Описание
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP 2 kernel was updated to fix two security issues.
The following security bugs were fixed:
- CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604).
- CVE-2016-9794: A use-after-free vulnerability in the ALSA pcm layer allowed local users to cause a denial of service, memory corruption or possibly even to elevate their privileges (bsc#1013533).
Список пакетов
SUSE Linux Enterprise Server 11 SP2-LTSS
kernel-default-3.0.101-0.7.47.1
kernel-default-base-3.0.101-0.7.47.1
kernel-default-devel-3.0.101-0.7.47.1
kernel-default-man-3.0.101-0.7.47.1
kernel-ec2-3.0.101-0.7.47.1
kernel-ec2-base-3.0.101-0.7.47.1
kernel-ec2-devel-3.0.101-0.7.47.1
kernel-pae-3.0.101-0.7.47.1
kernel-pae-base-3.0.101-0.7.47.1
kernel-pae-devel-3.0.101-0.7.47.1
kernel-source-3.0.101-0.7.47.1
kernel-syms-3.0.101-0.7.47.1
kernel-trace-3.0.101-0.7.47.1
kernel-trace-base-3.0.101-0.7.47.1
kernel-trace-devel-3.0.101-0.7.47.1
kernel-xen-3.0.101-0.7.47.1
kernel-xen-base-3.0.101-0.7.47.1
kernel-xen-devel-3.0.101-0.7.47.1
Ссылки
- Link for SUSE-SU-2016:3252-1
- E-Mail link for SUSE-SU-2016:3252-1
- SUSE Security Ratings
- SUSE Bug 1013533
- SUSE Bug 1013604
- SUSE CVE CVE-2016-9576 page
- SUSE CVE CVE-2016-9794 page
Описание
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.47.1
SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.47.1
SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.47.1
SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.47.1
Ссылки
- CVE-2016-9576
- SUSE Bug 1013604
- SUSE Bug 1014271
- SUSE Bug 1017710
- SUSE Bug 1019079
- SUSE Bug 1019668
- SUSE Bug 1115893
Описание
Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.47.1
SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.47.1
SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.47.1
SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.47.1
Ссылки
- CVE-2016-9794
- SUSE Bug 1013533
- SUSE Bug 1013543
- SUSE Bug 1013604