Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for the Linux Kernel

The openSUSE 13.1 kernel was updated to fix bugs and security issues.

The following security bugs were fixed:

- CVE-2016-8666: The IP stack in the Linux kernel allowed remote attackers
to cause a denial of service (stack consumption and panic) or possibly
have unspecified other impact by triggering use of the GRO path for
packets with tunnel stacking, as demonstrated by interleaved IPv4 headers
and GRE headers, a related issue to CVE-2016-7039 (bnc#1001486).
- CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed,
which is reportedly exploited in the wild (bsc#1004418).

The following non-security bugs were fixed:

- sched/core: Fix a race between try_to_wake_up() and a woken up task (bsc#1002165, bsc#1001419).
- sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule() (bnc#1001419).
- tunnels: Do not apply GRO to multiple layers of encapsulation (bsc#1001486).

Fixed bugs
bnc#1001419
L3: Oops: System Reset, sig: 6
bnc#1001486
VUL-0: CVE-2016-7039, CVE-2016-8666: kernel-source: remote crash via stack overflow
bnc#1002165
Please integrate patch "sched/core: Fix a race between try_to_wake_up() and a woken up task" in SLES 11 SP4
bnc#1004418
VUL-0: CVE-2016-5195: kernel: local privilege escalation using MAP_PRIVATE
CVE-2016-8666
CVE-2016-5195
Selected Binaries
openSUSE Build Service is sponsored by
Places