Operating System:

[SUSE]

Published:

05 December 2016

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2016.2856
        SUSE Security Update: Security update for the Linux Kernel
                              5 December 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Increased Privileges            -- Existing Account      
                   Denial of Service               -- Existing Account      
                   Unauthorised Access             -- Remote/Unauthenticated
                   Access Confidential Data        -- Existing Account      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2016-7425 CVE-2016-7117 CVE-2016-7097
                   CVE-2016-7042 CVE-2016-6828 CVE-2016-6480
                   CVE-2016-5696 CVE-2016-4998 CVE-2016-3841
                   CVE-2016-0823 CVE-2015-8956 CVE-2015-7513
                   CVE-2013-4312  

Reference:         ASB-2016.0103
                   ASB-2016.0017
                   ESB-2016.2691
                   ESB-2016.2095

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2016/suse-su-20162976-1.html

- --------------------------BEGIN INCLUDED TEXT--------------------

   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2016:2976-1
Rating:             important
References:         #1000189 #1001419 #1002165 #1003077 #1003344 
                    #1003568 #1003677 #1003866 #1003925 #1004517 
                    #1004520 #1005857 #1005896 #1005903 #1006917 
                    #1006919 #1007944 #763198 #771065 #799133 
                    #803320 #839104 #843236 #860441 #863873 #865783 
                    #871728 #907611 #908458 #908684 #909077 #909350 
                    #909484 #909618 #909994 #911687 #915183 #920016 
                    #922634 #922947 #928138 #929141 #934760 #951392 
                    #956514 #960689 #963655 #967716 #968010 #968014 
                    #971975 #971989 #973203 #974620 #976867 #977687 
                    #979514 #979595 #979681 #980371 #982218 #982783 
                    #983535 #983619 #984102 #984194 #984992 #985206 
                    #986337 #986362 #986365 #986445 #987565 #988440 
                    #989152 #989261 #989764 #989779 #991608 #991665 
                    #991923 #992566 #993127 #993890 #993891 #994296 
                    #994436 #994618 #994759 #994926 #995968 #996329 
                    #996664 #997708 #998399 #998689 #999584 #999600 
                    #999907 #999932 
Cross-References:   CVE-2013-4312 CVE-2015-7513 CVE-2015-8956
                    CVE-2016-0823 CVE-2016-3841 CVE-2016-4998
                    CVE-2016-5696 CVE-2016-6480 CVE-2016-6828
                    CVE-2016-7042 CVE-2016-7097 CVE-2016-7117
                    CVE-2016-7425
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11-SP4
                    SUSE Linux Enterprise Server 11-SP4
                    SUSE Linux Enterprise Server 11-EXTRA
                    SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________

   An update that solves 13 vulnerabilities and has 87 fixes
   is now available.

Description:



   The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various
   security and bugfixes.

   For the PowerPC64 a new "bigmem" flavor has been added to support big
   Power machines. (FATE#319026)

   The following security bugs were fixed:

   - CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in
     the Linux kernel, when the GNU Compiler Collection (gcc) stack protector
     is enabled, uses an incorrect buffer size for certain timeout data,
     which allowed local users to cause a denial of service (stack memory
     corruption and panic) by reading the /proc/keys file (bnc#1004517).
   - CVE-2016-7097: The filesystem implementation in the Linux kernel
     preserves the setgid bit during a setxattr call, which allowed local
     users to gain group privileges by leveraging the existence of a setgid
     program with restrictions on execute permissions (bnc#995968).
   - CVE-2015-8956: The rfcomm_sock_bind function in
     net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to
     obtain sensitive information or cause a denial of service (NULL pointer
     dereference) via vectors involving a bind system call on a Bluetooth
     RFCOMM socket (bnc#1003925).
   - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg
     function in net/socket.c in the Linux kernel allowed remote attackers to
     execute arbitrary code via vectors involving a recvmmsg system call that
     is mishandled during error processing (bnc#1003077).
   - CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the
     Linux kernel allowed local users to obtain sensitive physical-address
     information by reading a pagemap file, aka Android internal bug 25739721
     (bnc#994759).
   - CVE-2016-7425: The arcmsr_iop_message_xfer function in
     drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a
     certain length field, which allowed local users to gain privileges or
     cause a denial of service (heap-based buffer overflow) via an
     ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932).
   - CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options
     data, which allowed local users to gain privileges or cause a denial of
     service (use-after-free and system crash) via a crafted sendmsg system
     call (bnc#992566).
   - CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in
     the Linux kernel did not properly maintain certain SACK state after a
     failed data copy, which allowed local users to cause a denial of service
     (tcp_xmit_retransmit_queue use-after-free and system crash) via a
     crafted SACK option (bnc#994296).
   - CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly
     determine the rate of challenge ACK segments, which made it easier for
     remote attackers to hijack TCP sessions via a blind in-window attack
     (bnc#989152).
   - CVE-2016-6480: Race condition in the ioctl_send_fib function in
     drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users
     to cause a denial of service (out-of-bounds access or system crash) by
     changing a certain size value, aka a "double fetch" vulnerability
     (bnc#991608).
   - CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the
     netfilter subsystem in the Linux kernel allowed local users to cause a
     denial of service (out-of-bounds read) or possibly obtain sensitive
     information from kernel heap memory by leveraging in-container root
     access to provide a crafted offset value that leads to crossing a
     ruleset blob boundary (bnc#986365).
   - CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the
     PIT counter values during state restoration, which allowed guest OS
     users to cause a denial of service (divide-by-zero error and host OS
     crash) via a zero value, related to the kvm_vm_ioctl_set_pit and
     kvm_vm_ioctl_set_pit2 functions (bnc#960689).
   - CVE-2013-4312: The Linux kernel allowed local users to bypass
     file-descriptor limits and cause a denial of service (memory
     consumption) by sending each descriptor over a UNIX socket before
     closing it, related to net/unix/af_unix.c and net/unix/garbage.c
     (bnc#839104 bsc#922947 bsc#968014).

   The following non-security bugs were fixed:

   - ahci: Order SATA device IDs for codename Lewisburg (fate#319286).
   - ahci: Remove obsolete Intel Lewisburg SATA RAID device IDs (fate#319286).
   - alsa: hda - Add Intel Lewisburg device IDs Audio (fate#319286).
   - arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716).
   - avoid dentry crash triggered by NFS (bsc#984194).
   - bigmem: Add switch to configure bigmem patches (bsc#928138,fate#319026).
   - blktap2: eliminate deadlock potential from shutdown path (bsc#909994).
   - blktap2: eliminate race from deferred work queue handling (bsc#911687).
   - bnx2x: fix lockdep splat (bsc#908684 FATE#317539).
   - bonding: always set recv_probe to bond_arp_rcv in arp monitor
     (bsc#977687).
   - bonding: fix bond_arp_rcv setting and arp validate desync state
     (bsc#977687).
   - btrfs: account for non-CoW'd blocks in btrfs_abort_transaction
     (bsc#983619).
   - btrfs: ensure that file descriptor used with subvol ioctls is a dir
     (bsc#999600).
   - cdc-acm: added sanity checking for probe() (bsc#993891).
   - config.conf: add bigmem flavour on ppc64
   - cpumask, nodemask: implement cpumask/nodemask_pr_args() (bnc1003866).
   - cxgb4: Set VPD size so we can read both VPD structures (bsc#976867).
   - dm space map metadata: fix sm_bootstrap_get_nr_blocks() (FATE#313903).
   - dm thin: fix race condition when destroying thin pool workqueue
     (FATE#313903).
   - drivers: hv: vmbus: avoid scheduling in interrupt context in
     vmbus_initiate_unload() (bnc#986337).
   - drivers: hv: vmbus: avoid wait_for_completion() on crash (bnc#986337).
   - drivers: hv: vmbus: do not loose HVMSG_TIMER_EXPIRED messages
     (bnc#986337).
   - drivers: hv: vmbus: do not send CHANNELMSG_UNLOAD on pre-Win2012R2 hosts
     (bnc#986337).
   - drivers: hv: vmbus: handle various crash scenarios (bnc#986337).
   - drivers: hv: vmbus: remove code duplication in message handling
     (bnc#986337).
   - drivers: hv: vss: run only on supported host versions (bnc#986337).
   - fs/cifs: cifs_get_root shouldn't use path with tree name (bsc#963655,
     bsc#979681).
   - fs/cifs: Compare prepaths when comparing superblocks (bsc#799133).
   - fs/cifs: Fix memory leaks in cifs_do_mount() (bsc#799133).
   - fs/cifs: Fix regression which breaks DFS mounting (bsc#799133).
   - fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
   - fs/cifs: make share unaccessible at root level mountable (bsc#799133).
   - fs/cifs: Move check for prefix path to within cifs_get_root()
     (bsc#799133).
   - fs/select: add vmalloc fallback for select(2) (bsc#1000189).
   - hv: do not lose pending heartbeat vmbus packets (bnc#1006919).
   - i2c: i801: add Intel Lewisburg device IDs (fate#319286).
   - i40e: fix an uninitialized variable bug (bsc#909484 FATE#317397).
   - include/linux/mmdebug.h: should include linux/bug.h (bnc#971975 VM
     performance -- git fixes).
   - increase CONFIG_NR_IRQS 512 -> 2048 reportedly irq error with multiple
     nvme and tg3 in the same machine is resolved by increasing
     CONFIG_NR_IRQS (bsc#998399)
   - introduce SIZE_MAX (bsc#1000189).
   - ipv6: replacing a rt6_info needs to purge possible propagated rt6_infos
     too (bsc#865783).
   - kabi: Import kabi files from 3.0.101-80
   - kabi-fix for flock_owner addition (bsc#998689).
   - kabi, unix: properly account for FDs passed over unix sockets
     (bnc#839104).
   - kaweth: fix firmware download (bsc#993890).
   - kaweth: fix oops upon failed memory allocation (bsc#993890).
   - kvm: x86: only channel 0 of the i8254 is linked to the HPET (bsc#960689).
   - kvm: x86: SYSENTER emulation is broken (bsc#994618).
   - libata: support the ata host which implements a queue depth less than 32
     (bsc#871728)
   - libfc: sanity check cpu number extracted from xid (bsc#988440).
   - lib/vsprintf: implement bitmap printing through '%*pb[l]' (bnc#1003866).
   - lpfc: call lpfc_sli_validate_fcp_iocb() with the hbalock held
     (bsc#951392).
   - bigmem: make bigmem patches configurable (bsc#928138,fate#319026).
   - md: check command validity early in md_ioctl() (bsc#1004520).
   - md: Drop sending a change uevent when stopping (bsc#1003568).
   - md: fix problem when adding device to read-only array with bitmap
     (bnc#771065).
   - md: lockless I/O submission for RAID1 (bsc#982783).
   - md/raid10: always set reshape_safe when initializing reshape_position
     (fate#311379).
   - md/raid10: Fix memory leak when raid10 reshape completes (fate#311379).
   - mm: fix sleeping function warning from __put_anon_vma (bnc#1005857).
   - mm/memory.c: actually remap enough memory (bnc#1005903).
   - mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED
     (VM Functionality, bnc#986445).
   - mm, vmscan: Do not wait for page writeback for GFP_NOFS allocations
     (bnc#763198).
   - Move patches that create ppc64-bigmem to the powerpc section. Add
     comments that outline the procedure and warn the unsuspecting.
   - move the call of __d_drop(anon) into __d_materialise_unique(dentry,
     anon) (bsc#984194).
   - mpt2sas, mpt3sas: Fix panic when aer correct error occurred (bsc#997708).
   - mshyperv: fix recognition of Hyper-V guest crash MSR's (bnc#986337).
   - net: add pfmemalloc check in sk_add_backlog() (bnc#920016).
   - netback: fix flipping mode (bsc#996664).
   - netfilter: ipv4: defrag: set local_df flag on defragmented skb
     (bsc#907611).
   - netvsc: fix incorrect receive checksum offloading (bnc#1006917).
   - nfs4: reset states to use open_stateid when returning delegation
     voluntarily (bsc#1007944).
   - nfs: Do not disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261).
   - nfs: Do not drop directory dentry which is in use (bsc#993127).
   - nfs: Do not write enable new pages while an invalidation is proceeding
     (bsc#999584).
   - nfs: Fix an LOCK/OPEN race when unlinking an open file (bsc#956514).
   - nfs: Fix a regression in the read() syscall (bsc#999584).
   - nfs: Fix races in nfs_revalidate_mapping (bsc#999584).
   - nfs: fix the handling of NFS_INO_INVALID_DATA flag in
     nfs_revalidate_mapping (bsc#999584).
   - nfs: Fix writeback performance issue on cache invalidation (bsc#999584).
   - nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261).
   - nfsv4.1: Fix an NFSv4.1 state renewal regression (bnc#863873).
   - nfsv4: add flock_owner to open context (bnc#998689).
   - nfsv4: change nfs4_do_setattr to take an open_context instead of a
     nfs4_state (bnc#998689).
   - nfsv4: change nfs4_select_rw_stateid to take a lock_context inplace of
     lock_owner (bnc#998689).
   - nfsv4: do not check MAY_WRITE access bit in OPEN (bsc#985206).
   - nfsv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is
     one (bnc#998689).
   - nfsv4: fix broken patch relating to v4 read delegations (bsc#956514,
     bsc#989261, bsc#979595).
   - nfsv4: Fix range checking in __nfs4_get_acl_uncached and
     __nfs4_proc_set_acl (bsc#982218).
   - oom: print nodemask in the oom report (bnc#1003866).
   - pci: Add pci_set_vpd_size() to set VPD size (bsc#976867).
   - pciback: fix conf_space read/write overlap check.
   - pciback: return proper values during BAR sizing.
   - pci_ids: Add PCI device ID functions 3 and 4 for newer F15h models
     (fate#321400).
   - pm / hibernate: Fix rtree_next_node() to avoid walking off list ends
     (bnc#860441).
   - powerpc/64: Fix incorrect return value from __copy_tofrom_user
     (bsc#1005896).
   - powerpc: Add ability to build little endian kernels (bsc#967716).
   - powerpc: add kernel parameter iommu_alloc_quiet (bsc#994926).
   - powerpc: Avoid load of static chain register when calling nested
     functions through a pointer on 64bit (bsc#967716).
   - powerpc: blacklist fixes for unsupported subarchitectures ppc32 only:
     6e0fdf9af216 powerpc: fix typo 'CONFIG_PMAC' obscure hardware:
     f7e9e3583625 powerpc: Fix missing L2 cache size in
     /sys/devices/system/cpu
   - powerpc: Build fix for powerpc KVM (bsc#928138,fate#319026).
   - powerpc: Do not build assembly files with ABIv2 (bsc#967716).
   - powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716).
   - powerpc: dtc is required to build dtb files (bsc#967716).
   - powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716).
   - powerpc: Fix error when cross building TAGS & cscope (bsc#967716).
   - powerpc: Make the vdso32 also build big-endian (bsc#967716).
   - powerpc: Make VSID_BITS* dependency explicit (bsc#928138,fate#319026).
   - powerpc/mm: Add 64TB support (bsc#928138,fate#319026).
   - powerpc/mm: Change the swap encoding in pte (bsc#973203).
   - powerpc/mm: Convert virtual address to vpn (bsc#928138,fate#319026).
   - powerpc/mm: Fix hash computation function (bsc#928138,fate#319026).
   - powerpc/mm: Increase the slice range to 64TB (bsc#928138,fate#319026).
   - powerpc/mm: Make KERN_VIRT_SIZE not dependend on PGTABLE_RANGE
     (bsc#928138,fate#319026).
   - powerpc/mm: Make some of the PGTABLE_RANGE dependency explicit
     (bsc#928138,fate#319026).
   - powerpc/mm: Replace open coded CONTEXT_BITS value
     (bsc#928138,fate#319026).
   - powerpc/mm: Simplify hpte_decode (bsc#928138,fate#319026).
   - powerpc/mm: Update VSID allocation documentation
     (bsc#928138,fate#319026).
   - powerpc/mm: Use 32bit array for slb cache (bsc#928138,fate#319026).
   - powerpc/mm: Use hpt_va to compute virtual address
     (bsc#928138,fate#319026).
   - powerpc/mm: Use the required number of VSID bits in slbmte
     (bsc#928138,fate#319026).
   - powerpc: Move kdump default base address to half RMO size on 64bit
     (bsc#1003344).
   - powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716).
   - powerpc: Remove buggy 9-year-old test for binutils < 2.12.1 (bsc#967716).
   - powerpc: Rename USER_ESID_BITS* to ESID_BITS* (bsc#928138,fate#319026).
   - powerpc: Require gcc 4.0 on 64-bit (bsc#967716).
   - powerpc: Update kernel VSID range (bsc#928138,fate#319026).
   - ppp: defer netns reference release for ppp channel (bsc#980371).
   - qlcnic: fix a timeout loop (bsc#909350 FATE#317546)
   - random32: add prandom_u32_max (bsc#989152).
   - remove problematic preprocessor constructs (bsc#928138,fate#319026).
   - REVERT fs/cifs: fix wrongly prefixed path to root (bsc#963655,
     bsc#979681)
   - rpm/constraints.in: Bump x86 disk space requirement to 20GB Clamav tends
     to run out of space nowadays.
   - rpm/package-descriptions: add -bigmem description
   - s390/cio: fix accidental interrupt enabling during resume (bnc#1003677,
     LTC#147606).
   - s390/dasd: fix hanging device after clear subchannel (bnc#994436,
     LTC#144640).
   - s390/time: LPAR offset handling (bnc#1003677, LTC#146920).
   - s390/time: move PTFF definitions (bnc#1003677, LTC#146920).
   - sata: Adding Intel Lewisburg device IDs for SATA (fate#319286).
   - sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule()
     (bnc#1001419).
   - sched/core: Fix a race between try_to_wake_up() and a woken up task
     (bnc#1002165).
   - sched: Fix possible divide by zero in avg_atom() calculation
     (bsc#996329).
   - scripts/bigmem-generate-ifdef-guard: auto-regen
     patches.suse/ppc64-bigmem-introduce-CONFIG_BIGMEM
   - scripts/bigmem-generate-ifdef-guard: Include this script to regenerate
     patches.suse/ppc64-bigmem-introduce-CONFIG_BIGMEM
   - scripts/bigmem-generate-ifdef-guard: make executable
   - scsi_dh_rdac: retry inquiry for UNIT ATTENTION (bsc#934760).
   - scsi: do not print 'reservation conflict' for TEST UNIT READY
     (bsc#984102).
   - scsi: ibmvfc: add FC Class 3 Error Recovery support (bsc#984992).
   - scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)
   - scsi: ibmvfc: Set READ FCP_XFER_READY DISABLED bit in PRLI (bsc#984992).
   - scsi_scan: Send TEST UNIT READY to LUN0 before LUN scanning
     (bnc#843236,bsc#989779).
   - scsi: zfcp: spin_lock_irqsave() is not nestable (bsc#1003677,LTC#147374).
   - Set CONFIG_DEBUG_INFO=y and CONFIG_DEBUG_INFO_REDUCED=n on all platforms
     The specfile adjusts the config if necessary, but a new version of
     run_oldconfig.sh requires the settings to be present in the repository.
   - sfc: on MC reset, clear PIO buffer linkage in TXQs (bsc#909618
     FATE#317521).
   - sort hyperv patches properly in series.conf
   - sunrpc/cache: drop reference when sunrpc_cache_pipe_upcall() detects a
     race (bnc#803320).
   - tg3: Avoid NULL pointer dereference in tg3_io_error_detected()
     (bsc#908458 FATE#317507).
   - tmpfs: change final i_blocks BUG to WARNING (bsc#991923).
   - tty: Signal SIGHUP before hanging up ldisc (bnc#989764).
   - Update patches.xen/xen3-auto-arch-x86.diff (bsc#929141, a.o.).
   - usb: fix typo in wMaxPacketSize validation (bsc#991665).
   - usb: hub: Fix auto-remount of safely removed or ejected USB-3 devices
     (bsc#922634).
   - usb: hub: Fix unbalanced reference count/memory leak/deadlocks
     (bsc#968010).
   - usb: validate wMaxPacketValue entries in endpoint descriptors
     (bnc#991665).
   - vlan: do not deliver frames for unknown vlans to protocols (bsc#979514).
   - vlan: mask vlan prio bits (bsc#979514).
   - vmxnet3: Wake queue from reset work (bsc#999907).
   - x86, amd_nb: Clarify F15h, model 30h GART and L3 support (fate#321400).
   - x86/asm/traps: Disable tracing and kprobes in fixup_bad_iret and
     sync_regs (bsc#909077).
   - x86/cpu/amd: Set X86_FEATURE_EXTD_APICID for future processors
     (fate#321400).
   - x86/gart: Check for GART support before accessing GART registers
     (fate#321400).
   - x86/MCE/intel: Cleanup CMCI storm logic (bsc#929141).
   - xenbus: inspect the correct type in xenbus_dev_request_and_reply().
   - xen: x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).
   - xfs: Avoid grabbing ilock when file size is not changed (bsc#983535).
   - xfs: Silence warnings in xfs_vm_releasepage() (bnc#915183 bsc#987565).
   - zfcp: close window with unblocked rport during rport gone (bnc#1003677,
     LTC#144310).
   - zfcp: fix D_ID field with actual value on tracing SAN responses
     (bnc#1003677, LTC#144312).
   - zfcp: fix ELS/GS request&response length for hardware data router
     (bnc#1003677, LTC#144308).
   - zfcp: fix payload trace length for SAN request&response (bnc#1003677,
     LTC#144312).
   - zfcp: restore: Dont use 0 to indicate invalid LUN in rec trace
     (bnc#1003677, LTC#144312).
   - zfcp: restore tracing of handle for port and LUN with HBA records
     (bnc#1003677, LTC#144312).
   - zfcp: retain trace level for SCSI and HBA FSF response records
     (bnc#1003677, LTC#144312).
   - zfcp: trace full payload of all SAN records (req,resp,iels)
     (bnc#1003677, LTC#144312).
   - zfcp: trace on request for open and close of WKA port (bnc#1003677,
     LTC#144312).


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11-SP4:

      zypper in -t patch sdksp4-kernel-12869=1

   - SUSE Linux Enterprise Server 11-SP4:

      zypper in -t patch slessp4-kernel-12869=1

   - SUSE Linux Enterprise Server 11-EXTRA:

      zypper in -t patch slexsp3-kernel-12869=1

   - SUSE Linux Enterprise Debuginfo 11-SP4:

      zypper in -t patch dbgsp4-kernel-12869=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch):

      kernel-docs-3.0.101-88.3

   - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      kernel-default-3.0.101-88.1
      kernel-default-base-3.0.101-88.1
      kernel-default-devel-3.0.101-88.1
      kernel-source-3.0.101-88.1
      kernel-syms-3.0.101-88.1
      kernel-trace-3.0.101-88.1
      kernel-trace-base-3.0.101-88.1
      kernel-trace-devel-3.0.101-88.1

   - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64):

      kernel-ec2-3.0.101-88.1
      kernel-ec2-base-3.0.101-88.1
      kernel-ec2-devel-3.0.101-88.1
      kernel-xen-3.0.101-88.1
      kernel-xen-base-3.0.101-88.1
      kernel-xen-devel-3.0.101-88.1

   - SUSE Linux Enterprise Server 11-SP4 (s390x):

      kernel-default-man-3.0.101-88.1

   - SUSE Linux Enterprise Server 11-SP4 (ppc64):

      kernel-bigmem-3.0.101-88.1
      kernel-bigmem-base-3.0.101-88.1
      kernel-bigmem-devel-3.0.101-88.1
      kernel-ppc64-3.0.101-88.1
      kernel-ppc64-base-3.0.101-88.1
      kernel-ppc64-devel-3.0.101-88.1

   - SUSE Linux Enterprise Server 11-SP4 (i586):

      kernel-pae-3.0.101-88.1
      kernel-pae-base-3.0.101-88.1
      kernel-pae-devel-3.0.101-88.1

   - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64):

      kernel-default-extra-3.0.101-88.1

   - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64):

      kernel-xen-extra-3.0.101-88.1

   - SUSE Linux Enterprise Server 11-EXTRA (x86_64):

      kernel-trace-extra-3.0.101-88.1

   - SUSE Linux Enterprise Server 11-EXTRA (ppc64):

      kernel-ppc64-extra-3.0.101-88.1

   - SUSE Linux Enterprise Server 11-EXTRA (i586):

      kernel-pae-extra-3.0.101-88.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      kernel-default-debuginfo-3.0.101-88.1
      kernel-default-debugsource-3.0.101-88.1
      kernel-trace-debuginfo-3.0.101-88.1
      kernel-trace-debugsource-3.0.101-88.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64):

      kernel-default-devel-debuginfo-3.0.101-88.1
      kernel-trace-devel-debuginfo-3.0.101-88.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):

      kernel-ec2-debuginfo-3.0.101-88.1
      kernel-ec2-debugsource-3.0.101-88.1
      kernel-xen-debuginfo-3.0.101-88.1
      kernel-xen-debugsource-3.0.101-88.1
      kernel-xen-devel-debuginfo-3.0.101-88.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64):

      kernel-bigmem-debuginfo-3.0.101-88.1
      kernel-bigmem-debugsource-3.0.101-88.1
      kernel-ppc64-debuginfo-3.0.101-88.1
      kernel-ppc64-debugsource-3.0.101-88.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586):

      kernel-pae-debuginfo-3.0.101-88.1
      kernel-pae-debugsource-3.0.101-88.1
      kernel-pae-devel-debuginfo-3.0.101-88.1


References:

   https://www.suse.com/security/cve/CVE-2013-4312.html
   https://www.suse.com/security/cve/CVE-2015-7513.html
   https://www.suse.com/security/cve/CVE-2015-8956.html
   https://www.suse.com/security/cve/CVE-2016-0823.html
   https://www.suse.com/security/cve/CVE-2016-3841.html
   https://www.suse.com/security/cve/CVE-2016-4998.html
   https://www.suse.com/security/cve/CVE-2016-5696.html
   https://www.suse.com/security/cve/CVE-2016-6480.html
   https://www.suse.com/security/cve/CVE-2016-6828.html
   https://www.suse.com/security/cve/CVE-2016-7042.html
   https://www.suse.com/security/cve/CVE-2016-7097.html
   https://www.suse.com/security/cve/CVE-2016-7117.html
   https://www.suse.com/security/cve/CVE-2016-7425.html
   https://bugzilla.suse.com/1000189
   https://bugzilla.suse.com/1001419
   https://bugzilla.suse.com/1002165
   https://bugzilla.suse.com/1003077
   https://bugzilla.suse.com/1003344
   https://bugzilla.suse.com/1003568
   https://bugzilla.suse.com/1003677
   https://bugzilla.suse.com/1003866
   https://bugzilla.suse.com/1003925
   https://bugzilla.suse.com/1004517
   https://bugzilla.suse.com/1004520
   https://bugzilla.suse.com/1005857
   https://bugzilla.suse.com/1005896
   https://bugzilla.suse.com/1005903
   https://bugzilla.suse.com/1006917
   https://bugzilla.suse.com/1006919
   https://bugzilla.suse.com/1007944
   https://bugzilla.suse.com/763198
   https://bugzilla.suse.com/771065
   https://bugzilla.suse.com/799133
   https://bugzilla.suse.com/803320
   https://bugzilla.suse.com/839104
   https://bugzilla.suse.com/843236
   https://bugzilla.suse.com/860441
   https://bugzilla.suse.com/863873
   https://bugzilla.suse.com/865783
   https://bugzilla.suse.com/871728
   https://bugzilla.suse.com/907611
   https://bugzilla.suse.com/908458
   https://bugzilla.suse.com/908684
   https://bugzilla.suse.com/909077
   https://bugzilla.suse.com/909350
   https://bugzilla.suse.com/909484
   https://bugzilla.suse.com/909618
   https://bugzilla.suse.com/909994
   https://bugzilla.suse.com/911687
   https://bugzilla.suse.com/915183
   https://bugzilla.suse.com/920016
   https://bugzilla.suse.com/922634
   https://bugzilla.suse.com/922947
   https://bugzilla.suse.com/928138
   https://bugzilla.suse.com/929141
   https://bugzilla.suse.com/934760
   https://bugzilla.suse.com/951392
   https://bugzilla.suse.com/956514
   https://bugzilla.suse.com/960689
   https://bugzilla.suse.com/963655
   https://bugzilla.suse.com/967716
   https://bugzilla.suse.com/968010
   https://bugzilla.suse.com/968014
   https://bugzilla.suse.com/971975
   https://bugzilla.suse.com/971989
   https://bugzilla.suse.com/973203
   https://bugzilla.suse.com/974620
   https://bugzilla.suse.com/976867
   https://bugzilla.suse.com/977687
   https://bugzilla.suse.com/979514
   https://bugzilla.suse.com/979595
   https://bugzilla.suse.com/979681
   https://bugzilla.suse.com/980371
   https://bugzilla.suse.com/982218
   https://bugzilla.suse.com/982783
   https://bugzilla.suse.com/983535
   https://bugzilla.suse.com/983619
   https://bugzilla.suse.com/984102
   https://bugzilla.suse.com/984194
   https://bugzilla.suse.com/984992
   https://bugzilla.suse.com/985206
   https://bugzilla.suse.com/986337
   https://bugzilla.suse.com/986362
   https://bugzilla.suse.com/986365
   https://bugzilla.suse.com/986445
   https://bugzilla.suse.com/987565
   https://bugzilla.suse.com/988440
   https://bugzilla.suse.com/989152
   https://bugzilla.suse.com/989261
   https://bugzilla.suse.com/989764
   https://bugzilla.suse.com/989779
   https://bugzilla.suse.com/991608
   https://bugzilla.suse.com/991665
   https://bugzilla.suse.com/991923
   https://bugzilla.suse.com/992566
   https://bugzilla.suse.com/993127
   https://bugzilla.suse.com/993890
   https://bugzilla.suse.com/993891
   https://bugzilla.suse.com/994296
   https://bugzilla.suse.com/994436
   https://bugzilla.suse.com/994618
   https://bugzilla.suse.com/994759
   https://bugzilla.suse.com/994926
   https://bugzilla.suse.com/995968
   https://bugzilla.suse.com/996329
   https://bugzilla.suse.com/996664
   https://bugzilla.suse.com/997708
   https://bugzilla.suse.com/998399
   https://bugzilla.suse.com/998689
   https://bugzilla.suse.com/999584
   https://bugzilla.suse.com/999600
   https://bugzilla.suse.com/999907
   https://bugzilla.suse.com/999932

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWEUdrYx+lLeg9Ub1AQiDJA/8CjBPyt5+Xs/2fzxHKP4NDMJ1gQT7WG9a
wH0NM3wMYNCvJyDL5r/d1c0v49vUE/ux/0mUsVOPu+Acnj+cYbATFLGUe3QxMhN6
tmS3tvltpxnaf6lIC9iPn3xS4I/wAuvgJgTdMgdSLsQZhR0apbmOwwLYwMOiP8gi
2gPCkKC1QbvtX36VsTsyVOspnGlZabjqQlWtQmYV6+jRIKv2L7zTjyAdg+TLktuS
oYk/bCdz+K+CdYPlkZ6VSZS7XRAiLGww+xgZ53Q3C9p6m6ZLU4og+nQOD5uL+TCT
grL7yX2982gdb9MgaFZYW8KXNcrVA5iP6rzJog0yq92QV7ZwFo6bIFNuIsiEdLUq
/c0YeIRzlCgo8rQ6XcGRg30zFSlkz5EaQXE17AFSH5YZ/5aVb+pwD8vC06pCWgyW
umZraAit5euDvB7PSU4ZQaoI/dlPQU1oHlonPF7PiRScdKkMcLFx619ECnSikQRG
V4jlJ6JYZKf1j9qaFNdEsOmYRr8hTktYVncVSiT+NPKejNAtTpbxLIoYcrq3zog5
sdlFoa07ZnDAyVLZYilBRwKW0rWNbqBKMeeZ24XIGmK1rL89hgqpsd+YJP1dCBqi
yuATekqGrrmyXsjw9+UqdM0Aw6fqi8wFIUeWWfJIvFaxrvc+MUvfMgEzTLN8HH9R
QecB72VP5qw=
=2y6W
-----END PGP SIGNATURE-----