Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Linux
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Linux
ID: openSUSE-SU-2017:2171-1
Distribution: SUSE
Plattformen: SUSE openSUSE Leap 42.3
Datum: Di, 15. August 2017, 22:47
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000111

Originalnachricht

   openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2171-1
Rating: important
References: #1015337 #1019151 #1023175 #1037404 #1037994
#1038078 #1038792 #1039153 #1043652 #1043805
#1047027 #1048912 #1049298 #1051399 #1051556
#1051689 #1051979 #1052049 #1052204 #1052223
#1052311 #1052325 #1052365 #1052442 #1052533
#1052709 #1052773 #1052794 #1052899 #1052925
#1053043 #1053531
Cross-References: CVE-2017-1000111 CVE-2017-1000112 CVE-2017-8831

Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that solves three vulnerabilities and has 29
fixes is now available.

Description:

The openSUSE Leap 42.3 kernel was updated to receive various security and
bugfixes.

The following security bugs were fixed:

- CVE-2017-1000111: Fixed a race condition in net-packet code that could
be exploited to cause out-of-bounds memory access (bsc#1052365).
- CVE-2017-1000112: Fixed a race condition in net-packet code that could
have been exploited by unprivileged users to gain root access.
(bsc#1052311).
- CVE-2017-8831: The saa7164_bus_get function in
drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed
local users to cause a denial of service (out-of-bounds array access) or
possibly have unspecified other impact by changing a certain
sequence-number value, aka a "double fetch" vulnerability
(bnc#1037994).

The following non-security bugs were fixed:

- acpi/nfit: Add support of NVDIMM memory error notification in ACPI 6.2
(bsc#1052325).
- acpi/nfit: Issue Start ARS to retrieve existing records (bsc#1052325).
- bcache: force trigger gc (bsc#1038078).
- bcache: only recovery I/O error for writethrough mode (bsc#1043652).
- block: do not allow updates through sysfs until registration completes
(bsc#1047027).
- config: disable CONFIG_RT_GROUP_SCHED (bsc#1052204).
- drivers: hv: : As a bandaid, increase HV_UTIL_TIMEOUT from 30 to 60
seconds (bnc#1039153)
- drivers: hv: Fix a typo (fate#320485).
- drivers: hv: util: Make hv_poll_channel() a little more efficient
(fate#320485).
- drivers: hv: vmbus: Close timing hole that can corrupt per-cpu page
(fate#320485).
- drivers: hv: vmbus: Fix error code returned by vmbus_post_msg()
(fate#320485).
- Fix kABI breakage with CONFIG_RT_GROUP_SCHED=n (bsc#1052204).
- hv_netvsc: change netvsc device default duplex to FULL (fate#320485).
- hv_netvsc: Fix the carrier state error when data path is off
(fate#320485).
- hv_netvsc: Remove unnecessary var link_state from struct
netvsc_device_info (fate#320485).
- hyperv: fix warning about missing prototype (fate#320485).
- hyperv: netvsc: Neaten netvsc_send_pkt by using a temporary
(fate#320485).
- hyperv: remove unnecessary return variable (fate#320485).
- i40e/i40evf: Fix use after free in Rx cleanup path (bsc#1051689).
- IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151).
- ibmvnic: Check for transport event on driver resume (bsc#1051556,
bsc#1052709).
- ibmvnic: Initialize SCRQ's during login renegotiation (bsc#1052223).
- ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).
- iommu/amd: Enable ga_log_intr when enabling guest_mode (bsc1052533).
- iommu/amd: Fix schedule-while-atomic BUG in initialization code
(bsc1052533).
- KABI protect struct acpi_nfit_desc (bsc#1052325).
- kabi/severities: add drivers/scsi/hisi_sas to kabi severities
- libnvdimm: fix badblock range handling of ARS range (bsc#1023175).
- libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175).
- net: add netdev_lockdep_set_classes() helper (fate#320485).
- net: hyperv: use new api ethtool_{get|set}_link_ksettings (fate#320485).
- net/mlx4_core: Fixes missing capability bit in flags2 capability dump
(bsc#1015337).
- net/mlx4_core: Fix namespace misalignment in QinQ VST support commit
(bsc#1015337).
- net/mlx4_core: Fix sl_to_vl_change bit offset in flags2 dump
(bsc#1015337).
- netsvc: Remove upstream commit e14b4db7a567 netvsc: fix race during
initialization will be replaced by following changes
- netsvc: Revert "netvsc: optimize calculation of number of slots"
(fate#320485).
- netvsc: add comments about callback's and NAPI (fate#320485).
- netvsc: Add #include's for csum_* function declarations (fate#320485).
- netvsc: add rtnl annotations in rndis (fate#320485).
- netvsc: add some rtnl_dereference annotations (fate#320485).
- netvsc: avoid race with callback (fate#320485).
- netvsc: change logic for change mtu and set_queues (fate#320485).
- netvsc: change max channel calculation (fate#320485).
- netvsc: change order of steps in setting queues (fate#320485).
- netvsc: Deal with rescinded channels correctly (fate#320485).
- netvsc: do not access netdev->num_rx_queues directly (fate#320485).
- netvsc: do not overload variable in same function (fate#320485).
- netvsc: do not print pointer value in error message (fate#320485).
- netvsc: eliminate unnecessary skb == NULL checks (fate#320485).
- netvsc: enable GRO (fate#320485).
- netvsc: Fix a bug in sub-channel handling (fate#320485).
- netvsc: fix and cleanup rndis_filter_set_packet_filter (fate#320485).
- netvsc: fix calculation of available send sections (fate#320485).
- netvsc: fix dereference before null check errors (fate#320485).
- netvsc: fix error unwind on device setup failure (fate#320485).
- netvsc: fix hang on netvsc module removal (fate#320485).
- netvsc: fix NAPI performance regression (fate#320485).
- netvsc: fix net poll mode (fate#320485).
- netvsc: fix netvsc_set_channels (fate#320485).
- netvsc: fix ptr_ret.cocci warnings (fate#320485).
- netvsc: fix rcu dereference warning from ethtool (fate#320485).
- netvsc: fix RCU warning in get_stats (fate#320485).
- netvsc: fix return value for set_channels (fate#320485).
- netvsc: fix rtnl deadlock on unregister of vf (fate#320485, bsc#1052442).
- netvsc: fix use after free on module removal (fate#320485).
- netvsc: fix warnings reported by lockdep (fate#320485).
- netvsc: fold in get_outbound_net_device (fate#320485).
- netvsc: force link update after MTU change (fate#320485).
- netvsc: handle offline mtu and channel change (fate#320485).
- netvsc: implement NAPI (fate#320485).
- netvsc: include rtnetlink.h (fate#320485).
- netvsc: Initialize all channel related state prior to opening the
channel (fate#320485).
- netvsc: make sure and unregister datapath (fate#320485, bsc#1052899).
- netvsc: make sure napi enabled before vmbus_open (fate#320485).
- netvsc: mark error cases as unlikely (fate#320485).
- netvsc: move filter setting to rndis_device (fate#320485).
- netvsc: need napi scheduled during removal (fate#320485).
- netvsc: need rcu_derefence when accessing internal device info
(fate#320485).
- netvsc: optimize calculation of number of slots (fate#320485).
- netvsc: optimize receive completions (fate#320485).
- netvsc: pass net_device to netvsc_init_buf and netvsc_connect_vsp
(fate#320485).
- netvsc: prefetch the first incoming ring element (fate#320485).
- netvsc: Properly initialize the return value (fate#320485).
- netvsc: remove bogus rtnl_unlock (fate#320485).
- netvsc: remove no longer used max_num_rss queues (fate#320485).
- netvsc: Remove redundant use of ipv6_hdr() (fate#320485).
- netvsc: remove unnecessary indirection of page_buffer (fate#320485).
- netvsc: remove unnecessary lock on shutdown (fate#320485).
- netvsc: remove unused #define (fate#320485).
- netvsc: replace netdev_alloc_skb_ip_align with napi_alloc_skb
(fate#320485).
- netvsc: save pointer to parent netvsc_device in channel table
(fate#320485).
- netvsc: signal host if receive ring is emptied (fate#320485).
- netvsc: transparent VF management (fate#320485, bsc#1051979).
- netvsc: use ERR_PTR to avoid dereference issues (fate#320485).
- netvsc: use hv_get_bytes_to_read (fate#320485).
- netvsc: use napi_consume_skb (fate#320485).
- netvsc: use RCU to protect inner device structure (fate#320485).
- netvsc: uses RCU instead of removal flag (fate#320485).
- netvsc: use typed pointer for internal state (fate#320485).
- nvme: fabrics commands should use the fctype field for data direction
(bsc#1043805).
- powerpc/perf: Fix SDAR_MODE value for continous sampling on Power9
(bsc#1053043 (git-fixes)).
- powerpc/tm: Fix saving of TM SPRs in core dump (fate#318470, git-fixes
08e1c01d6aed).
- qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374).
- rdma/bnxt_re: checking for NULL instead of IS_ERR() (bsc#1052925).
- scsi: aacraid: fix PCI error recovery path (bsc#1048912).
- scsi_devinfo: fixup string compare (bsc#1037404).
- scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792).
- scsi: hisi_sas: add pci_dev in hisi_hba struct (bsc#1049298).
- scsi: hisi_sas: add v2 hw internal abort timeout workaround
(bsc#1049298).
- scsi: hisi_sas: controller reset for multi-bits ECC and AXI fatal errors
(bsc#1049298).
- scsi: hisi_sas: fix NULL deference when TMF timeouts (bsc#1049298).
- scsi: hisi_sas: fix timeout check in hisi_sas_internal_task_abort()
(bsc#1049298).
- scsi: hisi_sas: optimise DMA slot memory (bsc#1049298).
- scsi: hisi_sas: optimise the usage of hisi_hba.lock (bsc#1049298).
- scsi: hisi_sas: relocate get_ata_protocol() (bsc#1049298).
- scsi: hisi_sas: workaround a SoC SATA IO processing bug (bsc#1049298).
- scsi: hisi_sas: workaround SoC about abort timeout bug (bsc#1049298).
- scsi: hisi_sas: workaround STP link SoC bug (bsc#1049298).
- scsi: lpfc: do not double count abort errors (bsc#1048912).
- scsi: lpfc: fix linking against modular NVMe support (bsc#1048912).
- scsi: qedi: Fix return code in qedi_ep_connect() (bsc#1048912).
- scsi: storvsc: Prefer kcalloc over kzalloc with multiply (fate#320485).
- scsi: storvsc: remove return at end of void function (fate#320485).
- tools: hv: Add clean up for included files in Ubuntu net config
(fate#320485).
- tools: hv: Add clean up function for Ubuntu config (fate#320485).
- tools: hv: properly handle long paths (fate#320485).
- tools: hv: set allow-hotplug for VF on Ubuntu (fate#320485).
- tools: hv: set hotplug for VF on Suse (fate#320485).
- tools: hv: vss: Thaw the filesystem and continue if freeze call has
timed out (fate#320485).
- vfs: fix missing inode_get_dev sites (bsc#1052049).
- vmbus: cleanup header file style (fate#320485).
- vmbus: expose debug info for drivers (fate#320485).
- vmbus: fix spelling errors (fate#320485).
- vmbus: introduce in-place packet iterator (fate#320485).
- vmbus: only reschedule tasklet if time limit exceeded (fate#320485).
- vmbus: re-enable channel tasklet (fate#320485).
- vmbus: remove unnecessary initialization (fate#320485).
- vmbus: remove useless return's (fate#320485).
- x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache()
(bsc#1051399).
- x86/hyperv: Check frequency MSRs presence according to the specification
(fate#320485).
- The package release number was increased to be higher than the Leap 42.2
package (boo#1053531).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2017-930=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE Leap 42.3 (x86_64):

kernel-debug-4.4.79-19.1
kernel-debug-base-4.4.79-19.1
kernel-debug-base-debuginfo-4.4.79-19.1
kernel-debug-debuginfo-4.4.79-19.1
kernel-debug-debugsource-4.4.79-19.1
kernel-debug-devel-4.4.79-19.1
kernel-debug-devel-debuginfo-4.4.79-19.1
kernel-default-4.4.79-19.1
kernel-default-base-4.4.79-19.1
kernel-default-base-debuginfo-4.4.79-19.1
kernel-default-debuginfo-4.4.79-19.1
kernel-default-debugsource-4.4.79-19.1
kernel-default-devel-4.4.79-19.1
kernel-obs-build-4.4.79-19.1
kernel-obs-build-debugsource-4.4.79-19.1
kernel-obs-qa-4.4.79-19.1
kernel-syms-4.4.79-19.1
kernel-vanilla-4.4.79-19.1
kernel-vanilla-base-4.4.79-19.1
kernel-vanilla-base-debuginfo-4.4.79-19.1
kernel-vanilla-debuginfo-4.4.79-19.1
kernel-vanilla-debugsource-4.4.79-19.1
kernel-vanilla-devel-4.4.79-19.1

- openSUSE Leap 42.3 (noarch):

kernel-devel-4.4.79-19.1
kernel-docs-4.4.79-19.2
kernel-docs-html-4.4.79-19.2
kernel-docs-pdf-4.4.79-19.2
kernel-macros-4.4.79-19.1
kernel-source-4.4.79-19.1
kernel-source-vanilla-4.4.79-19.1


References:

https://www.suse.com/security/cve/CVE-2017-1000111.html
https://www.suse.com/security/cve/CVE-2017-1000112.html
https://www.suse.com/security/cve/CVE-2017-8831.html
https://bugzilla.suse.com/1015337
https://bugzilla.suse.com/1019151
https://bugzilla.suse.com/1023175
https://bugzilla.suse.com/1037404
https://bugzilla.suse.com/1037994
https://bugzilla.suse.com/1038078
https://bugzilla.suse.com/1038792
https://bugzilla.suse.com/1039153
https://bugzilla.suse.com/1043652
https://bugzilla.suse.com/1043805
https://bugzilla.suse.com/1047027
https://bugzilla.suse.com/1048912
https://bugzilla.suse.com/1049298
https://bugzilla.suse.com/1051399
https://bugzilla.suse.com/1051556
https://bugzilla.suse.com/1051689
https://bugzilla.suse.com/1051979
https://bugzilla.suse.com/1052049
https://bugzilla.suse.com/1052204
https://bugzilla.suse.com/1052223
https://bugzilla.suse.com/1052311
https://bugzilla.suse.com/1052325
https://bugzilla.suse.com/1052365
https://bugzilla.suse.com/1052442
https://bugzilla.suse.com/1052533
https://bugzilla.suse.com/1052709
https://bugzilla.suse.com/1052773
https://bugzilla.suse.com/1052794
https://bugzilla.suse.com/1052899
https://bugzilla.suse.com/1052925
https://bugzilla.suse.com/1053043
https://bugzilla.suse.com/1053531

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung