Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:1008-1 Final 1 1 2016-04-12T07:03:49Z current 2016-04-12T07:03:49Z 2016-04-12T07:03:49Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The openSUSE Leap 42.1 kernel was updated to 4.1.20 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-1339: A memory leak in cuse could be used to exhaust kernel memory. (bsc#969356). - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936 951638). - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440). - CVE-2015-7884: The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel did not initialize a certain structure member, which allowed local users to obtain sensitive information from kernel memory via a crafted application (bnc#951626). - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states 'there is no kernel bug here (bnc#959709). - CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not properly manage the relationship between a lock and a socket, which allowed local users to cause a denial of service (deadlock) via a crafted sctp_accept call. (bsc#961509) - CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel allowed local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov (bnc#963765). - CVE-2015-8787: The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel allowed remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by sending certain IPv4 packets to an incompletely configured interface, a related issue to CVE-2003-1604 (bnc#963931). - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966437). - CVE-2016-0723: Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call (bnc#961500). - CVE-2016-2069: When Linux invalidated a paging structure that is not in use locally, it could, in principle, race against another CPU that is switching to a process that uses the paging structure in question. (bsc#963767) - CVE-2016-2184: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#971125) - CVE-2016-2383: Incorrect branch fixups for eBPF allow arbitrary read of kernel memory. (bsc#966684) - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#966693) The following non-security bugs were fixed: - alsa: hda - Apply clock gate workaround to Skylake, too (bsc#966137). - alsa: hda - disable dynamic clock gating on Broxton before reset (bsc#966137). - alsa: hda - Fix playback noise with 24/32 bit sample size on BXT (bsc#966137). - alsa: seq: Fix double port list deletion (bsc#968018). - alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018). - alsa: timer: Fix race between stop and interrupt (bsc#968018). - alsa: timer: Fix wrong instance passed to slave callbacks (bsc#968018). - arm64: Add workaround for Cavium erratum 27456. - arm64: Backport arm64 patches from SLE12-SP1-ARM - btrfs: teach backref walking about backrefs with underflowed (bsc#966259). - cgroup kabi fix for 4.1.19. - config: Disable CONFIG_DDR. CONFIG_DDR is selected automatically by drivers which need it. - config: Disable MFD_TPS65218 The TPS65218 is a power management IC for 32-bit ARM systems. - config: Modularize NF_REJECT_IPV4/V6 There is no reason why these helper modules should be built-in when the rest of netfilter is built as modules. - config: Update x86 config files: Enable Intel RAPL This driver is useful when power caping is needed. It was enabled in the SLE kernel 2 years ago. - Delete patches.fixes/bridge-module-get-put.patch. As discussed in http://lists.opensuse.org/opensuse-kernel/2015-11/msg00046.html - drm/i915: Fix double unref in intelfb_alloc failure path (boo#962866, boo#966179). - drm/i915: Fix failure paths around initial fbdev allocation (boo#962866, boo#966179). - drm/i915: Pin the ifbdev for the info->system_base GGTT mmapping (boo#962866, boo#966179). - e1000e: Avoid divide by zero error (bsc#965125). - e1000e: fix division by zero on jumbo MTUs (bsc#965125). - e1000e: fix systim issues (bsc#965125). - e1000e: Fix tight loop implementation of systime read algorithm (bsc#965125). - ibmvnic: Fix ibmvnic_capability struct. - intel: Disable Skylake support in intel_idle driver again (boo#969582) This turned out to bring a regression on some machines, unfortunately. It should be addressed in the upstream at first. - intel_idle: allow idle states to be freeze-mode specific (boo#969582). - intel_idle: Skylake Client Support (boo#969582). - intel_idle: Skylake Client Support - updated (boo#969582). - libceph: fix scatterlist last_piece calculation (bsc#963746). - lio: Add LIO clustered RBD backend (fate#318836) - net kabi fixes for 4.1.19. - numa patches updated to v15 - ocfs2: fix dlmglue deadlock issue(bnc#962257) - pci: thunder: Add driver for ThunderX-pass{1,2} on-chip devices - pci: thunder: Add PCIe host driver for ThunderX processors - sd: Optimal I/O size is in bytes, not sectors (boo#961263). - sd: Reject optimal transfer length smaller than page size (boo#961263). - series.conf: move cxgb3 patch to network drivers section The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html E-Mail link for openSUSE-SU-2016:1008-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 kernel-debug-4.1.20-11.1 kernel-debug-base-4.1.20-11.1 kernel-debug-devel-4.1.20-11.1 kernel-default-4.1.20-11.1 kernel-default-base-4.1.20-11.1 kernel-default-devel-4.1.20-11.1 kernel-devel-4.1.20-11.1 kernel-docs-4.1.20-11.3 kernel-docs-html-4.1.20-11.3 kernel-docs-pdf-4.1.20-11.3 kernel-ec2-4.1.20-11.1 kernel-ec2-base-4.1.20-11.1 kernel-ec2-devel-4.1.20-11.1 kernel-macros-4.1.20-11.1 kernel-obs-build-4.1.20-11.2 kernel-obs-qa-4.1.20-11.1 kernel-obs-qa-xen-4.1.20-11.1 kernel-pae-4.1.20-11.1 kernel-pae-base-4.1.20-11.1 kernel-pae-devel-4.1.20-11.1 kernel-pv-4.1.20-11.1 kernel-pv-base-4.1.20-11.1 kernel-pv-devel-4.1.20-11.1 kernel-source-4.1.20-11.1 kernel-source-vanilla-4.1.20-11.1 kernel-syms-4.1.20-11.1 kernel-vanilla-4.1.20-11.1 kernel-vanilla-devel-4.1.20-11.1 kernel-xen-4.1.20-11.1 kernel-xen-base-4.1.20-11.1 kernel-xen-devel-4.1.20-11.1 kernel-debug-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-debug-base-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-debug-devel-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-default-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-default-base-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-default-devel-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-devel-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-docs-4.1.20-11.3 as a component of openSUSE Leap 42.1 kernel-docs-html-4.1.20-11.3 as a component of openSUSE Leap 42.1 kernel-docs-pdf-4.1.20-11.3 as a component of openSUSE Leap 42.1 kernel-ec2-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-ec2-base-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-ec2-devel-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-macros-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-obs-build-4.1.20-11.2 as a component of openSUSE Leap 42.1 kernel-obs-qa-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-obs-qa-xen-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-pae-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-pae-base-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-pae-devel-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-pv-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-pv-base-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-pv-devel-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-source-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-source-vanilla-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-syms-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-vanilla-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-vanilla-devel-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-xen-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-xen-base-4.1.20-11.1 as a component of openSUSE Leap 42.1 kernel-xen-devel-4.1.20-11.1 as a component of openSUSE Leap 42.1 Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times. CVE-2015-1339 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 moderate 4 AV:L/AC:H/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2015-1339.html CVE-2015-1339 https://bugzilla.suse.com/969356 SUSE Bug 969356 The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call. CVE-2015-7799 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 low Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2015-7799.html CVE-2015-7799 https://bugzilla.suse.com/1052256 SUSE Bug 1052256 https://bugzilla.suse.com/949936 SUSE Bug 949936 https://bugzilla.suse.com/951638 SUSE Bug 951638 The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands. CVE-2015-7872 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2015-7872.html CVE-2015-7872 https://bugzilla.suse.com/951440 SUSE Bug 951440 https://bugzilla.suse.com/951542 SUSE Bug 951542 https://bugzilla.suse.com/951638 SUSE Bug 951638 https://bugzilla.suse.com/958463 SUSE Bug 958463 The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application. CVE-2015-7884 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 important 1.7 AV:L/AC:L/Au:S/C:P/I:N/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2015-7884.html CVE-2015-7884 https://bugzilla.suse.com/1126909 SUSE Bug 1126909 https://bugzilla.suse.com/951626 SUSE Bug 951626 https://bugzilla.suse.com/951627 SUSE Bug 951627 The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c. CVE-2015-8104 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2015-8104.html CVE-2015-8104 https://bugzilla.suse.com/953527 SUSE Bug 953527 https://bugzilla.suse.com/954018 SUSE Bug 954018 https://bugzilla.suse.com/954404 SUSE Bug 954404 https://bugzilla.suse.com/954405 SUSE Bug 954405 https://bugzilla.suse.com/962977 SUSE Bug 962977 ** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." CVE-2015-8709 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 moderate 6 AV:L/AC:H/Au:S/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2015-8709.html CVE-2015-8709 https://bugzilla.suse.com/1010933 SUSE Bug 1010933 https://bugzilla.suse.com/959709 SUSE Bug 959709 https://bugzilla.suse.com/960561 SUSE Bug 960561 https://bugzilla.suse.com/960563 SUSE Bug 960563 net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call. CVE-2015-8767 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 low 1.5 AV:L/AC:M/Au:S/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2015-8767.html CVE-2015-8767 https://bugzilla.suse.com/961509 SUSE Bug 961509 The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov. CVE-2015-8785 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 low 1.7 AV:L/AC:L/Au:S/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2015-8785.html CVE-2015-8785 https://bugzilla.suse.com/963765 SUSE Bug 963765 The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by sending certain IPv4 packets to an incompletely configured interface, a related issue to CVE-2003-1604. CVE-2015-8787 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 important 5.4 AV:N/AC:H/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2015-8787.html CVE-2015-8787 https://bugzilla.suse.com/963931 SUSE Bug 963931 drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets. CVE-2015-8812 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 moderate 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2015-8812.html CVE-2015-8812 https://bugzilla.suse.com/966437 SUSE Bug 966437 https://bugzilla.suse.com/966683 SUSE Bug 966683 Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call. CVE-2016-0723 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 moderate 4.4 AV:L/AC:M/Au:S/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2016-0723.html CVE-2016-0723 https://bugzilla.suse.com/961500 SUSE Bug 961500 Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU. CVE-2016-2069 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 low 3.5 AV:L/AC:H/Au:S/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2016-2069.html CVE-2016-2069 https://bugzilla.suse.com/870618 SUSE Bug 870618 https://bugzilla.suse.com/963767 SUSE Bug 963767 The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor. CVE-2016-2184 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2016-2184.html CVE-2016-2184 https://bugzilla.suse.com/971125 SUSE Bug 971125 The adjust_branches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions. CVE-2016-2383 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 important 3.3 AV:L/AC:M/Au:N/C:P/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2016-2383.html CVE-2016-2383 https://bugzilla.suse.com/966684 SUSE Bug 966684 Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor. CVE-2016-2384 openSUSE Leap 42.1:kernel-debug-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-default-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-docs-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-html-4.1.20-11.3 openSUSE Leap 42.1:kernel-docs-pdf-4.1.20-11.3 openSUSE Leap 42.1:kernel-ec2-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-macros-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-build-4.1.20-11.2 openSUSE Leap 42.1:kernel-obs-qa-4.1.20-11.1 openSUSE Leap 42.1:kernel-obs-qa-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-4.1.20-11.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-syms-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-4.1.20-11.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-base-4.1.20-11.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.20-11.1 moderate 6.2 AV:L/AC:H/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html https://www.suse.com/security/cve/CVE-2016-2384.html CVE-2016-2384 https://bugzilla.suse.com/966693 SUSE Bug 966693 https://bugzilla.suse.com/967773 SUSE Bug 967773