File _patchinfo of Package patchinfo.2991
<patchinfo incident="2991"> <issue id="970114" tracker="bnc">L3-Question: IPVS “least connection” distribution algorithm doesn't weight TCP SYNs correctly</issue> <issue id="963762" tracker="bnc">VUL-0: CVE-2016-2053: kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature()</issue> <issue id="979018" tracker="bnc">VUL-0: CVE-2016-4557: kernel: double-free/use-after-free in eBPF</issue> <issue id="970506" tracker="bnc">net.ipv4.ipfrag_[low|high]_thresh=0 does not drop fragmented traffic</issue> <issue id="971126" tracker="bnc">VUL-0: CVE-2016-3134: kernel: netfilter: missing bounds check in ipt_entry structure</issue> <issue id="978401" tracker="bnc">VUL-1: CVE-2016-4482: kernel: information leak in devio of Linux kernel</issue> <issue id="945345" tracker="bnc">[BYT, grub2, vbe] During Boot, junk characters and kernel/initrd error messages on display</issue> <issue id="977198" tracker="bnc">[request] Backport overlay and union filesystem fixes</issue> <issue id="971360" tracker="bnc">VUL-0: CVE-2016-3156: kernel-source: ipv4: denial of service when destroying a network interface</issue> <issue id="979728" tracker="bnc">kernel: unplug of USB stick makes systemd-udev trigger an Oops</issue> <issue id="979913" tracker="bnc">VUL-0: CVE-2016-4581: kernel: Slave being first propagated copy causes oops in propagate_mnt</issue> <issue id="979879" tracker="bnc">VUL-1: CVE-2016-4578: kernel: Information leak in events in timer.c</issue> <issue id="979548" tracker="bnc">VUL-0: CVE-2016-4565: kernel: infiniband: Using write() instead of bi-directional ioctl() allows writing into user specified kernel memory</issue> <issue id="981058" tracker="bnc">VUL-0: CVE-2016-4951: kernel: Null pointer dereference in tipc_nl_publ_dump</issue> <issue id="980348" tracker="bnc">btrfs: possible to crash using BTRFS_IOC_SNAP_CREATE_V2 ioctl w/ non-btrfs file descriptor</issue> <issue id="989176" tracker="bnc">Kernel 4.1.28 (from kernel:openSUSE-42.1 standard) iptables/iptables-batch hangs (SuSEfirewall2)</issue> <issue id="987886" tracker="bnc">kernel crash if multiple low speed devices are plugged into one OHCI and an error happens</issue> <issue id="983143" tracker="bnc">VUL-0: CVE-2016-1583: kernel: ecryptfs: stack overflow in ecryptfs with /proc/pid/environ could lead to root</issue> <issue id="982238" tracker="bnc">"Hide" ballooned memory</issue> <issue id="982239" tracker="bnc">More detailed statistics from the balloon</issue> <issue id="978821" tracker="bnc">VUL-0: CVE-2016-4485: kernel: Information leak in llc module</issue> <issue id="978822" tracker="bnc">VUL-0: CVE-2016-4486: kernel: Information leak in rtnetlink</issue> <issue id="991105" tracker="bnc">i2c-designware-* drivers are not marked as supported.</issue> <issue id="973378" tracker="bnc">[syzkaller] snd_timer BUG: KASAN: use-after-free in snd_timer_interrupt</issue> <issue id="971799" tracker="bnc">[syzkaller] bluetooth BUG: KASAN: use-after-free in vhci_send_frame</issue> <issue id="970955" tracker="bnc">VUL-1: CVE-2016-3136: kernel-source: Crash on invalid USB device descriptors (mct_u232 driver)</issue> <issue id="970970" tracker="bnc">VUL-1: CVE-2016-3137: kernel-source: Crash on invalid USB device descriptors (cypress_m8 driver)</issue> <issue id="986362" tracker="bnc">VUL-0: CVE-2016-4997: kernel: Linux local privilege escalation in compat_setsockopt</issue> <issue id="954647" tracker="bnc">Fixes for Dell headset are missing from Leap 4.1.x kernel</issue> <issue id="983977" tracker="bnc">[rmmod] rmmod of saa7146 in D state infinitely</issue> <issue id="970275" tracker="bnc">xenbus deadlock</issue> <issue id="970892" tracker="bnc">VUL-0: CVE-2016-3140: kernel-source: crash on invalid USB device descriptors (digi_acceleport driver)</issue> <issue id="984755" tracker="bnc">VUL-0: CVE-2016-4470: kernel-source: Uninitialized variable in request_key handling causes kernel crash in error handling path</issue> <issue id="955654" tracker="bnc">VUL-0: CVE-2013-7446: kernel: Unix sockets use after free - peer_wait_queue prematurely freed</issue> <issue id="979213" tracker="bnc">VUL-1: CVE-2016-4569: kernel: information leak vulnerability in Linux sound module</issue> <issue id="979278" tracker="bnc">Missing stable sound backports up to 4.6</issue> <issue id="986530" tracker="bnc">Network on Cavium HW does not get initialized at boot</issue> <issue id="986572" tracker="bnc">VUL-0: CVE-2016-5829: kernel-source: HID: hiddev buffer overflows</issue> <issue id="989084" tracker="bnc">The last kernel update broke "ecryptfs"</issue> <issue id="986570" tracker="bnc">VUL-0: CVE-2016-1237: kernel-source: nfsd: any user can set a file's ACL over NFS and grant access to it</issue> <issue id="978469" tracker="bnc">kernel BUG at ../drivers/xen/netback/netback.c:658</issue> <issue id="966849" tracker="bnc">[syzkaller] vhci WARNING: at kernel/workqueue.c:4042</issue> <issue id="980657" tracker="bnc">ISST-LTE:pVM:chalklp2:sles12 sp2: WARNING: at ../net/core/skbuff.c:4195 (Infiniband)</issue> <issue id="973570" tracker="bnc">smbd locks up the kernel</issue> <issue id="917648" tracker="bnc">Kernel Oops in eventpoll function ep_remove_wait_queue with UNIX datagram sockets</issue> <issue id="980371" tracker="bnc">VUL-0: CVE-2016-4805: kernel: Use after free vulnerability in ppp_unregister_channel</issue> <issue id="984460" tracker="bnc">Bluetooth stop to work after a few minute</issue> <issue id="975945" tracker="bnc">VUL-0: CVE-2016-3955: kernel: buffer overflow in usbip by trusting length of incoming packets</issue> <issue id="970948" tracker="bnc">VUL-0: CVE-2016-2847: kernel-source: limit the per-user amount of pages allocated in pipes</issue> <issue id="979867" tracker="bnc">VUL-0: CVE-2016-0758: kernel: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()</issue> <issue id="974308" tracker="bnc">VUL-1: CVE-2016-3672: kernel: Unlimiting the stack not longer disables ASLR</issue> <issue id="966245" tracker="bnc">L3-Question: GSO-TSO Settings not reporting on the VLAN Interface for SLES 12</issue> <issue id="966684" tracker="bnc">VUL-0: CVE-2016-2383: kernel: Incorrect branch fixups for eBPF allow arbitrary read</issue> <issue id="981267" tracker="bnc">VUL-1: CVE-2016-4580: kernel: Information leak in x25 module</issue> <issue id="983213" tracker="bnc">VUL-1: CVE-2016-5244: kernel-source: rds: fix an infoleak in rds_inc_info_copy</issue> <issue id="966693" tracker="bnc">VUL-0: CVE-2016-2384: kernel: ALSA: usb-audio: double-free triggered by invalid USB descriptor</issue> <issue id="968018" tracker="bnc">VUL-1: kernel: ALSA core issues reported by syzkaller fuzzer</issue> <issue id="982712" tracker="bnc">use of streams with UAS on Frescologic device id 1009 can brick motherboards</issue> <issue id="974266" tracker="bnc">KVM: AArch64: Some times build jobs hang forever</issue> <issue id="978073" tracker="bnc">USB3 bus fails to enumerate in rare cases</issue> <issue id="981344" tracker="bnc">qxl drm driver is breaking KDE5</issue> <issue id="980265" tracker="bnc">VUL-0: CVE-2016-4794: kernel: Use after free in array_map_alloc</issue> <issue id="2016-0758" tracker="cve" /> <issue id="2016-2384" tracker="cve" /> <issue id="2016-2383" tracker="cve" /> <issue id="2016-1237" tracker="cve" /> <issue id="2013-7446" tracker="cve" /> <issue id="2016-4569" tracker="cve" /> <issue id="2016-3156" tracker="cve" /> <issue id="2016-4565" tracker="cve" /> <issue id="2016-3134" tracker="cve" /> <issue id="2016-3136" tracker="cve" /> <issue id="2016-3137" tracker="cve" /> <issue id="2016-5244" tracker="cve" /> <issue id="2016-4580" tracker="cve" /> <issue id="2016-4581" tracker="cve" /> <issue id="2016-4951" tracker="cve" /> <issue id="2016-4485" tracker="cve" /> <issue id="2016-4482" tracker="cve" /> <issue id="2016-4997" tracker="cve" /> <issue id="2016-4486" tracker="cve" /> <issue id="2016-4578" tracker="cve" /> <issue id="2016-2847" tracker="cve" /> <issue id="2016-4557" tracker="cve" /> <issue id="2016-4794" tracker="cve" /> <issue id="2016-4470" tracker="cve" /> <issue