| Beschreibung: | Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.
Vulnerability Insight:
The SUSE Linux Enterprise 12 kernel was updated to 3.12.44 to receive
various security and bugfixes.
These features were added:
- mpt2sas: Added Reply Descriptor Post Queue (RDPQ) Array support
(bsc#854824).
- mpt3sas: Bump mpt3sas driver version to 04.100.00.00 (bsc#854817).
The following security bugs were fixed:
- CVE-2015-1805: iov overrun for failed atomic copy could have lead to DoS
or privilege escalation (bsc#933429).
- CVE-2015-3212: A race condition in the way the Linux kernel handled
lists of associations in SCTP sockets could have lead to list corruption
and kernel panics (bsc#936502).
- CVE-2015-4036: DoS via memory corruption in vhost/scsi driver
(bsc#931988).
- CVE-2015-4167: Linux kernel built with the UDF file
system(CONFIG_UDF_FS) support was vulnerable to a crash. It occurred
while fetching inode information from a corrupted/malicious udf file
system image (bsc#933907).
- CVE-2015-4692: DoS via NULL pointer dereference in kvm_apic_has_events
function (bsc#935542).
- CVE-2015-5364: Remote DoS via flood of UDP packets with invalid
checksums (bsc#936831).
- CVE-2015-5366: Remote DoS of EPOLLET epoll applications via flood of UDP
packets with invalid checksums (bsc#936831).
Security issues already fixed in the previous update but not referenced by
CVE:
- CVE-2014-9728: Kernel built with the UDF file system(CONFIG_UDF_FS)
support were vulnerable to a crash (bsc#933904).
- CVE-2014-9729: Kernel built with the UDF file system(CONFIG_UDF_FS)
support were vulnerable to a crash (bsc#933904).
- CVE-2014-9730: Kernel built with the UDF file system(CONFIG_UDF_FS)
support were vulnerable to a crash (bsc#933904).
- CVE-2014-9731: Kernel built with the UDF file system(CONFIG_UDF_FS)
support were vulnerable to information leakage (bsc#933896).
The following non-security bugs were fixed:
- ALSA: hda - add codec ID for Skylake display audio codec (bsc#936556).
- ALSA: hda/hdmi - apply Haswell fix-ups to Skylake display codec
(bsc#936556).
- ALSA: hda_controller: Separate stream_tag for input and output streams
(bsc#936556).
- ALSA: hda_intel: add AZX_DCAPS_I915_POWERWELL for SKL and BSW
(bsc#936556).
- ALSA: hda_intel: apply the Separate stream_tag for Skylake (bsc#936556).
- ALSA: hda_intel: apply the Separate stream_tag for Sunrise Point
(bsc#936556).
- Btrfs: Handle unaligned length in extent_same (bsc#937609).
- Btrfs: add missing inode item update in fallocate() (bsc#938023).
- Btrfs: check pending chunks when shrinking fs to avoid corruption
...
Description truncated, please see the referenced URL(s) for more information.
Affected Software/OS:
kernel on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12
Solution:
Please install the updated package(s).
CVSS Score:
7.8
CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
