Mailinglist Archive: opensuse-updates (144 mails)

< Previous Next >
openSUSE-SU-2015:2232-1: moderate: Security update for the Linux Kernel
openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2015:2232-1
Rating: moderate
References: #883192 #944978 #945825 #948758 #949936 #951533
#952384 #952579 #952976 #953527 #953559 #953717
#954404 #954421 #954647 #954757 #954876 #955190
#955363 #955365 #956856
Cross-References: CVE-2015-5307 CVE-2015-6937 CVE-2015-7799
CVE-2015-7990 CVE-2015-8104
Affected Products:
openSUSE Leap 42.1
______________________________________________________________________________

An update that solves 5 vulnerabilities and has 16 fixes is
now available.

Description:


The Linux Kernel was updated to 4.1.13 and fixes the following issues:

Security issues fixed:
- CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS
users to cause a denial of service (host OS panic or hang) by triggering
many #DB (aka Debug) exceptions, related to svm.c.
- CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS
users to cause a denial of service (host OS panic or hang) by triggering
many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.
- CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in
the Linux kernel allowed local users to cause a denial of service (NULL
pointer dereference and system crash) or possibly have unspecified
other impact by using a socket that was not properly bound.
- CVE-2015-7990: A local denial of service due to an incomplete fix of
CVE-2015-6937 could lead to crashes (local denial of service).
- CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the
Linux kernel did not ensure that certain slot numbers are valid, which
allowed local users to cause a denial of service (NULL pointer
dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.

Bugs fixed:
- alsa: hda - apply hp headphone fixups more generically (boo#954876).
- alsa: hda - add fixup for acer aspire one cloudbook 14 (boo#954876).
- alsa: hda - fix headphone noise after dell xps 13 resume back from S3
(boo#954876).
- alsa: hda - fix noise on dell latitude e6440 (boo#954876).
- alsa: hda/hdmi - apply skylake fix-ups to broxton display codec
(boo#954647).
- alsa: hda - add codec id for broxton display audio codec (boo#954647).
- alsa: hda/realtek - dell xps one alc3260 speaker no sound after resume
back (boo#954647).
- alsa: hda - yet another fix for dell headset mic with alc3266
(boo#954647).
- alsa: hda - fix dell laptop for internal mic/headset mic (boo#954647).
- alsa: hda - remove no physical connection pins from pin_quirk table
(boo#954647).
- alsa: hda - add pin quirk for the headset mic jack detection
on Dell laptop (boo#954647).
- alsa: hda - fix the headset mic that will not work on dell desktop
machine (boo#954647).
- alsa: hda - remove one pin from alc292_standard_pins (boo#954647).
- alsa: hda - add dock support for thinkpad w541 (17aa:2211) (boo#954647).
- alsa: hda/realtek: enable hp amp and mute led on hp folio 9480m [v3]
(boo#954647).
- alsa: hda/realtek - support dell headset mode for alc298 (boo#954647).
- alsa: hda/realtek - support headset mode for alc298 (boo#954647).

- x86/evtchn: make use of physdevop_map_pirq.
- blktap: also call blkif_disconnect() when frontend switched to closed
(boo#952976).
- blktap: refine mm tracking (boo#952976).
- update xen patches to linux 4.1.13.

- Backport arm64 patches from sle12-sp1-arm.
- Backport pci-ea patches
- Enable drm_ast driver
- Fix thunderx edac store function

- Update arm64 config files. Align arm64 vanilla configuration with
default.

- rtlwifi: rtl8821ae: fix lockups on boot (boo#944978).

- ethernet/atheros/alx: add killer e2400 device id (boo#955363).

- drm/i915: don't override output type for ddi hdmi (boo#955190).
- drm/i915: set best_encoder field of connector_state also when disabling
(boo#955190).
- drm/i915: add hotplug activation period to hotplug update mask
(boo#955365).
- drm/i915: avoid race of intel_crt_detect_hotplug() with hpd interrupt,
v2 (boo#955365).
- drm/i915: shut up gen8+ sde irq dmesg noise (boo#954757).

- ipv6: fix tunnel error handling (boo#952579).

- Update config files (boo#951533).

- iwlwifi: add new pci ids for the 8260 series (boo#954421).
- iwlwifi: edit the 3165 series and 8000 series pci ids (boo#954421).

- x86/efi-bgrt: switch pr_err() to pr_debug() for invalid bgrt
(boo#953559).

- x86/tsc: let high latency pit fail fast in quick_pit_calibrate()
(boo#953717).

- Backport arm64 patches from sle12-sp1-arm branch Backports to fix
Seattle xgbe driver. Fix EL2 page table for systems with high amount of
memory. Needed for KVM to work. Convert WARN_ON in numa implementation
to pr_warn.
- input: elantech - add fujitsu lifebook u745 to force crc_enabled
(boo#883192).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE Leap 42.1:

zypper in -t patch openSUSE-2015-879=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE Leap 42.1 (i586 x86_64):

kernel-default-4.1.13-5.1
kernel-default-base-4.1.13-5.1
kernel-default-base-debuginfo-4.1.13-5.1
kernel-default-debuginfo-4.1.13-5.1
kernel-default-debugsource-4.1.13-5.1
kernel-default-devel-4.1.13-5.1
kernel-obs-build-4.1.13-5.2
kernel-obs-build-debugsource-4.1.13-5.2
kernel-obs-qa-4.1.13-5.1
kernel-obs-qa-xen-4.1.13-5.1
kernel-syms-4.1.13-5.1

- openSUSE Leap 42.1 (i686 x86_64):

kernel-debug-4.1.13-5.1
kernel-debug-base-4.1.13-5.1
kernel-debug-base-debuginfo-4.1.13-5.1
kernel-debug-debuginfo-4.1.13-5.1
kernel-debug-debugsource-4.1.13-5.1
kernel-debug-devel-4.1.13-5.1
kernel-debug-devel-debuginfo-4.1.13-5.1
kernel-ec2-4.1.13-5.1
kernel-ec2-base-4.1.13-5.1
kernel-ec2-base-debuginfo-4.1.13-5.1
kernel-ec2-debuginfo-4.1.13-5.1
kernel-ec2-debugsource-4.1.13-5.1
kernel-ec2-devel-4.1.13-5.1
kernel-pv-4.1.13-5.1
kernel-pv-base-4.1.13-5.1
kernel-pv-base-debuginfo-4.1.13-5.1
kernel-pv-debuginfo-4.1.13-5.1
kernel-pv-debugsource-4.1.13-5.1
kernel-pv-devel-4.1.13-5.1
kernel-vanilla-4.1.13-5.1
kernel-vanilla-debuginfo-4.1.13-5.1
kernel-vanilla-debugsource-4.1.13-5.1
kernel-vanilla-devel-4.1.13-5.1
kernel-xen-4.1.13-5.1
kernel-xen-base-4.1.13-5.1
kernel-xen-base-debuginfo-4.1.13-5.1
kernel-xen-debuginfo-4.1.13-5.1
kernel-xen-debugsource-4.1.13-5.1
kernel-xen-devel-4.1.13-5.1

- openSUSE Leap 42.1 (noarch):

kernel-devel-4.1.13-5.1
kernel-docs-4.1.13-5.4
kernel-docs-html-4.1.13-5.4
kernel-docs-pdf-4.1.13-5.4
kernel-macros-4.1.13-5.1
kernel-source-4.1.13-5.1
kernel-source-vanilla-4.1.13-5.1

- openSUSE Leap 42.1 (i686):

kernel-pae-4.1.13-5.1
kernel-pae-base-4.1.13-5.1
kernel-pae-base-debuginfo-4.1.13-5.1
kernel-pae-debuginfo-4.1.13-5.1
kernel-pae-debugsource-4.1.13-5.1
kernel-pae-devel-4.1.13-5.1


References:

https://www.suse.com/security/cve/CVE-2015-5307.html
https://www.suse.com/security/cve/CVE-2015-6937.html
https://www.suse.com/security/cve/CVE-2015-7799.html
https://www.suse.com/security/cve/CVE-2015-7990.html
https://www.suse.com/security/cve/CVE-2015-8104.html
https://bugzilla.suse.com/883192
https://bugzilla.suse.com/944978
https://bugzilla.suse.com/945825
https://bugzilla.suse.com/948758
https://bugzilla.suse.com/949936
https://bugzilla.suse.com/951533
https://bugzilla.suse.com/952384
https://bugzilla.suse.com/952579
https://bugzilla.suse.com/952976
https://bugzilla.suse.com/953527
https://bugzilla.suse.com/953559
https://bugzilla.suse.com/953717
https://bugzilla.suse.com/954404
https://bugzilla.suse.com/954421
https://bugzilla.suse.com/954647
https://bugzilla.suse.com/954757
https://bugzilla.suse.com/954876
https://bugzilla.suse.com/955190
https://bugzilla.suse.com/955363
https://bugzilla.suse.com/955365
https://bugzilla.suse.com/956856


< Previous Next >
This Thread
  • No further messages