id="2016-3672" tracker="cve" /> <issue id="2016-3140" tracker="cve" /> <issue id="2016-1583" tracker="cve" /> <issue id="2016-5829" tracker="cve" /> <issue id="2016-4805" tracker="cve" /> <issue id="2016-2053" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>mbrugger</packager> <description> This update for kernel-source-arm64 fixes the following issues: - netfilter/arp_tables: Simplify translate_compat_table args (CVE-2016-4997 bsc#986362). - netfilter/ip6_tables: Simplify translate_compat_table args (CVE-2016-4997 bsc#986362). - netfilter/ip_tables: Simplify translate_compat_table args (CVE-2016-4997 bsc#986362). - netfilter/x_tables: Add and use xt_check_entry_offsets (CVE-2016-4997 bsc#986362). - netfilter/x_tables: Add compat version of xt_check_entry_offsets (CVE-2016-4997 bsc#986362). - netfilter/x_tables: Assert minimum target size (CVE-2016-4997 bsc#986362). - netfilter/x_tables: Check for bogus target offset (CVE-2016-4997 bsc#986362). - netfilter/x_tables: Check standard target size too (CVE-2016-4997 bsc#986362). - netfilter/x_tables: Do compat validation via translate_table (CVE-2016-4997 bsc#986362). - netfilter/x_tables: Don't move to non-existent next rule (CVE-2016-4997 bsc#986362). - netfilter/x_tables: Don't reject valid target size on some architectures (CVE-2016-4997 bsc#986362). - netfilter/x_tables: Fix 4.1 stable backport (bsc#989176). - netfilter/x_tables: Kill check_entry helper (CVE-2016-4997 bsc#986362). - netfilter/x_tables: Speed up jump target validation (CVE-2016-4997 bsc#986362). - netfilter/x_tables: Validate all offsets and sizes in a rule (CVE-2016-4997 bsc#986362). - netfilter/x_tables: Validate targets of jumps (CVE-2016-4997 bsc#986362). - netfilter/x_tables: xt_compat_match_from_user doesn't need a retval (CVE-2016-4997 bsc#986362). - Revert "mm/swap.c: Flush lru pvecs on compound page arrival" (bsc#989084). - Revert "powerpc: Update TM user feature bits in scan_features()". - supported.conf: Add bmp085 preassure sensor. - supported.conf: Mark i2c-designware-core and i2c-designware-platform as supported. - supported.conf: Mark i2c-designware-pci as supported (bsc#991105). - Linux 4.1.28 (CVE-2016-2847 CVE-2016-3134 CVE-2016-3156 CVE-2016-4470 CVE-2016-4485 CVE-2016-4486 CVE-2016-4557 CVE-2016-4580 CVE-2016-4794 CVE-2016-4805 CVE-2016-4951 CVE-2016-4997 CVE-2016-5829 bsc#975945 bsc#980265 bsc#983977 bsc#954647 bsc#970948 bsc#971126 bsc#971360 bsc#973378 bsc#978821 bsc#978822 bsc#979018 bsc#980348 bsc#980371 bsc#981058 bsc#981267 bsc#984755 bsc#986362 bsc#986572). Update kconfigs to set to CONFIG_BMP085=m - base: Make module_create_drivers_dir race-free (bsc#983977). - ecryptfs: Don't allow mmap when the lower file system doesn't allow it (bsc#983143 CVE-2016-1583). - hid/hiddev: Validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands (bsc#986572 CVE-2016-5829). - ipvs: Count pre-established TCP states as active (bsc#970114). - keys: Potential uninitialized variable (bsc#984755, CVE-2016-4470). - mm/page_alloc.c: Calculate 'available' memory in a separate function (bsc#982239). - net/thunderx: Fix link status reporting (bsc#986530). - net/thunderx: Fix TL4 configuration for secondary Qsets (bsc#986530). - nfsd: Check permissions when setting ACLs (bsc#986570). - percpu: Fix synchronization between chunk->map_extend_work and chunk destruction (CVE-2016-4794, bsc#980265). - percpu: Fix synchronization between synchronous map extension and chunk destruction (CVE-2016-4794, bsc#980265). - posix_acl: Add set_posix_acl (bsc#986570). - rds: Fix an infoleak in rds_inc_info_copy (bsc#983213 CVE-2016-5244). - Restore copying of SKBs with head exceeding page size (bsc#978469). - Suppress atomic file position updates for /proc/xen/xenbus (bsc#970275). - Update xen3-patch-4.1.18-19 (CVE-2016-2383 CVE-2016-2384 bsc#966684 bsc#966693 bsc#968018 bsc#973570). - usb/ohci: Don't mark EDs as ED_OPER if scheduling fails (bsc#987886). - usb: Quirk to stop runtime PM for Intel 7260 (bsc#984460). - virtio_balloon: Do not change memory