Описание
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP 2 kernel was updated to fix two security issues.
The following security bugs were fixed:
- CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604).
- CVE-2016-9794: A use-after-free vulnerability in the ALSA pcm layer allowed local users to cause a denial of service, memory corruption or possibly even to elevate their privileges (bsc#1013533).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
kernel-default-4.4.21-90.1
kernel-default-devel-4.4.21-90.1
kernel-default-extra-4.4.21-90.1
kernel-devel-4.4.21-90.1
kernel-macros-4.4.21-90.1
kernel-source-4.4.21-90.1
kernel-syms-4.4.21-90.1
SUSE Linux Enterprise High Availability Extension 12 SP2
cluster-md-kmp-default-4.4.21-90.1
cluster-network-kmp-default-4.4.21-90.1
dlm-kmp-default-4.4.21-90.1
gfs2-kmp-default-4.4.21-90.1
ocfs2-kmp-default-4.4.21-90.1
SUSE Linux Enterprise Live Patching 12
kgraft-patch-4_4_21-90-default-1-2.3
SUSE Linux Enterprise Server 12 SP2
kernel-default-4.4.21-90.1
kernel-default-base-4.4.21-90.1
kernel-default-devel-4.4.21-90.1
kernel-default-man-4.4.21-90.1
kernel-devel-4.4.21-90.1
kernel-macros-4.4.21-90.1
kernel-source-4.4.21-90.1
kernel-syms-4.4.21-90.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
kernel-default-4.4.21-90.1
kernel-default-base-4.4.21-90.1
kernel-default-devel-4.4.21-90.1
kernel-devel-4.4.21-90.1
kernel-macros-4.4.21-90.1
kernel-source-4.4.21-90.1
kernel-syms-4.4.21-90.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
kernel-default-4.4.21-90.1
kernel-default-base-4.4.21-90.1
kernel-default-devel-4.4.21-90.1
kernel-default-man-4.4.21-90.1
kernel-devel-4.4.21-90.1
kernel-macros-4.4.21-90.1
kernel-source-4.4.21-90.1
kernel-syms-4.4.21-90.1
SUSE Linux Enterprise Software Development Kit 12 SP2
kernel-docs-4.4.21-90.3
kernel-obs-build-4.4.21-90.1
SUSE Linux Enterprise Workstation Extension 12 SP2
kernel-default-extra-4.4.21-90.1
Ссылки
- Link for SUSE-SU-2016:3146-1
- E-Mail link for SUSE-SU-2016:3146-1
- SUSE Security Ratings
- SUSE Bug 1013533
- SUSE Bug 1013604
- SUSE CVE CVE-2016-9576 page
- SUSE CVE CVE-2016-9794 page
Описание
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.21-90.1
SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.21-90.1
SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.21-90.1
SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.21-90.1
Ссылки
- CVE-2016-9576
- SUSE Bug 1013604
- SUSE Bug 1014271
- SUSE Bug 1017710
- SUSE Bug 1019079
- SUSE Bug 1019668
- SUSE Bug 1115893
Описание
Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.21-90.1
SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.21-90.1
SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.21-90.1
SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.21-90.1
Ссылки
- CVE-2016-9794
- SUSE Bug 1013533
- SUSE Bug 1013543
- SUSE Bug 1013604