Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:0458-1 Final 1 1 2017-02-13T16:19:58Z current 2017-02-13T16:19:58Z 2017-02-13T16:19:58Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The openSUSE Leap 42.1 kernel to 4.1.38 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2017-5551: tmpfs: Fixed a bug that could have allowed users to set setgid bits on files they don't down (bsc#1021258). - CVE-2016-10147: crypto/mcryptd.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5) (bnc#1020381). - CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710). - CVE-2016-7917: The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel did not check whether a batch message's length field is large enough, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability (bnc#1010444). - CVE-2016-8645: The TCP stack in the Linux kernel mishandled skb truncation, which allowed local users to cause a denial of service (system crash) via a crafted application that made sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c (bnc#1009969). - CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bnc#1013540 1017589). - CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531 1013542). The following non-security bugs were fixed: - PCI: generic: Fix pci_remap_iospace() failure path (bsc#1019658). - bcache: partition support: add 16 minors per bcacheN device (bsc#1019784). - bnx2x: Correct ringparam estimate when DOWN (bsc#1020214). - clk: xgene: Do not call __pa on ioremaped address (bsc#1019660). - kABI workaround for 4.1.37 mount changes (stable-4.1.37). - kABI: reintroduce sk_filter (bsc#1009969). - kabi/severities: Ignore inode_change_ok change It's renamed in 4.1.37 to setattr_prepare() - mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820). - net: introduce __sock_queue_rcv_skb() function (bsc#1009969). - netback: correct array index (bsc#983348). - netfront: do not truncate grant references. - netfront: use correct linear area after linearizing an skb (bsc#1007886). - reiserfs: fix race in prealloc discard (bsc#987576). - rose: limit sk_filter trim to payload (bsc#1009969). - scsi: bfa: Increase requested firmware version to 3.2.5.1 (bsc#1013273). - xenbus: correctly signal errors from xenstored_local_init() (luckily none so far). - xenbus: do not invoke ->is_ready() for most device states (bsc#987333). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2017-02/msg00022.html E-Mail link for openSUSE-SU-2017:0458-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 kernel-debug-4.1.38-47.1 kernel-debug-base-4.1.38-47.1 kernel-debug-devel-4.1.38-47.1 kernel-default-4.1.38-47.1 kernel-default-base-4.1.38-47.1 kernel-default-devel-4.1.38-47.1 kernel-devel-4.1.38-47.1 kernel-docs-4.1.38-47.2 kernel-docs-html-4.1.38-47.2 kernel-docs-pdf-4.1.38-47.2 kernel-ec2-4.1.38-47.1 kernel-ec2-base-4.1.38-47.1 kernel-ec2-devel-4.1.38-47.1 kernel-macros-4.1.38-47.1 kernel-obs-build-4.1.38-47.3 kernel-obs-qa-4.1.38-47.1 kernel-pae-4.1.38-47.1 kernel-pae-base-4.1.38-47.1 kernel-pae-devel-4.1.38-47.1 kernel-pv-4.1.38-47.1 kernel-pv-base-4.1.38-47.1 kernel-pv-devel-4.1.38-47.1 kernel-source-4.1.38-47.1 kernel-source-vanilla-4.1.38-47.1 kernel-syms-4.1.38-47.1 kernel-vanilla-4.1.38-47.1 kernel-vanilla-devel-4.1.38-47.1 kernel-xen-4.1.38-47.1 kernel-xen-base-4.1.38-47.1 kernel-xen-devel-4.1.38-47.1 kernel-debug-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-debug-base-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-debug-devel-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-default-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-default-base-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-default-devel-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-devel-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-docs-4.1.38-47.2 as a component of openSUSE Leap 42.1 kernel-docs-html-4.1.38-47.2 as a component of openSUSE Leap 42.1 kernel-docs-pdf-4.1.38-47.2 as a component of openSUSE Leap 42.1 kernel-ec2-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-ec2-base-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-ec2-devel-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-macros-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-obs-build-4.1.38-47.3 as a component of openSUSE Leap 42.1 kernel-obs-qa-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-pae-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-pae-base-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-pae-devel-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-pv-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-pv-base-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-pv-devel-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-source-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-source-vanilla-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-syms-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-vanilla-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-vanilla-devel-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-xen-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-xen-base-4.1.38-47.1 as a component of openSUSE Leap 42.1 kernel-xen-devel-4.1.38-47.1 as a component of openSUSE Leap 42.1 The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576. CVE-2016-10088 openSUSE Leap 42.1:kernel-debug-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-docs-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-html-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.38-47.2 openSUSE Leap 42.1:kernel-ec2-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-macros-4.1.38-47.1 openSUSE Leap 42.1:kernel-obs-build-4.1.38-47.3 openSUSE Leap 42.1:kernel-obs-qa-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-syms-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.38-47.1 important 6.2 AV:L/AC:H/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-02/msg00022.html https://www.suse.com/security/cve/CVE-2016-10088.html CVE-2016-10088 https://bugzilla.suse.com/1013604 SUSE Bug 1013604 https://bugzilla.suse.com/1014271 SUSE Bug 1014271 https://bugzilla.suse.com/1017710 SUSE Bug 1017710 https://bugzilla.suse.com/1019079 SUSE Bug 1019079 crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5). CVE-2016-10147 openSUSE Leap 42.1:kernel-debug-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-docs-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-html-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.38-47.2 openSUSE Leap 42.1:kernel-ec2-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-macros-4.1.38-47.1 openSUSE Leap 42.1:kernel-obs-build-4.1.38-47.3 openSUSE Leap 42.1:kernel-obs-qa-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-syms-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.38-47.1 important 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-02/msg00022.html https://www.suse.com/security/cve/CVE-2016-10147.html CVE-2016-10147 https://bugzilla.suse.com/1020381 SUSE Bug 1020381 https://bugzilla.suse.com/1020429 SUSE Bug 1020429 Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing. CVE-2016-7117 openSUSE Leap 42.1:kernel-debug-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-docs-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-html-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.38-47.2 openSUSE Leap 42.1:kernel-ec2-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-macros-4.1.38-47.1 openSUSE Leap 42.1:kernel-obs-build-4.1.38-47.3 openSUSE Leap 42.1:kernel-obs-qa-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-syms-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.38-47.1 important 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-02/msg00022.html https://www.suse.com/security/cve/CVE-2016-7117.html CVE-2016-7117 https://bugzilla.suse.com/1003077 SUSE Bug 1003077 https://bugzilla.suse.com/1003253 SUSE Bug 1003253 https://bugzilla.suse.com/1057478 SUSE Bug 1057478 The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability. CVE-2016-7917 openSUSE Leap 42.1:kernel-debug-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-docs-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-html-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.38-47.2 openSUSE Leap 42.1:kernel-ec2-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-macros-4.1.38-47.1 openSUSE Leap 42.1:kernel-obs-build-4.1.38-47.3 openSUSE Leap 42.1:kernel-obs-qa-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-syms-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.38-47.1 moderate 5 AV:L/AC:M/Au:S/C:P/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-02/msg00022.html https://www.suse.com/security/cve/CVE-2016-7917.html CVE-2016-7917 https://bugzilla.suse.com/1010444 SUSE Bug 1010444 https://bugzilla.suse.com/1025354 SUSE Bug 1025354 The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c. CVE-2016-8645 openSUSE Leap 42.1:kernel-debug-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-docs-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-html-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.38-47.2 openSUSE Leap 42.1:kernel-ec2-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-macros-4.1.38-47.1 openSUSE Leap 42.1:kernel-obs-build-4.1.38-47.3 openSUSE Leap 42.1:kernel-obs-qa-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-syms-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.38-47.1 moderate 4.4 AV:L/AC:M/Au:S/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-02/msg00022.html https://www.suse.com/security/cve/CVE-2016-8645.html CVE-2016-8645 https://bugzilla.suse.com/1009969 SUSE Bug 1009969 https://bugzilla.suse.com/1025354 SUSE Bug 1025354 The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option. CVE-2016-9793 openSUSE Leap 42.1:kernel-debug-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-docs-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-html-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.38-47.2 openSUSE Leap 42.1:kernel-ec2-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-macros-4.1.38-47.1 openSUSE Leap 42.1:kernel-obs-build-4.1.38-47.3 openSUSE Leap 42.1:kernel-obs-qa-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-syms-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.38-47.1 moderate 5.9 AV:L/AC:H/Au:M/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-02/msg00022.html https://www.suse.com/security/cve/CVE-2016-9793.html CVE-2016-9793 https://bugzilla.suse.com/1013531 SUSE Bug 1013531 https://bugzilla.suse.com/1013542 SUSE Bug 1013542 https://bugzilla.suse.com/1025354 SUSE Bug 1025354 Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated. CVE-2016-9806 openSUSE Leap 42.1:kernel-debug-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-docs-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-html-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.38-47.2 openSUSE Leap 42.1:kernel-ec2-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-macros-4.1.38-47.1 openSUSE Leap 42.1:kernel-obs-build-4.1.38-47.3 openSUSE Leap 42.1:kernel-obs-qa-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-syms-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.38-47.1 moderate 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-02/msg00022.html https://www.suse.com/security/cve/CVE-2016-9806.html CVE-2016-9806 https://bugzilla.suse.com/1013540 SUSE Bug 1013540 https://bugzilla.suse.com/1017589 SUSE Bug 1017589 The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097. CVE-2017-5551 openSUSE Leap 42.1:kernel-debug-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-default-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-docs-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-html-4.1.38-47.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.38-47.2 openSUSE Leap 42.1:kernel-ec2-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-macros-4.1.38-47.1 openSUSE Leap 42.1:kernel-obs-build-4.1.38-47.3 openSUSE Leap 42.1:kernel-obs-qa-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-4.1.38-47.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-syms-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-4.1.38-47.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-base-4.1.38-47.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.38-47.1 low 3 AV:L/AC:M/Au:S/C:P/I:P/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-02/msg00022.html https://www.suse.com/security/cve/CVE-2017-5551.html CVE-2017-5551 https://bugzilla.suse.com/1021258 SUSE Bug 1021258 https://bugzilla.suse.com/995968 SUSE Bug 995968