4.ipfrag_[low|high]_thresh=0 does not drop fragmented traffic
bnc#972933
Filters not getting applied properly for Suite reports
bnc#973378
[syzkaller] snd_timer BUG: KASAN: use-after-free in snd_timer_interrupt
bnc#973499
USB Installation failed didn't see YaST installation UI
bnc#974165
Enabling "Cluster on Die" causes misreporting of socket count in lscpu
bnc#974308
VUL-1: CVE-2016-3672: kernel: Unlimiting the stack not longer disables ASLR
bnc#975531
VUL-0: CVE-2015-8844: kernel: incorrect restoration of machine specific registers from userspace
bnc#975533
VUL-0: CVE-2015-8845: kernel: incorrect restoration of machine specific registers from userspace
bnc#977417
L3: VMWare ESXi 6.0: SLES12 SP1 guest with kernel 3.12.57-60.35-default is crashing with an invalid RIP:
bnc#978469
kernel BUG at ../drivers/xen/netback/netback.c:658
bnc#979419
SLES 11 SP4 - NVMe io requests gets broken down to 64k block requests
bnc#979485
kernel build without CONFIG_EFI fails
bnc#979489
kernel panics when trinity is executed in docker
bnc#979521
kernel panicked when the memory CE occurred
bnc#979548
VUL-0: CVE-2016-4565: kernel: infiniband: Using write() instead of bi-directional ioctl() allows writing into user specified kernel memory
bnc#979867
VUL-0: CVE-2016-0758: kernel: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()
bnc#979879
VUL-1: CVE-2016-4578: kernel: Information leak in events in timer.c
bnc#979922
SLES 12 SP1 - IBM LTC System z maintenance kernel patches (#08)
bnc#980348
btrfs: possible to crash using BTRFS_IOC_SNAP_CREATE_V2 ioctl w/ non-btrfs file descriptor
bnc#980363
VUL-0: CVE-2016-2189: kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko
bnc#980371
VUL-0: CVE-2016-4805: kernel: Use after free vulnerability in ppp_unregister_channel
bnc#981038
dbench4.0 async/fsync report huge decline in higher processes (BtrFS)
bnc#981143
kernel memory corruption due to double-free of ceph_snap_context
bnc#981344
qxl drm driver is breaking KDE5
bnc#982282
SLES 12 SP1 - SCSI: Increase REPORT_LUNS timeout
bnc#982354
unplugging a quirky Elo TouchSystems touchscreen crashes the system
bnc#982544
bridge forwarding of IPv6 fragments broken if nf_defrag_ipv6 is loaded
bnc#982698
use of streams with UAS on Frescologic device id 1009 can brick motherboards
bnc#983213
VUL-1: CVE-2016-5244: kernel-source: rds: fix an infoleak in rds_inc_info_copy
bnc#983318
efifb fails to display fbcon on 16bpp
bnc#983721
Not all memory is reclaimed after process termination with THP enabled
bnc#983904
[mgag200] Add support for MGA G200 SE Rev.4
bnc#983977
[rmmod] rmmod of saa7146 in D state infinitely
bnc#984148
xfs online resize does not increase possible inodes much without remount
bnc#984456
Bluetooth stop to work after a few minute
bnc#984755
VUL-0: CVE-2016-4470: kernel-source: Uninitialized variable in request_key handling causes kernel crash in error handling path
bnc#985978
Clear AER error status during enumeration and resume
bnc#986362
VUL-0: CVE-2016-4997: kernel: Linux local privilege escalation in compat_setsockopt
bnc#986365
VUL-0: CVE-2016-4998: kernel: OOB read / Denial of Service in setsockopt()
bnc#986572
VUL-0: CVE-2016-5829: kernel-source: HID: hiddev buffer overflows
bnc#986811
VUL-0: CVE-2014-9904: kernel-source: The snd_compress_check_input function in sound/core/compress_offload.cin the ALSA subsystem in the ...
bnc#953048
Software RAID 5 performance is poor with NVME devices
bnc#954847
CST830:Alpine:alp16p02:SLES11SP4:Mason:EEH:EEH causes lpar to crash/reboot
bnc#963655
CIFS client for Linux fails to resolve DFS Link if DFS Target is a path to a subdirectory on a share
bnc#965087
Machine crashed on openQA load
bnc#971770
kvm guest does not show the cpu flag nonstop_tsc which is needed by SAP HANA certification on KVM
bnc#973378
[syzkaller] snd_timer BUG: KASAN: use-after-free in snd_timer_interrupt
bnc#974620
Excessive kernel logging: kernel: [xx.yy] Program dmidecode tried to access /dev/mem
bnc#975772
Backport recent IOMMU fixes to SLE kernels
bnc#975788
Kernel panics when executing stress test on Intel Fultondale P3700
bnc#978401
VUL-1: CVE-2016-4482: kernel: information leak in devio of Linux kernel
bnc#979213
VUL-1: CVE-2016-4569: kernel: information leak vulnerability in Linux sound module
bnc#979521
kernel panicked when the memory CE occurred
bnc#979681
can not mount subdirectory share after netapp upgrade
bnc#979879
VUL-1: CVE-2016-4578: kernel: Information leak in events in timer.c
bnc#980371
VUL-0: CVE-2016-4805: kernel: Use after free vulnerability in ppp_unregister_channel
bnc#982282
SLES 12 SP1 - SCSI: Increase REPORT_LUNS timeout
bnc#982354
unplugging a quirky Elo TouchSystems touchscreen crashes the system
bnc#983143
VUL-0: CVE-2016-1583: kernel: ecryptfs: stack overflow in ecryptfs with /proc/pid/environ could lead to root
bnc#983213
VUL-1: CVE-2016-5244: kernel-source: rds: fix an infoleak in rds_inc_info_copy
bnc#983721
Not all memory is reclaimed after process termination with THP enabled
bnc#983977
[rmmod] rmmod of saa7146 in D state infinitely
bnc#984755
VUL-0: CVE-2016-4470: kernel-source: Uninitialized variable in request_key handling causes kernel crash in error handling path
bnc#985232
MDS dies while running xfstests generic/013 - FAILED assert(in->is_file())
bnc#985978
Clear AER error status during enumeration and resume
bnc#986362
VUL-0: CVE-2016-4997: kernel: Linux local privilege escalation in compat_setsockopt
bnc#986569
VUL-0: CVE-2016-5828: kernel-source: powerpc/tm: Always reclaim in start_thread() for exec() class syscalls - Linux kernel
bnc#986572
VUL-0: CVE-2016-5829: kernel-source: HID: hiddev buffer overflows
bnc#986811
VUL-0: CVE-2014-9904: kernel-source: The snd_compress_check_input function in sound/core/compress_offload.cin the ALSA subsystem in the ...
bnc#988215
SLES 12 SP1 - IBM LTC System z maintenance kernel patches (#09)
bnc#988498
SLES 12 SP1 - timer signal is invoked earlier than expected.
bnc#988552
Sierra EM7455 MBIM dongle fails to transmit data
bnc#990058
SLES12 SP1 for SAP fails to install on DL580Gen9 server
bnc#978822
VUL-0: CVE-2016-4486: kernel: Information leak in rtnetlink
CVE-2014-9904
CVE-2016-1583
CVE-2016-4470
CVE-2016-4482
CVE-2016-4569
CVE-2016-4578
CVE-2016-4997
CVE-2016-5244
CVE-2016-5828
CVE-2016-5829
CVE-2014-9904
CVE-2015-7833
CVE-2015-8551
CVE-2015-8552
CVE-2015-8845
CVE-2016-0758
CVE-2016-2053
CVE-2016-3672
CVE-2016-4470
CVE-2016-4565
CVE-2016-4578
CVE-2016-4805
CVE-2016-4997
CVE-2016-5244
CVE-2016-5829
CVE-2016-4486
CVE-2016-4998
Selected Binaries
openSUSE Build Service is sponsored by
Places