Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:2110-1 Final 1 1 2017-08-09T08:56:02Z current 2017-08-09T08:56:02Z 2017-08-09T08:56:02Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The openSUSE Leap 42.2 kernel was updated to 4.4.79 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bnc#1049882). - CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users to gain privileges via a crafted ACPI table (bnc#1049603). - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bnc#1049483). - CVE-2017-7541: The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel allowed local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet (bnc#1049645). - CVE-2017-10810: Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering object-initialization failures (bnc#1047277). The following non-security bugs were fixed: - acpi / processor: Avoid reserving IO regions too early (bsc#1051478). - af_key: Add lock to key dump (bsc#1047653). - af_key: Fix slab-out-of-bounds in pfkey_compile_policy (bsc#1047354). - alsa: fm801: Initialize chip after IRQ handler is registered (bsc#1031717). - alsa: hda - Fix endless loop of codec configure (bsc#1031717). - alsa: hda - set input_path bitmap to zero after moving it to new place (bsc#1031717). - b43: Add missing MODULE_FIRMWARE() (bsc#1037344). - bcache: force trigger gc (bsc#1038078). - bcache: only recovery I/O error for writethrough mode (bsc#1043652). - bdi: Fix use-after-free in wb_congested_put() (bsc#1040307). - blacklist 2400fd822f46 powerpc/asm: Mark cr0 as clobbered in mftb() - blacklist.conf: - blacklist.conf: 1151f838cb62 is high-risk and we're not aware of any systems that might need it in SP2. - blacklist.conf: 8b8642af15ed not a supported driver - blacklist.conf: 9eeacd3a2f17 not a bug fix (bnc#1050061) - blacklist.conf: add inapplicable commits for wifi (bsc#1031717) - blacklist.conf: add unapplicable/cosmetic iwlwifi fixes (bsc#1031717). - blacklist.conf: add unapplicable drm fixes (bsc#1031717). - blacklist.conf: Blacklist 4e201566402c ('genirq/msi: Drop artificial PCI dependency') (bsc#1051478) This commit just removes an include and does not fix a real issue. - blacklist.conf: blacklist 7b73305160f1, unneeded cleanup - blacklist.conf: Blacklist aa2369f11ff7 ('mm/gup.c: fix access_ok() argument type') (bsc#1051478) Fixes only a compile-warning. - blacklist.conf: Blacklist c133c7615751 ('x86/nmi: Fix timeout test in test_nmi_ipi()') It only fixes a self-test (bsc#1051478). - blacklist.conf: Blacklist c9525a3fab63 ('x86/watchdog: Fix Kconfig help text file path reference to lockup watchdog documentation') Updates only kconfig help-text (bsc#1051478). - blacklist.conf: Blacklist e80e7edc55ba ('PCI/MSI: Initialize MSI capability for all architectures') This only fixes machines not supported by our kernels. - blacklist.conf: build time cleanup our kernel compiles. No need to shut up warnings nobody looks at - blacklist.conf: cleanup, no bugs fixed - blacklist.conf: cxgb4 commit does not fit for SP2 - blacklist.conf: da0510c47519fe0999cffe316e1d370e29f952be # FRV not applicable to SLE - blacklist.conf: Do not need 55d728a40d36, we do it differently in SLE - blacklist.conf: kABI breakage This touches struct device. - blacklist.conf: lp8788 is not compiled - blacklist.conf: unneeded Fixing debug statements on BE systems for IrDA - blkfront: add uevent for size change (bnc#1036632). - block: Allow bdi re-registration (bsc#1040307). - block: Fix front merge check (bsc#1051239). - block: Make del_gendisk() safer for disks without queues (bsc#1040307). - block: Move bdi_unregister() to del_gendisk() (bsc#1040307). - brcmfmac: Fix glom_skb leak in brcmf_sdiod_recv_chain (bsc#1031717). - btrfs: add cond_resched to btrfs_qgroup_trace_leaf_items (bsc#1028286). - btrfs: Add WARN_ON for qgroup reserved underflow (bsc#1031515). - btrfs: Do not clear SGID when inheriting ACLs (bsc#1030552). - btrfs: fix lockup in find_free_extent with read-only block groups (bsc#1046682). - btrfs: incremental send, fix invalid path for link commands (bsc#1051479). - btrfs: incremental send, fix invalid path for unlink commands (bsc#1051479). - btrfs: resume qgroup rescan on rw remount (bsc#1047152). - btrfs: send, fix invalid path after renaming and linking file (bsc#1051479). - cpuidle: dt: Add missing 'of_node_put()' (bnc#1022476). - crypto: s5p-sss - fix incorrect usage of scatterlists api (bsc#1048317). - cx82310_eth: use skb_cow_head() to deal with cloned skbs (bsc# 1045154). - cxl: Unlock on error in probe (bsc#1034762, Pending SUSE Kernel Fixes). - dentry name snapshots (bsc#1049483). - dm: fix second blk_delay_queue() parameter to be in msec units not (bsc#1047670). - drivers: hv: Fix the bug in generating the guest ID (fate#320485). - drivers: hv: util: Fix a typo (fate#320485). - drivers: hv: vmbus: Get the current time from the current clocksource (fate#320485, bnc#1044112, bnc#1042778, bnc#1029693). - drivers: hv: vmbus: Increase the time between retries in vmbus_post_msg() (fate#320485, bnc#1044112). - drivers: hv: vmbus: Move the code to signal end of message (fate#320485). - drivers: hv: vmbus: Move the definition of generate_guest_id() (fate#320485). - drivers: hv: vmbus: Move the definition of hv_x64_msr_hypercall_contents (fate#320485). - drivers: hv: vmbus: Restructure the clockevents code (fate#320485). - drm/amdgpu: Fix overflow of watermark calcs at > 4k resolutions (bsc#1031717). - drm/bochs: Implement nomodeset (bsc#1047096). - drm/i915/fbdev: Stop repeating tile configuration on stagnation (bsc#1031717). - drm/i915: Fix scaler init during CRTC HW state readout (bsc#1031717). - drm/virtio: do not leak bo on drm_gem_object_init failure (bsc#1047277). - drm/vmwgfx: Fix large topology crash (bsc#1048155). - drm/vmwgfx: Support topology greater than texture size (bsc#1048155). - drop patches; obsoleted by 'scsi: Add STARGET_CREATE_REMOVE state' - efi/libstub: Skip GOP with PIXEL_BLT_ONLY format (bnc#974215). - ext2: Do not clear SGID when inheriting ACLs (bsc#1030552). - ext4: avoid unnecessary stalls in ext4_evict_inode() (bsc#1049486). - ext4: Do not clear SGID when inheriting ACLs (bsc#1030552). - ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors (bsc#1012829). - Fix kABI breakage by KVM CVE fix (bsc#1045922). - fs/fcntl: f_setown, avoid undefined behaviour (bnc#1006180). - gcov: add support for gcc version >= 6 (bsc#1051663). - gcov: support GCC 7.1 (bsc#1051663). - gfs2: fix flock panic issue (bsc#1012829). - hrtimer: Catch invalid clockids again (bsc#1047651). - hrtimer: Revert CLOCK_MONOTONIC_RAW support (bsc#1047651). - hv_utils: drop .getcrosststamp() support from PTP driver (fate#320485, bnc#1044112, bnc#1042778, bnc#1029693). - hv_utils: fix TimeSync work on pre-TimeSync-v4 hosts (fate#320485, bnc#1044112, bnc#1042778, bnc#1029693). - hv_util: switch to using timespec64 (fate#320485). - i2c: designware-baytrail: fix potential null pointer dereference on dev (bsc#1011913). - i40e: add hw struct local variable (bsc#1039915). - i40e: add private flag to control source pruning (bsc#1034075). - i40e: add VSI info to macaddr messages (bsc#1039915). - i40e: avoid looping to check whether we're in VLAN mode (bsc#1039915). - i40e: avoid O(n^2) loop when deleting all filters (bsc#1039915). - i40e: delete filter after adding its replacement when converting (bsc#1039915). - i40e: do not add broadcast filter for VFs (bsc#1039915). - i40e: do not allow i40e_vsi_(add|kill)_vlan to operate when VID<1 (bsc#1039915). - i40e: drop is_vf and is_netdev fields in struct i40e_mac_filter (bsc#1039915). - i40e: enable VSI broadcast promiscuous mode instead of adding broadcast filter (bsc#1039915). - i40e: factor out addition/deletion of VLAN per each MAC address (bsc#1039915). - i40e: fix MAC filters when removing VLANs (bsc#1039915). - i40e: fold the i40e_is_vsi_in_vlan check into i40e_put_mac_in_vlan (bsc#1039915). - i40e: implement __i40e_del_filter and use where applicable (bsc#1039915). - i40e: make use of __dev_uc_sync and __dev_mc_sync (bsc#1039915). - i40e: move all updates for VLAN mode into i40e_sync_vsi_filters (bsc#1039915). - i40e: move i40e_put_mac_in_vlan and i40e_del_mac_all_vlan (bsc#1039915). - i40e: no need to check is_vsi_in_vlan before calling i40e_del_mac_all_vlan (bsc#1039915). - i40e: properly cleanup on allocation failure in i40e_sync_vsi_filters (bsc#1039915). - i40e: recalculate vsi->active_filters from hash contents (bsc#1039915). - i40e: refactor i40e_put_mac_in_vlan to avoid changing f->vlan (bsc#1039915). - i40e: refactor i40e_update_filter_state to avoid passing aq_err (bsc#1039915). - i40e: refactor Rx filter handling (bsc#1039915). - i40e: Removal of workaround for simple MAC address filter deletion (bsc#1039915). - i40e: remove code to handle dev_addr specially (bsc#1039915). - i40e: removed unreachable code (bsc#1039915). - i40e: remove duplicate add/delete adminq command code for filters (bsc#1039915). - i40e: remove second check of VLAN_N_VID in i40e_vlan_rx_add_vid (bsc#1039915). - i40e: rename i40e_put_mac_in_vlan and i40e_del_mac_all_vlan (bsc#1039915). - i40e: restore workaround for removing default MAC filter (bsc#1039915). - i40e: set broadcast promiscuous mode for each active VLAN (bsc#1039915). - i40e: store MAC/VLAN filters in a hash with the MAC Address as key (bsc#1039915). - i40e: use (add|rm)_vlan_all_mac helper functions when changing PVID (bsc#1039915). - i40e: when adding or removing MAC filters, correctly handle VLANs (bsc#1039915). - i40e: When searching all MAC/VLAN filters, ignore removed filters (bsc#1039915). - i40e: write HENA for VFs (bsc#1039915). - iio: hid-sensor: fix return of -EINVAL on invalid values in ret or value (bsc#1031717). - Input: gpio-keys - fix check for disabling unsupported keys (bsc#1031717). - introduce the walk_process_tree() helper (bnc#1022476). - ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output (bsc#1041958). - ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output (bsc#1041958). - iwlwifi: mvm: compare full command ID (FATE#321353, FATE#323335). - iwlwifi: mvm: reset the fw_dump_desc pointer after ASSERT (bsc#1031717). - iwlwifi: mvm: synchronize firmware DMA paging memory (FATE#321353, FATE#323335). - iwlwifi: mvm: unconditionally stop device after init (bsc#1031717). - iwlwifi: mvm: unmap the paging memory before freeing it (FATE#321353, FATE#323335). - iwlwifi: pcie: fix command completion name debug (bsc#1031717). - kABI-fix for 'x86/panic: replace smp_send_stop() with kdump friendly version in panic path' (bsc#1051478). - kABI: protect lwtunnel include in ip6_route.h (kabi). - kABI: protect struct iscsi_tpg_attrib (kabi). - kABI: protect struct tpm_chip (kabi). - kABI: protect struct xfrm_dst (kabi). - kABI: protect struct xfrm_dst (kabi). - kvm: nVMX: fix msr bitmaps to prevent L2 from accessing L0 x2APIC (bsc#1051478). - kvm: nVMX: Fix nested_vmx_check_msr_bitmap_controls (bsc#1051478). - kvm: nVMX: Fix nested VPID vmx exec control (bsc#1051478). - kvm: x86: avoid simultaneous queueing of both IRQ and SMI (bsc#1051478). - mac80211_hwsim: Replace bogus hrtimer clockid (bsc#1047651). - md: fix sleep in atomic (bsc#1040351). - mm: adaptive hash table scaling (bnc#1036303). - mm-adaptive-hash-table-scaling-v5 (bnc#1036303). - mm: call page_ext_init() after all struct pages are initialized (VM Debugging Functionality, bsc#1047048). - mm: drop HASH_ADAPT (bnc#1036303). - mm: fix classzone_idx underflow in shrink_zones() (VM Functionality, bsc#1042314). - mm: make PR_SET_THP_DISABLE immediately active (bnc#1048891). - More Git-commit header fixups No functional change intended. - mwifiex: do not update MCS set from hostapd (bsc#1031717). - net: account for current skb length when deciding about UFO (bsc#1041958). - net: ena: add hardware hints capability to the driver (bsc#1047121). - net: ena: add missing return when ena_com_get_io_handlers() fails (bsc#1047121). - net: ena: add missing unmap bars on device removal (bsc#1047121). - net: ena: add reset reason for each device FLR (bsc#1047121). - net: ena: add support for out of order rx buffers refill (bsc#1047121). - net: ena: allow the driver to work with small number of msix vectors (bsc#1047121). - net: ena: bug fix in lost tx packets detection mechanism (bsc#1047121). - net: ena: change return value for unsupported features unsupported return value (bsc#1047121). - net: ena: change sizeof() argument to be the type pointer (bsc#1047121). - net: ena: disable admin msix while working in polling mode (bsc#1047121). - net: ena: fix bug that might cause hang after consecutive open/close interface (bsc#1047121). - net: ena: fix race condition between submit and completion admin command (bsc#1047121). - net: ena: fix rare uncompleted admin command false alarm (bsc#1047121). - net: ena: fix theoretical Rx hang on low memory systems (bsc#1047121). - net: ena: separate skb allocation to dedicated function (bsc#1047121). - net: ena: update driver's rx drop statistics (bsc#1047121). - net: ena: update ena driver to version 1.1.7 (bsc#1047121). - net: ena: update ena driver to version 1.2.0 (bsc#1047121). - net: ena: use lower_32_bits()/upper_32_bits() to split dma address (bsc#1047121). - net: ena: use napi_schedule_irqoff when possible (bsc#1047121). - net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish() (bsc#1042286). - net/mlx5: Fix driver load error flow when firmware is stuck (git-fixes). - net: phy: Do not perform software reset for Generic PHY (bsc#1042286). - nfs: Cache aggressively when file is open for writing (bsc#1033587). - nfs: Do not flush caches for a getattr that races with writeback (bsc#1033587). - nfs: invalidate file size when taking a lock (git-fixes). - nfs: only invalidate dentrys that are clearly invalid (bsc#1047118). - ocfs2: Do not clear SGID when inheriting ACLs (bsc#1030552). - ocfs2: fix deadlock caused by recursive locking in xattr (bsc#1012829). - ocfs2: Make ocfs2_set_acl() static (bsc#1030552). - pci: Add Mellanox device IDs (bsc#1051478). - pci: Convert Mellanox broken INTx quirks to be for listed devices only (bsc#1051478). - pci: Correct PCI_STD_RESOURCE_END usage (bsc#1051478). - pci: dwc: dra7xx: Use RW1C for IRQSTATUS_MSI and IRQSTATUS_MAIN (bsc#1051478). - pci: dwc: Fix uninitialized variable in dw_handle_msi_irq() (bsc#1051478). - pci: Enable ECRC only if device supports it (bsc#1051478). - PCI / PM: Fix native PME handling during system suspend/resume (bsc#1051478). - pci: Support INTx masking on ConnectX-4 with firmware x.14.1100+ (bsc#1051478). - perf/x86: Fix spurious NMI with PEBS Load Latency event (bsc#1051478). - perf/x86/intel: Cure bogus unwind from PEBS entries (bsc#1051478). - perf/x86/intel: Fix PEBSv3 record drain (bsc#1051478). - platform/x86: ideapad-laptop: Add IdeaPad 310-15IKB to no_hw_rfkill (bsc#1051022). - platform/x86: ideapad-laptop: Add IdeaPad V310-15ISK to no_hw_rfkill (bsc#1051022). - platform/x86: ideapad-laptop: Add IdeaPad V510-15IKB to no_hw_rfkill (bsc#1051022). - platform/x86: ideapad-laptop: Add Lenovo Yoga 910-13IKB to no_hw_rfkill dmi list (bsc#1051022). - platform/x86: ideapad-laptop: Add several models to no_hw_rfkill (bsc#1051022). - platform/x86: ideapad-laptop: Add Y520-15IKBN to no_hw_rfkill (bsc#1051022). - platform/x86: ideapad-laptop: Add Y700 15-ACZ to no_hw_rfkill DMI list (bsc#1051022). - platform/x86: ideapad-laptop: Add Y720-15IKBN to no_hw_rfkill (bsc#1051022). - Pm / Hibernate: Fix scheduling while atomic during hibernation (bsc#1051059). - prctl: propagate has_child_subreaper flag to every descendant (bnc#1022476). - README.BRANCH: Add Oliver as openSUSE-42.2 branch co-maintainer - Refresh patches.kabi/Fix-kABI-breakage-by-KVM-CVE-fix.patch. Fix a stupid bug where the VCPU_REGS_TF shift was used as a mask. - reiserfs: Do not clear SGID when inheriting ACLs (bsc#1030552). - Revert 'ACPI / video: Add force_native quirk for HP Pavilion dv6' (bsc#1031717). - Revert 'Add 'shutdown' to 'struct class'.' (kabi). - Revert 'kvm: x86: fix emulation of RSM and IRET instructions' (kabi). - Revert 'mm/list_lru.c: fix list_lru_count_node() to be race free' (kabi). - Revert 'powerpc/numa: Fix percpu allocations to be NUMA aware' (bsc#1048914). - Revert 'tpm: Issue a TPM2_Shutdown for TPM2 devices.' (kabi). - rpm/kernel-binary.spec.in: find-debuginfo.sh should not touch build-id This needs rpm-4.14+ (bsc#964063). - sched/core: Allow __sched_setscheduler() in interrupts when PI is not used (bnc#1022476). - sched/debug: Print the scheduler topology group mask (bnc#1022476). - sched/fair, cpumask: Export for_each_cpu_wrap() (bnc#1022476). - sched/fair: Fix O(nr_cgroups) in load balance path (bnc#1022476). - sched/fair: Use task_groups instead of leaf_cfs_rq_list to walk all cfs_rqs (bnc#1022476). - sched/topology: Add sched_group_capacity debugging (bnc#1022476). - sched/topology: Fix building of overlapping sched-groups (bnc#1022476). - sched/topology: Fix overlapping sched_group_capacity (bnc#1022476). - sched/topology: Move comment about asymmetric node setups (bnc#1022476). - sched/topology: Refactor function build_overlap_sched_groups() (bnc#1022476). - sched/topology: Remove FORCE_SD_OVERLAP (bnc#1022476). - sched/topology: Simplify build_overlap_sched_groups() (bnc#1022476). - sched/topology: Small cleanup (bnc#1022476). - sched/topology: Verify the first group matches the child domain (bnc#1022476). - scsi: Add STARGET_CREATE_REMOVE state to scsi_target_state (bsc#1013887). - scsi: bnx2i: missing error code in bnx2i_ep_connect() (bsc#1048221). - scsi: kABI fix for new state STARGET_CREATED_REMOVE (bsc#1013887). - scsi: storvsc: Workaround for virtual DVD SCSI version (fate#320485, bnc#1044636). - smsc75xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154). - sr9700: use skb_cow_head() to deal with cloned skbs (bsc#1045154). - sysctl: do not print negative flag for proc_douintvec (bnc#1046985). - timers: Plug locking race vs. timer migration (bnc#1022476). - udf: Fix deadlock between writeback and udf_setsize() (bsc#1012829). - udf: Fix races with i_size changes during readpage (bsc#1012829). - x86/LDT: Print the real LDT base address (bsc#1051478). - x86/mce: Make timer handling more robust (bsc#1042422). - x86/panic: replace smp_send_stop() with kdump friendly version in panic path (bsc#1051478). - xen: allocate page for shared info page from low memory (bnc#1038616). - xen/balloon: do not online new memory initially (bnc#1028173). - xen: hold lock_device_hotplug throughout vcpu hotplug operations (bsc#1042422). - xen-netfront: Rework the fix for Rx stall during OOM and network stress (git-fixes). - xen/pvh*: Support > 32 VCPUs at domain restore (bnc#1045563). - xfrm: NULL dereference on allocation failure (bsc#1047343). - xfrm: Oops on error in pfkey_msg2xfrm_state() (bsc#1047653). - xfs: do not BUG() on mixed direct and mapped I/O (bsc#1050188). - xfs: Do not clear SGID when inheriting ACLs (bsc#1030552). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2017-08/msg00031.html E-Mail link for openSUSE-SU-2017:2110-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 kernel-debug-4.4.79-18.23.1 kernel-debug-base-4.4.79-18.23.1 kernel-debug-devel-4.4.79-18.23.1 kernel-default-4.4.79-18.23.1 kernel-default-base-4.4.79-18.23.1 kernel-default-devel-4.4.79-18.23.1 kernel-devel-4.4.79-18.23.1 kernel-docs-4.4.79-18.23.2 kernel-docs-html-4.4.79-18.23.2 kernel-docs-pdf-4.4.79-18.23.2 kernel-macros-4.4.79-18.23.1 kernel-obs-build-4.4.79-18.23.1 kernel-obs-qa-4.4.79-18.23.1 kernel-source-4.4.79-18.23.1 kernel-source-vanilla-4.4.79-18.23.1 kernel-syms-4.4.79-18.23.1 kernel-vanilla-4.4.79-18.23.1 kernel-vanilla-base-4.4.79-18.23.1 kernel-vanilla-devel-4.4.79-18.23.1 kernel-debug-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-debug-base-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-debug-devel-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-default-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-default-base-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-default-devel-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-devel-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-docs-4.4.79-18.23.2 as a component of openSUSE Leap 42.2 kernel-docs-html-4.4.79-18.23.2 as a component of openSUSE Leap 42.2 kernel-docs-pdf-4.4.79-18.23.2 as a component of openSUSE Leap 42.2 kernel-macros-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-obs-build-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-obs-qa-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-source-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-source-vanilla-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-syms-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-vanilla-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-vanilla-base-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 kernel-vanilla-devel-4.4.79-18.23.1 as a component of openSUSE Leap 42.2 Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures. CVE-2017-10810 openSUSE Leap 42.2:kernel-debug-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-debug-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-debug-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-docs-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-docs-html-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-docs-pdf-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-macros-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-obs-build-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-obs-qa-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-source-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-source-vanilla-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-syms-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-devel-4.4.79-18.23.1 moderate 1.2 AV:L/AC:H/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-08/msg00031.html https://www.suse.com/security/cve/CVE-2017-10810.html CVE-2017-10810 https://bugzilla.suse.com/1047277 SUSE Bug 1047277 Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table. CVE-2017-11473 openSUSE Leap 42.2:kernel-debug-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-debug-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-debug-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-docs-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-docs-html-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-docs-pdf-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-macros-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-obs-build-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-obs-qa-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-source-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-source-vanilla-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-syms-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-devel-4.4.79-18.23.1 moderate 6 AV:L/AC:H/Au:S/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-08/msg00031.html https://www.suse.com/security/cve/CVE-2017-11473.html CVE-2017-11473 https://bugzilla.suse.com/1049603 SUSE Bug 1049603 https://bugzilla.suse.com/1061680 SUSE Bug 1061680 https://bugzilla.suse.com/1087082 SUSE Bug 1087082 Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions. CVE-2017-7533 openSUSE Leap 42.2:kernel-debug-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-debug-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-debug-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-docs-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-docs-html-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-docs-pdf-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-macros-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-obs-build-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-obs-qa-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-source-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-source-vanilla-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-syms-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-devel-4.4.79-18.23.1 moderate 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-08/msg00031.html https://www.suse.com/security/cve/CVE-2017-7533.html CVE-2017-7533 https://bugzilla.suse.com/1049483 SUSE Bug 1049483 https://bugzilla.suse.com/1050677 SUSE Bug 1050677 https://bugzilla.suse.com/1050751 SUSE Bug 1050751 https://bugzilla.suse.com/1053919 SUSE Bug 1053919 The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet. CVE-2017-7541 openSUSE Leap 42.2:kernel-debug-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-debug-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-debug-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-docs-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-docs-html-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-docs-pdf-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-macros-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-obs-build-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-obs-qa-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-source-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-source-vanilla-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-syms-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-devel-4.4.79-18.23.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-08/msg00031.html https://www.suse.com/security/cve/CVE-2017-7541.html CVE-2017-7541 https://bugzilla.suse.com/1049645 SUSE Bug 1049645 The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket. CVE-2017-7542 openSUSE Leap 42.2:kernel-debug-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-debug-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-debug-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-default-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-devel-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-docs-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-docs-html-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-docs-pdf-4.4.79-18.23.2 openSUSE Leap 42.2:kernel-macros-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-obs-build-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-obs-qa-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-source-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-source-vanilla-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-syms-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-base-4.4.79-18.23.1 openSUSE Leap 42.2:kernel-vanilla-devel-4.4.79-18.23.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-08/msg00031.html https://www.suse.com/security/cve/CVE-2017-7542.html CVE-2017-7542 https://bugzilla.suse.com/1049882 SUSE Bug 1049882 https://bugzilla.suse.com/1061936 SUSE Bug 1061936