Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in Linux
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Linux
ID: openSUSE-SU-2016:1641-1
Distribution: SUSE
Plattformen: openSUSE Leap 42.1
Datum: Di, 21. Juni 2016, 18:41
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4482
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4486
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4485
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4578
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1583
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4951
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4581
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3672
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4580
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3955
Applikationen: Linux

Originalnachricht

 
   openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2016:1641-1
Rating:             important
References:         #945345 #955654 #963762 #966245 #966849 #970506 
                    #971126 #971799 #973570 #974308 #975945 #977198 
                    #978073 #978401 #978821 #978822 #979018 #979213 
                    #979278 #979548 #979728 #979867 #979879 #979913 
                    #980348 #980371 #980657 #981058 #981267 #981344 
                    #982238 #982239 #982712 #983143 #983213 #984460 
                    
Cross-References:   CVE-2013-7446 CVE-2016-0758 CVE-2016-1583
                    CVE-2016-2053 CVE-2016-3134 CVE-2016-3672
                    CVE-2016-3955 CVE-2016-4482 CVE-2016-4485
                    CVE-2016-4486 CVE-2016-4557 CVE-2016-4565
                    CVE-2016-4569 CVE-2016-4578 CVE-2016-4580
                    CVE-2016-4581 CVE-2016-4805 CVE-2016-4951
                    CVE-2016-5244
Affected Products:
                    openSUSE Leap 42.1
______________________________________________________________________________

   An update that solves 19 vulnerabilities and has 17 fixes
   is now available.

Description:


   The openSUSE Leap 42.1 kernel was updated to 4.1.26 to receive various
   security and bugfixes.

   The following security bugs were fixed:
   - CVE-2016-1583: Prevent the usage of mmap when the lower file system does
     not allow it. This could have lead to local privilege escalation when
     ecryptfs-utils was installed and /sbin/mount.ecryptfs_private was setuid
     (bsc#983143).
   - CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel
     incorrectly relies on the write system call, which allows local users to
     cause a denial of service (kernel memory write operation) or possibly
     have unspecified other impact via a uAPI interface. (bsc#979548)
   - CVE-2016-4805: Use-after-free vulnerability in
     drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to
     cause a denial of service (memory corruption and system crash,
     or spinlock) or possibly have unspecified other impact by removing a
      network namespace, related to the ppp_register_net_channel and
      ppp_unregister_channel functions.  (bsc#980371).
   - CVE-2016-4951: The tipc_nl_publ_dump function in net/tipc/socket.c in
     the Linux kernel did not verify socket existence, which allowed local
     users to cause a denial of service (NULL pointer dereference and system
     crash) or possibly have unspecified other impact via a dumpit
     operation. (bsc#981058).
   - CVE-2016-5244: An information leak vulnerability in function
     rds_inc_info_copy of file net/rds/recv.c was fixed that might have
     leaked kernel stack data. (bsc#983213).
   - CVE-2016-4580: The x25_negotiate_facilities function in
     net/x25/x25_facilities.c in the Linux kernel did not properly initialize
     a certain data structure, which allowed attackers to
     obtain sensitive information from kernel stack memory via an X.25 Call
      Request. (bsc#981267).
   - CVE-2016-0758: Tags with indefinite length could have corrupted pointers
     in asn1_find_indefinite_length (bsc#979867).
   - CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in
     the Linux kernel allowed attackers to cause a denial of service (panic)
     via an ASN.1 BER file that lacks a public key, leading to mishandling by
     the public_key_verify_signature function in
     crypto/asymmetric_keys/public_key.c (bnc#963762).
   - CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the
     Linux kernel allowed local users to bypass intended AF_UNIX socket
     permissions or cause a denial of service (panic) via crafted epoll_ctl
     calls (bnc#955654).
   - CVE-2016-3134: The netfilter subsystem in the Linux kernel did not
     validate certain offset fields, which allowed local users to gain
     privileges or cause a denial of service (heap memory corruption) via an
     IPT_SO_SET_REPLACE setsockopt call (bnc#971126).
   - CVE-2016-3672: The arch_pick_mmap_layout function in arch/x86/mm/mmap.c
     in the Linux kernel did not properly randomize the legacy base address,
     which made it easier for local users to defeat the intended restrictions
     on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism
      for a setuid or setgid program, by disabling stack-consumption resource
      limits (bnc#974308).
   - CVE-2016-4482: A kernel information leak in the usbfs devio connectinfo
     was fixed, which could expose kernel stack memory to userspace.
     (bnc#978401).
   - CVE-2016-4485: A kernel information leak in llc was fixed (bsc#978821).
   - CVE-2016-4486: A kernel information leak in rtnetlink was fixed, where 4
     uninitialized bytes could leak to userspace (bsc#978822).
   - CVE-2016-4557: A use-after-free via double-fdput in
     replace_map_fd_with_map_ptr() was fixed, which could allow privilege
     escalation (bsc#979018).
   - CVE-2016-4565: When the "rdma_ucm" infiniband module is loaded,
 local
     attackers could escalate their privileges (bsc#979548).
   - CVE-2016-4569: A kernel information leak in the ALSA timer via events
     via snd_timer_user_tinterrupt that could leak information to userspace
     was fixed (bsc#979213).
   - CVE-2016-4578: A kernel information leak in the ALSA timer via events
     that could leak information to userspace was fixed (bsc#979879).
   - CVE-2016-4581: If the first propogated mount copy was being a slave it
     could oops the kernel (bsc#979913)

   The following non-security bugs were fixed:
   - ALSA: hda - Add dock support for ThinkPad X260 (boo#979278).
   - ALSA: hda - Apply fix for white noise on Asus N550JV, too (boo#979278).
   - ALSA: hda - Asus N750JV external subwoofer fixup (boo#979278).
   - ALSA: hda - Fix broken reconfig (boo#979278).
   - ALSA: hda - Fix headphone mic input on a few Dell ALC293 machines
     (boo#979278).
   - ALSA: hda - Fix subwoofer pin on ASUS N751 and N551 (boo#979278).
   - ALSA: hda - Fix white noise on Asus N750JV headphone (boo#979278).
   - ALSA: hda - Fix white noise on Asus UX501VW headset (boo#979278).
   - ALSA: hda/realtek - Add ALC3234 headset mode for Optiplex 9020m
     (boo#979278).
   - ALSA: hda/realtek - New codecs support for ALC234/ALC274/ALC294
     (boo#979278).
   - ALSA: hda/realtek - New codec support of ALC225 (boo#979278).
   - ALSA: hda/realtek - Support headset mode for ALC225 (boo#979278).
   - ALSA: pcxhr: Fix missing mutex unlock (boo#979278).
   - ALSA: usb-audio: Quirk for yet another Phoenix Audio devices (v2)
     (boo#979278).
   - bluetooth: fix power_on vs close race (bsc#966849).
   - bluetooth: vhci: fix open_timeout vs. hdev race (bsc#971799,bsc#966849).
   - bluetooth: vhci: Fix race at creating hci device (bsc#971799,bsc#966849).
   - bluetooth: vhci: purge unhandled skbs (bsc#971799,bsc#966849).
   - btrfs: do not use src fd for printk (bsc#980348).
   - btrfs: fix crash/invalid memory access on fsync when using overlayfs
     (bsc#977198)
   - drm: qxl: Workaround for buggy user-space (bsc#981344).
   - enic: set netdev->vlan_features (bsc#966245).
   - fs: add file_dentry() (bsc#977198).
   - IB/IPoIB: Do not set skb truesize since using one linearskb (bsc#980657).
   - input: i8042 - lower log level for "no controller" message
 (bsc#945345).
   - kabi: Add kabi/severities entries to ignore sound/hda/*, x509_*,
     efivar_validate, file_open_root and dax_fault
   - kabi: Add some fixups (module, pci_dev, drm, fuse and thermal)
   - kabi: file_dentry changes (bsc#977198).
   - kABI fixes for 4.1.22
   - mm/page_alloc.c: calculate 'available' memory in a separate
 function
     (bsc#982239).
   - net: disable fragment reassembly if high_thresh is zero (bsc#970506).
   - of: iommu: Silence misleading warning.
   - pstore_register() error handling was wrong -- it tried to release lock
     before it's acquired, causing spinlock / preemption imbalance.  - usb:
     quirk to stop runtime PM for Intel 7260 (bnc#984460).
   - Revert "usb: hub: do not clear BOS field during reset device"
     (boo#979728).
   - usb: core: hub: hub_port_init lock controller instead of bus
     (bnc#978073).
   - usb: preserve kABI in address0 locking (bnc#978073).
   - usb: usbip: fix potential out-of-bounds write (bnc#975945).
   - USB: xhci: Add broken streams quirk for Frescologic device id 1009
     (bnc#982712).
   - virtio_balloon: do not change memory amount visible via /proc/meminfo
     (bsc#982238).
   - virtio_balloon: export 'available' memory to balloon statistics
     (bsc#982239).


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE Leap 42.1:

      zypper in -t patch openSUSE-2016-753=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE Leap 42.1 (i686 x86_64):

      kernel-debug-4.1.26-21.1
      kernel-debug-base-4.1.26-21.1
      kernel-debug-base-debuginfo-4.1.26-21.1
      kernel-debug-debuginfo-4.1.26-21.1
      kernel-debug-debugsource-4.1.26-21.1
      kernel-debug-devel-4.1.26-21.1
      kernel-debug-devel-debuginfo-4.1.26-21.1
      kernel-ec2-4.1.26-21.1
      kernel-ec2-base-4.1.26-21.1
      kernel-ec2-base-debuginfo-4.1.26-21.1
      kernel-ec2-debuginfo-4.1.26-21.1
      kernel-ec2-debugsource-4.1.26-21.1
      kernel-ec2-devel-4.1.26-21.1
      kernel-pv-4.1.26-21.1
      kernel-pv-base-4.1.26-21.1
      kernel-pv-base-debuginfo-4.1.26-21.1
      kernel-pv-debuginfo-4.1.26-21.1
      kernel-pv-debugsource-4.1.26-21.1
      kernel-pv-devel-4.1.26-21.1
      kernel-vanilla-4.1.26-21.1
      kernel-vanilla-debuginfo-4.1.26-21.1
      kernel-vanilla-debugsource-4.1.26-21.1
      kernel-vanilla-devel-4.1.26-21.1
      kernel-xen-4.1.26-21.1
      kernel-xen-base-4.1.26-21.1
      kernel-xen-base-debuginfo-4.1.26-21.1
      kernel-xen-debuginfo-4.1.26-21.1
      kernel-xen-debugsource-4.1.26-21.1
      kernel-xen-devel-4.1.26-21.1

   - openSUSE Leap 42.1 (i586 x86_64):

      kernel-default-4.1.26-21.1
      kernel-default-base-4.1.26-21.1
      kernel-default-base-debuginfo-4.1.26-21.1
      kernel-default-debuginfo-4.1.26-21.1
      kernel-default-debugsource-4.1.26-21.1
      kernel-default-devel-4.1.26-21.1
      kernel-obs-build-4.1.26-21.1
      kernel-obs-build-debugsource-4.1.26-21.1
      kernel-obs-qa-4.1.26-21.1
      kernel-obs-qa-xen-4.1.26-21.1
      kernel-syms-4.1.26-21.1

   - openSUSE Leap 42.1 (noarch):

      kernel-devel-4.1.26-21.1
      kernel-docs-4.1.26-21.2
      kernel-docs-html-4.1.26-21.2
      kernel-docs-pdf-4.1.26-21.2
      kernel-macros-4.1.26-21.1
      kernel-source-4.1.26-21.1
      kernel-source-vanilla-4.1.26-21.1

   - openSUSE Leap 42.1 (i686):

      kernel-pae-4.1.26-21.1
      kernel-pae-base-4.1.26-21.1
      kernel-pae-base-debuginfo-4.1.26-21.1
      kernel-pae-debuginfo-4.1.26-21.1
      kernel-pae-debugsource-4.1.26-21.1
      kernel-pae-devel-4.1.26-21.1


References:

   https://www.suse.com/security/cve/CVE-2013-7446.html
   https://www.suse.com/security/cve/CVE-2016-0758.html
   https://www.suse.com/security/cve/CVE-2016-1583.html
   https://www.suse.com/security/cve/CVE-2016-2053.html
   https://www.suse.com/security/cve/CVE-2016-3134.html
   https://www.suse.com/security/cve/CVE-2016-3672.html
   https://www.suse.com/security/cve/CVE-2016-3955.html
   https://www.suse.com/security/cve/CVE-2016-4482.html
   https://www.suse.com/security/cve/CVE-2016-4485.html
   https://www.suse.com/security/cve/CVE-2016-4486.html
   https://www.suse.com/security/cve/CVE-2016-4557.html
   https://www.suse.com/security/cve/CVE-2016-4565.html
   https://www.suse.com/security/cve/CVE-2016-4569.html
   https://www.suse.com/security/cve/CVE-2016-4578.html
   https://www.suse.com/security/cve/CVE-2016-4580.html
   https://www.suse.com/security/cve/CVE-2016-4581.html
   https://www.suse.com/security/cve/CVE-2016-4805.html
   https://www.suse.com/security/cve/CVE-2016-4951.html
   https://www.suse.com/security/cve/CVE-2016-5244.html
   https://bugzilla.suse.com/945345
   https://bugzilla.suse.com/955654
   https://bugzilla.suse.com/963762
   https://bugzilla.suse.com/966245
   https://bugzilla.suse.com/966849
   https://bugzilla.suse.com/970506
   https://bugzilla.suse.com/971126
   https://bugzilla.suse.com/971799
   https://bugzilla.suse.com/973570
   https://bugzilla.suse.com/974308
   https://bugzilla.suse.com/975945
   https://bugzilla.suse.com/977198
   https://bugzilla.suse.com/978073
   https://bugzilla.suse.com/978401
   https://bugzilla.suse.com/978821
   https://bugzilla.suse.com/978822
   https://bugzilla.suse.com/979018
   https://bugzilla.suse.com/979213
   https://bugzilla.suse.com/979278
   https://bugzilla.suse.com/979548
   https://bugzilla.suse.com/979728
   https://bugzilla.suse.com/979867
   https://bugzilla.suse.com/979879
   https://bugzilla.suse.com/979913
   https://bugzilla.suse.com/980348
   https://bugzilla.suse.com/980371
   https://bugzilla.suse.com/980657
   https://bugzilla.suse.com/981058
   https://bugzilla.suse.com/981267
   https://bugzilla.suse.com/981344
   https://bugzilla.suse.com/982238
   https://bugzilla.suse.com/982239
   https://bugzilla.suse.com/982712
   https://bugzilla.suse.com/983143
   https://bugzilla.suse.com/983213
   https://bugzilla.suse.com/984460

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung