SUSE-SU-2015:1224-1

Source
https://www.suse.com/support/update/announcement/2015/suse-su-20151224-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:1224-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2015:1224-1
Related
Published
2015-07-31T10:31:13Z
Modified
2015-07-31T10:31:13Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix the following bugs and security issues.

The following security issues have been fixed:

  • Update patches.fixes/udp-fix-behavior-of-wrong-checksums.patch (bsc#936831, CVE-2015-5364, CVE-2015-5366).
  • Btrfs: make xattr replace operations atomic (bnc#923908, CVE-2014-9710).
  • udp: fix behavior of wrong checksums (bsc#936831, CVE-2015-5364, CVE-2015-5366).
  • vfs: read filehandle only once in handleto_path (bsc#915517, CVE-2015-1420).
  • x86: bpf_jit: fix compilation of large bpf programs (bnc#935705,CVE-2015-4700).
  • udf: Check length of extended attributes and allocation (bsc#936831, CVE-2015-5364, CVE-2015-5366).
  • Update patches.fixes/udf-Check-component-length-before-reading-it.patch (bsc#933904, CVE-2014-9728, CVE-2014-9730).
  • Update patches.fixes/udf-Verify-i_size-when-loading-inode.patch (bsc#933904, CVE-2014-9728, CVE-2014-9729).
  • Update patches.fixes/udf-Verify-symlink-size-before-loading-it.patch (bsc#933904, CVE-2014-9728).
  • Update patches.fixes/udf-Check-path-length-when-reading-symlink.patch (bnc#933896, CVE-2014-9731).
  • pipe: fix iov overrun for failed atomic copy (bsc#933429, CVE-2015-1805).
  • ipv6: Don't reduce hop limit for an interface (bsc#922583, CVE-2015-2922).
  • net: llc: use correct size for sysctl timeout entries (bsc#919007, CVE-2015-2041).
  • ipv4: Missing sknullsnodeinit() in pingunhash() (bsc#929525, CVE-2015-3636).
  • ipv6: Don't reduce hop limit for an interface (bsc#922583, CVE-2015-2922).
  • net: llc: use correct size for sysctl timeout entries (bsc#919007, CVE-2015-2041).
  • ipv4: Missing sknullsnodeinit() in pingunhash() (bsc#929525, CVE-2015-3636).

The following non-security issues have been fixed:

  • mlx4: Check for assigned VFs before disabling SR-IOV (bsc#927355).
  • ixgbe: Use pcivfsassigned instead of ixgbevfsare_assigned (bsc#927355).
  • pci: Add SRIOV helper function to determine if VFs are assigned to guest (bsc#927355).
  • net/mlx4_core: Don't disable SRIOV if there are active VFs (bsc#927355).
  • udf: Remove repeated loads blocksize (bsc#933907).
  • Refresh patches.fixes/deal-with-deadlock-in-dwalk-fix.patch. based on 3.2 stable fix 20defcec264c ('dcache: Fix locking bugs in backported 'deal with deadlock in dwalk()''). Not harmfull for regular SLES kernels but RT or PREEMPT kernels would see disbalance.
  • sched: Fix potential near-infinite distributecfsruntime() loop (bnc#930786)
  • tty: Correct tty buffer flush (bnc#929647).
  • tty: hold lock across tty buffer finding and buffer filling (bnc#929647).
References

Affected packages

SUSE:Linux Enterprise Server 11 SP3-TERADATA / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-0.63.TDC.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-0.63.TDC.1",
            "kernel-xen-devel": "3.0.101-0.63.TDC.1",
            "kernel-source": "3.0.101-0.63.TDC.1",
            "kernel-xen-base": "3.0.101-0.63.TDC.1",
            "kernel-default": "3.0.101-0.63.TDC.1",
            "kernel-syms": "3.0.101-0.63.TDC.1",
            "kernel-trace": "3.0.101-0.63.TDC.1",
            "kernel-trace-base": "3.0.101-0.63.TDC.1",
            "kernel-default-devel": "3.0.101-0.63.TDC.1",
            "kernel-trace-devel": "3.0.101-0.63.TDC.1",
            "kernel-xen": "3.0.101-0.63.TDC.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-TERADATA / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-0.63.TDC.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-0.63.TDC.1",
            "kernel-xen-devel": "3.0.101-0.63.TDC.1",
            "kernel-source": "3.0.101-0.63.TDC.1",
            "kernel-xen-base": "3.0.101-0.63.TDC.1",
            "kernel-default": "3.0.101-0.63.TDC.1",
            "kernel-syms": "3.0.101-0.63.TDC.1",
            "kernel-trace": "3.0.101-0.63.TDC.1",
            "kernel-trace-base": "3.0.101-0.63.TDC.1",
            "kernel-default-devel": "3.0.101-0.63.TDC.1",
            "kernel-trace-devel": "3.0.101-0.63.TDC.1",
            "kernel-xen": "3.0.101-0.63.TDC.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-TERADATA / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-0.63.TDC.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-0.63.TDC.1",
            "kernel-xen-devel": "3.0.101-0.63.TDC.1",
            "kernel-source": "3.0.101-0.63.TDC.1",
            "kernel-xen-base": "3.0.101-0.63.TDC.1",
            "kernel-default": "3.0.101-0.63.TDC.1",
            "kernel-syms": "3.0.101-0.63.TDC.1",
            "kernel-trace": "3.0.101-0.63.TDC.1",
            "kernel-trace-base": "3.0.101-0.63.TDC.1",
            "kernel-default-devel": "3.0.101-0.63.TDC.1",
            "kernel-trace-devel": "3.0.101-0.63.TDC.1",
            "kernel-xen": "3.0.101-0.63.TDC.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-TERADATA / kernel-trace

Package

Name
kernel-trace
Purl
pkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-0.63.TDC.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-0.63.TDC.1",
            "kernel-xen-devel": "3.0.101-0.63.TDC.1",
            "kernel-source": "3.0.101-0.63.TDC.1",
            "kernel-xen-base": "3.0.101-0.63.TDC.1",
            "kernel-default": "3.0.101-0.63.TDC.1",
            "kernel-syms": "3.0.101-0.63.TDC.1",
            "kernel-trace": "3.0.101-0.63.TDC.1",
            "kernel-trace-base": "3.0.101-0.63.TDC.1",
            "kernel-default-devel": "3.0.101-0.63.TDC.1",
            "kernel-trace-devel": "3.0.101-0.63.TDC.1",
            "kernel-xen": "3.0.101-0.63.TDC.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-TERADATA / kernel-xen

Package

Name
kernel-xen
Purl
pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101-0.63.TDC.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-base": "3.0.101-0.63.TDC.1",
            "kernel-xen-devel": "3.0.101-0.63.TDC.1",
            "kernel-source": "3.0.101-0.63.TDC.1",
            "kernel-xen-base": "3.0.101-0.63.TDC.1",
            "kernel-default": "3.0.101-0.63.TDC.1",
            "kernel-syms": "3.0.101-0.63.TDC.1",
            "kernel-trace": "3.0.101-0.63.TDC.1",
            "kernel-trace-base": "3.0.101-0.63.TDC.1",
            "kernel-default-devel": "3.0.101-0.63.TDC.1",
            "kernel-trace-devel": "3.0.101-0.63.TDC.1",
            "kernel-xen": "3.0.101-0.63.TDC.1"
        }
    ]
}