Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:6024
patchinfo
_patchinfo
Overview
Details
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo
<patchinfo incident="6024"> <issue id="1001171" tracker="bnc">btrfs: InnoDB Fatal error: cannot read from file. OS error number 17.</issue> <issue id="1001486" tracker="bnc">VUL-0: CVE-2016-7039, CVE-2016-8666: kernel-source: remote crash via stack overflow</issue> <issue id="1003925" tracker="bnc">VUL-0: CVE-2015-8956: kernel: NULL dereference in RFCOMM bind callback</issue> <issue id="1004517" tracker="bnc">VUL-0: CVE-2016-7042: kernel: Stack corruption while reading /proc/keys</issue> <issue id="1006580" tracker="bnc">Fixes for 4.1.x openSUSE Leap 42.1 kernel based on commits for aarch64</issue> <issue id="1007197" tracker="bnc">VUL-0: CVE-2016-9083, CVE-2016-9084: kernel: vfio driver integer overflow</issue> <issue id="1007615" tracker="bnc">Endless 'input irq status -75 received' with Aten CS692 KVM Switch when mouse is plugged in</issue> <issue id="1007653" tracker="bnc">btrfs: list corruption with btrfs_sync_log</issue> <issue id="1008650" tracker="bnc">VUL-1: CVE-2016-9178: kernel: Information leak in get_user_ex function</issue> <issue id="1008833" tracker="bnc">VUL-0: CVE-2016-8633: kernel: Buffer overflow in firewire driver via crafted incoming packets</issue> <issue id="1009222" tracker="bnc">VUL-0: CVE-2016-8630: kernel: kvm: null pointer dereference in kvm</issue> <issue id="1010040" tracker="bnc">kernel-obs-qa-xen not needed anymore</issue> <issue id="1010150" tracker="bnc">VUL-0: CVE-2016-8646: kernel-source: oops in shash_async_export()</issue> <issue id="1010478" tracker="bnc">VUL-0: CVE-2016-7913: kernel: Local privilege escalation via the xc2028_set_config function in the xc2028 tuner driver</issue> <issue id="1010501" tracker="bnc">VUL-0: CVE-2015-8962: kernel: Double free in the sg_common_write function in drivers/scsi/sg.cin allowing physically close users to escalate privileges</issue> <issue id="1010502" tracker="bnc">VUL-0: CVE-2015-8963: kernel: Race condition in kernel/events/core.c allows local privilege escalation on CPU unplug</issue> <issue id="1010507" tracker="bnc">VUL-0: CVE-2015-8964: kernel: tty_set_termios_ldisc function leaks data when misused</issue> <issue id="1010909" tracker="bnc">Suspend to RAM sometimes freezes the system</issue> <issue id="1011685" tracker="bnc">VUL-0: CVE-2016-9555: kernel-source: net/sctp: slab-out-of-bounds in sctp_sf_ootb</issue> <issue id="1012876" tracker="bnc">kernel: backport fixes to Leap 42.1</issue> <issue id="1013533" tracker="bnc">VUL-0: CVE-2016-9794: kernel-source: ALSA: use-after-free in,kill_fasync</issue> <issue id="934067" tracker="bnc">kernel does not send NEWLINK on changes caused by IPv6 RA</issue> <issue id="990384" tracker="bnc">BTRFS turns RO in openQA tests</issue> <issue id="993739" tracker="bnc">Partner-L3: brocade driver kernel crash</issue> <issue id="995968" tracker="bnc">VUL-1: CVE-2016-7097: kernel: Setting a POSIX ACL via setxattr doesn't clear the setgid bit</issue> <issue id="999577" tracker="bnc">BOND state UNKNOWN shown with ip addr after patching the wicked components to 0.6.31-26.1.</issue> <issue id="999907" tracker="bnc">kernel BUG at /usr/src/packages/BUILD/kernel-default-3.0.101/linux-3.0/drivers/net/vmxnet3/vmxnet3_drv.c:758!"</issue> <issue id="1012754" tracker="bnc">VUL-0: CVE-2016-8655: kernel: Local root privilege packet_set_ring/timer_list</issue> <issue id="2016-9794" tracker="cve" /> <issue id="2015-8962" tracker="cve" /> <issue id="2016-9178" tracker="cve" /> <issue id="2016-7913" tracker="cve" /> <issue id="2016-9555" tracker="cve" /> <issue id="2015-8963" tracker="cve" /> <issue id="2015-8964" tracker="cve" /> <issue id="2016-8646" tracker="cve" /> <issue id="2016-8633" tracker="cve" /> <issue id="2016-8630" tracker="cve" /> <issue id="2016-9083" tracker="cve" /> <issue id="2016-9084" tracker="cve" /> <issue id="2016-7042" tracker="cve" /> <issue id="2016-7097" tracker="cve" /> <issue id="2015-8956" tracker="cve" /> <issue id="2016-8655" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>tiwai</packager> <reboot_needed/> <description> The openSUSE Leap 42.1 kernel was updated to 4.1.36 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012754). - CVE-2016-9794: A use-after-free in ALSA pcm could lead to crashes or allowed local users to potentially gain privileges (bsc#1013533). - CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501). - CVE-2016-9178: The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel did not initialize a certain integer variable, which allowed local users to obtain sensitive information from kernel stack memory by triggering failure of a get_user_ex call (bnc#1008650). - CVE-2016-7913: The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure (bnc#1010478). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). - CVE-2015-8963: Race condition in kernel/events/core.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation (bnc#1010502). - CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507). - CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150). - CVE-2016-8633: drivers/firewire/net.c in the Linux kernel in certain unusual hardware configurations, allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833). - CVE-2016-8630: The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux kernel, when KVM is enabled, allowed local users to cause a denial of service (host OS crash) via a certain use of a ModR/M byte in an undefined instruction (bnc#1009222). - CVE-2016-9083: drivers/vfio/pci/vfio_pci.c in the Linux kernel allowed local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state machine confusion bug (bnc#1007197). - CVE-2016-9084: drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel misuses the kzalloc function, which allowed local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file (bnc#1007197). - CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517). - CVE-2016-7097: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968). - CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925). The following non-security bugs were fixed: - ata: ahci_xgene: dereferencing uninitialized pointer in probe (bsc#1006580). - blacklist.conf: add some commits (bsc#1006580) - bna: Add synchronization for tx ring (bsc#993739). - bonding: set carrier off for devices created through netlink (bsc#999577). - btrfs: deal with duplicates during extent_map insertion in btrfs_get_extent (bsc#1001171). - btrfs: deal with existing encompassing extent map in btrfs_get_extent() (bsc#1001171). - btrfs: fix extent tree corruption due to relocation (bsc#990384). - btrfs: fix races on root_log_ctx lists (bsc#1007653). - ext4: fix data exposure after a crash (bsc#1012876). - ext4: fix reference counting bug on block allocation error (bsc#1012876). - gre: Disable segmentation offloads w/ CSUM and we are encapsulated via FOU (bsc#1001486). - gro: Allow tunnel stacking in the case of FOU/GUE (bsc#1001486). - ipv6: send NEWLINK on RA managed/otherconf changes (bsc#934067). - ipv6: send only one NEWLINK when RA causes changes (bsc#934067). - isofs: Do not return EACCES for unknown filesystems (bsc#1012876). - jbd2: fix checkpoint list cleanup (bsc#1012876). - jbd2: Fix unreclaimed pages after truncate in data=journal mode (bsc#1010909). - locking/static_key: Fix concurrent static_key_slow_inc() (bsc#1006580). - mmc: Fix kabi breakage of mmc-block in 4.1.36 (stable-4.1.36). - posix_acl: Added fix for f2fs. - Revert "kbuild: add -fno-PIE" (stable-4.1.36). - Revert "x86/mm: Expand the exception table logic to allow new handling options" (stable-4.1.36). - tunnels: Remove encapsulation offloads on decap (bsc#1001486). - usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615). - vmxnet3: Wake queue from reset work (bsc#999907). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor