Operating System:

[SUSE]

Published:

05 August 2016

Protect yourself against future threats.

//Service

Member Security Incident Notifications

Be proactive with your security and receive our daily Member Security Incident Notifications (MSINs) custom to your network.

Read more
Resources > Security Bulletins > ESB-2016.1900 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2016.1900
        SUSE Security Update: Security update for Linux Kernel Live
                          Patch 0 for SLE 12 SP1
                               5 August 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          Linux kernel
Publisher:        SUSE
Operating System: SUSE
Impact/Access:    Root Compromise   -- Existing Account
                  Denial of Service -- Existing Account
                  Reduced Security  -- Existing Account
Resolution:       Patch/Upgrade
CVE Names:        CVE-2016-4565 CVE-2016-4470 CVE-2016-3134
                  CVE-2016-2053 CVE-2016-1583 CVE-2016-0758
                  CVE-2015-8816 CVE-2015-8019 CVE-2013-7446

Reference:        ASB-2016.0071
                  ESB-2016.1183
                  ESB-2015.3170

- --------------------------BEGIN INCLUDED TEXT--------------------

   SUSE Security Update: Security update for Linux Kernel Live Patch 0 for SLE 12 SP1
______________________________________________________________________________

Announcement ID:    SUSE-SU-2016:1961-1
Rating:             important
References:         #971793 #973570 #979064 #979074 #979078 #980856 
                    #980883 #983144 #984764 
Cross-References:   CVE-2013-7446 CVE-2015-8019 CVE-2015-8816
                    CVE-2016-0758 CVE-2016-1583 CVE-2016-2053
                    CVE-2016-3134 CVE-2016-4470 CVE-2016-4565
                   
Affected Products:
                    SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

   An update that fixes 9 vulnerabilities is now available.

Description:

   This update for the Linux Kernel 3.12.49-11.1 fixes the several issues.

   These security issues were fixed:
   - CVE-2016-4470: The key_reject_and_link function in security/keys/key.c
     in the Linux kernel did not ensure that a certain data structure is
     initialized, which allowed local users to cause a denial of service
     (system crash) via vectors involving a crafted keyctl request2 command
     (bsc#984764).
   - CVE-2016-1583: The ecryptfs_privileged_open function in
     fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain
     privileges or cause a denial of service (stack memory consumption) via
     vectors involving crafted mmap calls for /proc pathnames, leading to
     recursive pagefault handling (bsc#983144).
   - CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel
     incorrectly relied on the write system call, which allowed local users
     to cause a denial of service (kernel memory write operation) or possibly
     have unspecified other impact via a uAPI interface (bsc#980883).
   - CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux
     kernel allowed local users to gain privileges via crafted ASN.1 data
     (bsc#980856).
   - CVE-2015-8019: The skb_copy_and_csum_datagram_iovec function in
     net/core/datagram.c in the Linux kernel did not accept a length
     argument, which allowed local users to cause a denial of service (memory
     corruption) or possibly have unspecified other impact via a write system
     call followed by a recvmsg system call (bsc#979078).
   - CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in
     the Linux kernel allowed attackers to cause a denial of service (panic)
     via an ASN.1 BER file that lacks a public key, leading to mishandling by
     the public_key_verify_signature function in
     crypto/asymmetric_keys/public_key.c (bsc#979074).
   - CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in
     the Linux kernel did not properly maintain a hub-interface data
     structure, which allowed physically proximate attackers to cause a
     denial of service (invalid memory access and system crash) or possibly
     have unspecified other impact by unplugging a USB hub device
     (bsc#979064).
   - CVE-2016-3134: The netfilter subsystem in the Linux kernel did not
     validate certain offset fields, which allowed local users to gain
     privileges or cause a denial of service (heap memory corruption) via an
     IPT_SO_SET_REPLACE setsockopt call (bsc#971793).

   This non-security issue was fixed:
   - bsc#973570: The fix for CVE-2013-7446 introduced a bug that could have
     possibly lead to a softlockup.


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Live Patching 12:

      zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1157=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Live Patching 12 (x86_64):

      kgraft-patch-3_12_49-11-default-5-14.2
      kgraft-patch-3_12_49-11-xen-5-14.2


References:

   https://www.suse.com/security/cve/CVE-2013-7446.html
   https://www.suse.com/security/cve/CVE-2015-8019.html
   https://www.suse.com/security/cve/CVE-2015-8816.html
   https://www.suse.com/security/cve/CVE-2016-0758.html
   https://www.suse.com/security/cve/CVE-2016-1583.html
   https://www.suse.com/security/cve/CVE-2016-2053.html
   https://www.suse.com/security/cve/CVE-2016-3134.html
   https://www.suse.com/security/cve/CVE-2016-4470.html
   https://www.suse.com/security/cve/CVE-2016-4565.html
   https://bugzilla.suse.com/971793
   https://bugzilla.suse.com/973570
   https://bugzilla.suse.com/979064
   https://bugzilla.suse.com/979074
   https://bugzilla.suse.com/979078
   https://bugzilla.suse.com/980856
   https://bugzilla.suse.com/980883
   https://bugzilla.suse.com/983144
   https://bugzilla.suse.com/984764

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBV6PsoYx+lLeg9Ub1AQh/fBAAq9zqKfXdtCmSSYA/T9tg9bSAk28Gl0Ov
plXHNWgtN/pFQ/GkE7y+1yh0E+MlEogB9lGrOOyqkhSeg6dDqvqgan+fOAyC97zd
IMFhzRribkrQPuZAn02oAg/XiCkRvXjIA/A3YuyIhbvQkrplcdh+MUUMCF94T6eC
UN6Lrcpq+3KF/yTbnmw4RleQsfNkgpG0/q3cZtoc8lbmWH2VNE9x7JHzQHq/xKTT
TYqTj3W+R6t39LcyD8WPyCwzDMTznwBec4z/UAH4JRSqDb0vv6zQL35nT0Che9ae
Alr/1hrMJHvuE6ihsetc5aQ27fuQWuKV5NfKvrsYauhwWD0HUJvwPk3ZyhYhzXDD
25CBh+yM30BD8OZdlL01N7VIludFaJn49ezqNzxDwPwNJBJuqai5jJgjer/pgO27
u+7eEZarUhYkvdIdd+fUCbvOIak7ykEDqMgMkkouLW+o0oIXbf/CKnHUjHeONNev
lR2TQDNypFS6AoOIFi/jar272GfaTyUV8Ul4vGXQFfDtUYm6qJLkgc29kYzqx5Ep
QWQqTo1nwKRbAzAloV1b14Oe3mfAd9yKKKw9ux8z7rcMMUVCj6LY/NKKgBGQjLWT
OK8ByIkKlukh2fztddl90OcG5UgOxyvvAkeVEEfjHMsOmMwOnXlhE663C59w1R5d
4Bvamr7lEcs=
=352R
-----END PGP SIGNATURE-----