Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
patchinfo.6170
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.6170
<patchinfo incident="6170"> <issue id="1043652" tracker="bnc">bCache returns zero-filled data blocks when reading from already gone caching device</issue> <issue id="1047626" tracker="bnc">Try best effort to bcache stability improvement for SLE12-SP0 kernel</issue> <issue id="1066192" tracker="bnc">VUL-0: CVE-2017-12193: kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation</issue> <issue id="1066471" tracker="bnc">backport 2bdd713b92a9ca mac80211: use constant time comparison with keys</issue> <issue id="1066472" tracker="bnc">backport cfbb0d90a7abb2 mac80211: don't compare TKIP TX MIC key in reinstall prevention</issue> <issue id="1066573" tracker="bnc">VUL-0: CVE-2017-16537: kernel: The imon_probe function in drivers/media/rc/imon.c allows local users to cause DoS</issue> <issue id="1066606" tracker="bnc">VUL-0: CVE-2017-16536: kernel: The cx231xx_usb_probe function allows local users to cause DoS</issue> <issue id="1066618" tracker="bnc">VUL-0: CVE-2017-16525: kernel: The usb_serial_console_disconnect function allows local users to cause DoS</issue> <issue id="1066625" tracker="bnc">VUL-0: CVE-2017-16527: kernel: sound/usb/mixer.c allows local users to cause DoS (snd_usb_mixer_interrupt use-after-free and system crash)</issue> <issue id="1066650" tracker="bnc">VUL-0: CVE-2017-16529: kernel: The snd_usb_create_streams function allows local users to cause a DoS (out-of-bounds read and system crash)</issue> <issue id="1066671" tracker="bnc">VUL-0: CVE-2017-16531: kernel: drivers/usb/core/config.c allows local users to cause DoS (out-of-bounds read and system crash)</issue> <issue id="1066700" tracker="bnc">VUL-0: CVE-2017-16535: kernel: The usb_get_bos_descriptor function allows local users to cause DoS (out-of-bounds read and system crash)</issue> <issue id="1066705" tracker="bnc">VUL-0: CVE-2017-15102: kernel: NULL pointer dereference due to race condition in probe function of legousbtower driver</issue> <issue id="1067085" tracker="bnc">VUL-0: CVE-2017-16649: kernel: The usbnet_generic_cdc_bind function allows local users to cause DoS (divide-by-zero error and system crash)</issue> <issue id="1067086" tracker="bnc">VUL-0: CVE-2017-16650: kernel: The qmi_wwan_bind function allows local users to cause DoS (divide-by-zero error and system crash)</issue> <issue id="1067997" tracker="bnc">L3: IPv6 loss of large UDP fragments in SIP INVITE messages</issue> <issue id="1069496" tracker="bnc">VUL-0: CVE-2017-1000405: kernel-source: huge dirty cow in THP pages</issue> <issue id="1069702" tracker="bnc">VUL-0: CVE-2017-16939: kernel-source: local privilege escalation with XFRM sockets</issue> <issue id="1069708" tracker="bnc">VUL-0: CVE-2017-16939: kernel live patch: local privilege escalation with XFRM sockets</issue> <issue id="1070307" tracker="bnc">VUL-0: CVE-2017-1000405: kernel live patch: dirty big cow in THP pages</issue> <issue id="860993" tracker="bnc">VUL-0: CVE-2014-0038: kernel: 3.4+: arbitrary write with CONFIG_X86_X32</issue> <issue id="1070781" tracker="bnc">Due to some toolchain update invalid instructions in PPC64 assembly no longer compile</issue> <issue id="2017-16939" tracker="cve" /> <issue id="2017-1000405" tracker="cve" /> <issue id="2017-16649" tracker="cve" /> <issue id="2014-0038" tracker="cve" /> <issue id="2017-16650" tracker="cve" /> <issue id="2017-16535" tracker="cve" /> <issue id="2017-15102" tracker="cve" /> <issue id="2017-16531" tracker="cve" /> <issue id="2017-12193" tracker="cve" /> <issue id="2017-16529" tracker="cve" /> <issue id="2017-16525" tracker="cve" /> <issue id="2017-16537" tracker="cve" /> <issue id="2017-16536" tracker="cve" /> <issue id="2017-16527" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>alnovak</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 12 kernel was updated to 3.12.61 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bnc#1069702 1069708). - CVE-2017-1000405: The Linux Kernel had a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() could be reached by get_user_pages(). In such case, the pmd would become dirty. This scenario breaks the new can_follow_write_pmd()'s logic - pmd could become dirty without going through a COW cycle. This bug was not as severe as the original "Dirty cow" because an ext4 file (or any other regular file) could not be mapped using THP. Nevertheless, it did allow us to overwrite read-only huge pages. For example, the zero huge page and sealed shmem files could be overwritten (since their mapping could be populated using THP). Note that after the first write page-fault to the zero page, it will be replaced with a new fresh (and zeroed) thp (bnc#1069496 1070307). - CVE-2017-16649: The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel allowed local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067085). - CVE-2014-0038: The compat_sys_recvmmsg function in net/compat.c in the Linux kernel, when CONFIG_X86_X32 is enabled, allowed local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter (bnc#860993). - CVE-2017-16650: The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel allowed local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067086). - CVE-2017-16535: The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066700). - CVE-2017-15102: The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel allowed local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference (bnc#1066705). - CVE-2017-16531: drivers/usb/core/config.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor (bnc#1066671). - CVE-2017-12193: The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel mishandled node splitting, which allowed local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations (bnc#1066192). - CVE-2017-16529: The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066650). - CVE-2017-16525: The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel allowed local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup (bnc#1066618). - CVE-2017-16537: The imon_probe function in drivers/media/rc/imon.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066573). - CVE-2017-16536: The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066606). - CVE-2017-16527: sound/usb/mixer.c in the Linux kernel allowed local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066625). The following non-security bugs were fixed: - Define sock_efree (bsc#1067997). - bcache: Add bch_keylist_init_single() (bsc#1047626). - bcache: Add btree_map() functions (bsc#1047626). - bcache: Add on error panic/unregister setting (bsc#1047626). - bcache: Convert gc to a kthread (bsc#1047626). - bcache: Delete some slower inline asm (bsc#1047626). - bcache: Drop unneeded blk_sync_queue() calls (bsc#1047626). - bcache: Fix a bug recovering from unclean shutdown (bsc#1047626). - bcache: Fix a journalling reclaim after recovery bug (bsc#1047626). - bcache: Fix a null ptr deref in journal replay (bsc#1047626). - bcache: Fix an infinite loop in journal replay (bsc#1047626). - bcache: Fix bch_ptr_bad() (bsc#1047626). - bcache: Fix discard granularity (bsc#1047626). - bcache: Fix for can_attach_cache() (bsc#1047626). - bcache: Fix heap_peek() macro (bsc#1047626). - bcache: Fix moving_pred() (bsc#1047626). - bcache: Fix to remove the rcu_sched stalls (bsc#1047626). - bcache: Improve bucket_prio() calculation (bsc#1047626). - bcache: Improve priority_stats (bsc#1047626). - bcache: Minor btree cache fix (bsc#1047626). - bcache: Move keylist out of btree_op (bsc#1047626). - bcache: New writeback PD controller (bsc#1047626). - bcache: PRECEDING_KEY() (bsc#1047626). - bcache: Performance fix for when journal entry is full (bsc#1047626). - bcache: Remove redundant block_size assignment (bsc#1047626). - bcache: Remove redundant parameter for cache_alloc() (bsc#1047626). - bcache: Remove/fix some header dependencies (bsc#1047626). - bcache: Trivial error handling fix (bsc#1047626). - bcache: Use ida for bcache block dev minor (bsc#1047626). - bcache: allows use of register in udev to avoid "device_busy" error (bsc#1047626). - bcache: bch_allocator_thread() is not freezable (bsc#1047626). - bcache: bch_gc_thread() is not freezable (bsc#1047626). - bcache: bugfix - gc thread now gets woken when cache is full (bsc#1047626). - bcache: bugfix - moving_gc now moves only correct buckets (bsc#1047626). - bcache: cleaned up error handling around register_cache() (bsc#1047626). - bcache: clear BCACHE_DEV_UNLINK_DONE flag when attaching a backing device (bsc#1047626). - bcache: defensively handle format strings (bsc#1047626). - bcache: fix BUG_ON due to integer overflow with GC_SECTORS_USED (bsc#1047626). - bcache: fix a livelock when we cause a huge number of cache misses (bsc#1047626). - bcache: fix crash in bcache_btree_node_alloc_fail tracepoint (bsc#1047626). - bcache: fix for gc and writeback race (bsc#1047626). - bcache: fix for gc crashing when no sectors are used (bsc#1047626). - bcache: kill index() (bsc#1047626). - bcache: only recovery I/O error for writethrough mode (bsc#1043652). - bcache: register_bcache(): call blkdev_put() when cache_alloc() fails (bsc#1047626). - bcache: stop moving_gc marking buckets that can't be moved (bsc#1047626). - mac80211: do not compare TKIP TX MIC key in reinstall prevention (bsc#1066472). - mac80211: use constant time comparison with keys (bsc#1066471). - powerpc/powernv: Remove OPAL v1 takeover (bsc#1070781). - powerpc/vdso64: Use double word compare on pointers - powerpc: Convert cmp to cmpd in idle enter sequence </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor