Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:0906-1 Final 1 1 2017-04-01T09:50:54Z current 2017-04-01T09:50:54Z 2017-04-01T09:50:54Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel ====================================================================== Still left to do: - Check CVE descriptions. They need to be written in the past tense. They are processed automatically, THERE CAN BE ERRORS IN THERE! - Remove version numbers from the CVE descriptions - Check the capitalization of the subsystems, then sort again - For each CVE: Check the corresponding bug if everything is okay - If you remove CVEs or bugs: Do not forget to change the meta information - Determine which of the bugs after the CVE lines is the right one ====================================================================== The openSUSE Leap 42.1 kernel was updated to 4.1.39 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914). - CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly manages lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178). - CVE-2017-7184: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size data after an XFRM_MSG_NEWAE update, which allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52 (bnc#1030573). - CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565). - CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that a certain destructor exists in required circumstances, which allowed local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls (bnc#1027190). - CVE-2017-6346: Race condition in net/packet/af_packet.c in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that made PACKET_FANOUT setsockopt system calls (bnc#1027189). - CVE-2017-6347: The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel has incorrect expectations about skb data layout, which allowed local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission (bnc#1027179). - CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1025235). - CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722). - CVE-2016-2117: The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel incorrectly enables scatter/gather I/O, which allowed remote attackers to obtain sensitive information from kernel memory by reading packet data (bnc#968697). - CVE-2016-10208: The ext4_fill_super function in fs/ext4/super.c in the Linux kernel did not properly validate meta block groups, which allowed physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image (bnc#1023377). - CVE-2017-2596: The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel improperly emulates the VMXON instruction, which allowed KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references (bnc#1022785). - CVE-2017-2583: The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel improperly emulates a 'MOV SS, NULL selector' instruction, which allowed guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application (bnc#1020602). - CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt (bnc#1019851). The following non-security bugs were fixed: - Fix kABI breakage of musb struct in 4.1.39 (stable 4.1.39). - Revert 'ptrace: Capture the ptracer's creds not PT_PTRACE_CAP' (stable 4.1.39). - ext4: fix fencepost in s_first_meta_bg validation (bsc#1029986). - ext4: validate s_first_meta_bg at mount time (bsc#1023377). - kabi/severities: Ignore x86/kvm kABI changes for 4.1.39 - l2tp: fix address test in __l2tp_ip6_bind_lookup() (bsc#1028415). - l2tp: fix lookup for sockets not bound to a device in l2tp_ip (bsc#1028415). - l2tp: fix racy socket lookup in l2tp_ip and l2tp_ip6 bind() (bsc#1028415). - l2tp: hold socket before dropping lock in l2tp_ip{, 6}_recv() (bsc#1028415). - l2tp: lock socket before checking flags in connect() (bsc#1028415). - mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp (bsc#1030118). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html E-Mail link for openSUSE-SU-2017:0906-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 kernel-debug-4.1.39-53.1 kernel-debug-base-4.1.39-53.1 kernel-debug-devel-4.1.39-53.1 kernel-default-4.1.39-53.1 kernel-default-base-4.1.39-53.1 kernel-default-devel-4.1.39-53.1 kernel-devel-4.1.39-53.1 kernel-docs-4.1.39-53.2 kernel-docs-html-4.1.39-53.2 kernel-docs-pdf-4.1.39-53.2 kernel-ec2-4.1.39-53.1 kernel-ec2-base-4.1.39-53.1 kernel-ec2-devel-4.1.39-53.1 kernel-macros-4.1.39-53.1 kernel-obs-build-4.1.39-53.1 kernel-obs-qa-4.1.39-53.1 kernel-pae-4.1.39-53.1 kernel-pae-base-4.1.39-53.1 kernel-pae-devel-4.1.39-53.1 kernel-pv-4.1.39-53.1 kernel-pv-base-4.1.39-53.1 kernel-pv-devel-4.1.39-53.1 kernel-source-4.1.39-53.1 kernel-source-vanilla-4.1.39-53.1 kernel-syms-4.1.39-53.1 kernel-vanilla-4.1.39-53.1 kernel-vanilla-devel-4.1.39-53.1 kernel-xen-4.1.39-53.1 kernel-xen-base-4.1.39-53.1 kernel-xen-devel-4.1.39-53.1 kernel-debug-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-debug-base-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-debug-devel-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-default-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-default-base-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-default-devel-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-devel-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-docs-4.1.39-53.2 as a component of openSUSE Leap 42.1 kernel-docs-html-4.1.39-53.2 as a component of openSUSE Leap 42.1 kernel-docs-pdf-4.1.39-53.2 as a component of openSUSE Leap 42.1 kernel-ec2-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-ec2-base-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-ec2-devel-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-macros-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-obs-build-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-obs-qa-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-pae-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-pae-base-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-pae-devel-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-pv-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-pv-base-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-pv-devel-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-source-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-source-vanilla-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-syms-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-vanilla-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-vanilla-devel-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-xen-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-xen-base-4.1.39-53.1 as a component of openSUSE Leap 42.1 kernel-xen-devel-4.1.39-53.1 as a component of openSUSE Leap 42.1 Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c. CVE-2016-10200 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate 3.7 AV:L/AC:H/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2016-10200.html CVE-2016-10200 https://bugzilla.suse.com/1027179 SUSE Bug 1027179 https://bugzilla.suse.com/1028415 SUSE Bug 1028415 The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image. CVE-2016-10208 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 important 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2016-10208.html CVE-2016-10208 https://bugzilla.suse.com/1023377 SUSE Bug 1023377 https://bugzilla.suse.com/1087082 SUSE Bug 1087082 The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data. CVE-2016-2117 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2016-2117.html CVE-2016-2117 https://bugzilla.suse.com/1027179 SUSE Bug 1027179 https://bugzilla.suse.com/968697 SUSE Bug 968697 The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application. CVE-2017-2583 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate 5.4 AV:A/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2017-2583.html CVE-2017-2583 https://bugzilla.suse.com/1020602 SUSE Bug 1020602 https://bugzilla.suse.com/1030573 SUSE Bug 1030573 https://bugzilla.suse.com/1087082 SUSE Bug 1087082 arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt. CVE-2017-2584 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate 5.2 AV:A/AC:M/Au:S/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2017-2584.html CVE-2017-2584 https://bugzilla.suse.com/1019851 SUSE Bug 1019851 https://bugzilla.suse.com/1087082 SUSE Bug 1087082 The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references. CVE-2017-2596 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 low 3.8 AV:L/AC:H/Au:S/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2017-2596.html CVE-2017-2596 https://bugzilla.suse.com/1022785 SUSE Bug 1022785 https://bugzilla.suse.com/1027179 SUSE Bug 1027179 Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. CVE-2017-2636 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate 6 AV:L/AC:H/Au:S/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2017-2636.html CVE-2017-2636 https://bugzilla.suse.com/1027565 SUSE Bug 1027565 https://bugzilla.suse.com/1027575 SUSE Bug 1027575 https://bugzilla.suse.com/1028372 SUSE Bug 1028372 The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context. CVE-2017-5669 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate 4.3 AV:L/AC:L/Au:S/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2017-5669.html CVE-2017-5669 https://bugzilla.suse.com/1026914 SUSE Bug 1026914 https://bugzilla.suse.com/1090078 SUSE Bug 1090078 The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag. CVE-2017-6214 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2017-6214.html CVE-2017-6214 https://bugzilla.suse.com/1026722 SUSE Bug 1026722 https://bugzilla.suse.com/1027179 SUSE Bug 1027179 The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls. CVE-2017-6345 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2017-6345.html CVE-2017-6345 https://bugzilla.suse.com/1027179 SUSE Bug 1027179 https://bugzilla.suse.com/1027190 SUSE Bug 1027190 https://bugzilla.suse.com/1087082 SUSE Bug 1087082 Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls. CVE-2017-6346 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate 3.7 AV:L/AC:H/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2017-6346.html CVE-2017-6346 https://bugzilla.suse.com/1027179 SUSE Bug 1027179 https://bugzilla.suse.com/1027189 SUSE Bug 1027189 https://bugzilla.suse.com/1064388 SUSE Bug 1064388 https://bugzilla.suse.com/1064392 SUSE Bug 1064392 The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission. CVE-2017-6347 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate 1.2 AV:L/AC:H/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2017-6347.html CVE-2017-6347 https://bugzilla.suse.com/1027179 SUSE Bug 1027179 The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices. CVE-2017-6348 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2017-6348.html CVE-2017-6348 https://bugzilla.suse.com/1027178 SUSE Bug 1027178 https://bugzilla.suse.com/1087082 SUSE Bug 1087082 net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986. CVE-2017-6353 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2017-6353.html CVE-2017-6353 https://bugzilla.suse.com/1025235 SUSE Bug 1025235 https://bugzilla.suse.com/1027066 SUSE Bug 1027066 The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52. CVE-2017-7184 openSUSE Leap 42.1:kernel-debug-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-debug-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-default-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-docs-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-html-4.1.39-53.2 openSUSE Leap 42.1:kernel-docs-pdf-4.1.39-53.2 openSUSE Leap 42.1:kernel-ec2-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-ec2-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-macros-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-build-4.1.39-53.1 openSUSE Leap 42.1:kernel-obs-qa-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pae-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-pv-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-4.1.39-53.1 openSUSE Leap 42.1:kernel-source-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-syms-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-4.1.39-53.1 openSUSE Leap 42.1:kernel-vanilla-devel-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-base-4.1.39-53.1 openSUSE Leap 42.1:kernel-xen-devel-4.1.39-53.1 moderate 6.6 AV:L/AC:M/Au:S/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00000.html https://www.suse.com/security/cve/CVE-2017-7184.html CVE-2017-7184 https://bugzilla.suse.com/1030573 SUSE Bug 1030573 https://bugzilla.suse.com/1030575 SUSE Bug 1030575