amount visible via /proc/meminfo (bsc#982238). - virtio_balloon: Export 'available' memory to balloon statistics (bsc#982239). - Linux 4.1.26 (bsc#979278 bsc#966849 bsc#971799). - asn.1: Fix non-match detection failure on data overrun (bsc#963762, CVE-2016-2053). - bluetooth: Fix power_on vs close race (bsc#966849). - drm/qxl: Workaround for buggy user-space (bsc#981344). - enic: Set netdev->vlan_features (bsc#966245). - keys: Fix ASN.1 indefinite length object parsing (bsc#979867, CVE-2016-0758). - net: Disable fragment reassembly if high_thresh is zero (bsc#970506). - net: Fix a kernel infoleak in x25 module (CVE-2016-4580, bsc#981267). - usb/core/hub: hub_port_init lock controller instead of bus (bsc#978073). - usb: Preserve kABI in address0 locking (bsc#978073). - usb/xhci: Add broken streams quirk for Frescologic device id 1009 (bsc#982712). - Linux 4.1.25 (CVE-2016-4565 bsc#979278 bsc#979548). - alsa/hrtimer: Handle start/stop more properly (bsc#973378). - btrfs: Don't use src fd for printk (bsc#980348). - ib/ipoib: Do not set skb truesize since using one linearskb (bsc#980657). - ib/security: Restrict use of the write() interface (bsc#979548 CVE-2016-4565). - net: Fix infoleak in llc (bsc#978821, CVE-2016-4485). - ppp: Take reference on channels netns (CVE-2016-4805 bsc#980371). - propogate_mnt: Handle the first propogated copy being a slave (bsc#979913 CVE-2016-4581) - Revert "usb: hub: do not clear BOS field during reset device" (bsc#979728). - tipc: Check nl sock before parsing nested attributes (CVE-2016-4951 bsc#981058). - usb/usbfs: Fix potential infoleak in devio (bsc#978401, CVE-2016-4482). - x86/mm/32: Enable full randomization on i386 and X86_32 (bsc#974308, CVE-2016-3672). - Linux 4.1.24 (bsc#979278). - alsa/hda: Add dock support for ThinkPad X260 (bsc#979278). - alsa/hda: Apply fix for white noise on Asus N550JV, too (bsc#979278). - alsa/hda: Asus N750JV external subwoofer fixup (bsc#979278). - alsa/hda: Fix broken reconfig (bsc#979278). - alsa/hda: Fix headphone mic input on a few Dell ALC293 machines (bsc#979278). - alsa/hda: Fix subwoofer pin on ASUS N751 and N551 (bsc#979278). - alsa/hda: Fix white noise on Asus N750JV headphone (bsc#979278). - alsa/hda: Fix white noise on Asus UX501VW headset (bsc#979278). - alsa/hda/realtek: Add ALC3234 headset mode for Optiplex 9020m (bsc#979278). - alsa/hda/realtek: New codecs support for ALC234/ALC274/ALC294 (bsc#979278). - alsa/hda/realtek: New codec support of ALC225 (bsc#979278). - alsa/hda/realtek: Support headset mode for ALC225 (bsc#979278). - alsa/pcxhr: Fix missing mutex unlock (bsc#979278). - alsa/timer: Fix leak in events via snd_timer_user_ccallback (CVE-2016-4569, bsc#979213). - alsa/timer: Fix leak in events via snd_timer_user_tinterrupt (CVE-2016-4569, bsc#979213). - alsa/timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS (CVE-2016-4569, bsc#979213). - alsa/usb-audio: Quirk for yet another Phoenix Audio devices (v2) (bsc#979278). - bluetooth/vhci: Fix open_timeout vs. hdev race (bsc#971799, bsc#966849). - bluetooth/vhci: Fix race at creating hci device (bsc#971799, bsc#966849). - bluetooth/vhci: Purge unhandled skbs (bsc#971799,bsc#966849). - bpf: Fix double-fdput in replace_map_fd_with_map_ptr() (CVE-2016-4557 bsc#979018). - netfilter/x_tables: Fix unconditional helper (CVE-2016-3134 bsc#971126). - netfilter/x_tables: Make sure e->next_offset covers remaining blob size (CVE-2016-3134 bsc#971126). - netfilter/x_tables: Validate e->target_offset early (CVE-2016-3134 bsc#971126). - net: Fix infoleak in rtnetlink (CVE-2016-4486 bsc#978822). - Linux 4.1.23 (CVE-2016-3136 CVE-2016-3137 CVE-2016-3140 bsc#970892 bsc#970955 bsc#970970). - btrfs: Fix crash/invalid memory access on fsync when using overlayfs (bsc#977198) - fs: Add file_dentry() (bsc#977198). - input/i8042: Lower log level for "no controller" message (bsc#945345). - kvm/arm/arm64: Handle forward time correction gracefully (bsc#974266). </description> <summary>Security update for kernel-source-arm64</summary> </patchinfo>
