The SUSE Linux Enterprise 12 kernel was updated to 3.12.67 to receive various security and bugfixes.
The following security bugs were fixed: - CVE-2016-7042: The prockeysshow function in security/keys/proc.c in the Linux kernel used an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bsc#1004517). - CVE-2016-7097: The filesystem implementation in the Linux kernel preserved the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bsc#995968). - CVE-2015-8956: The rfcommsockbind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925). - CVE-2016-5696: net/ipv4/tcpinput.c in the Linux kernel did not properly determine the rate of challenge ACK segments, which made it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack (bnc#989152). - CVE-2016-6130: Race condition in the sclpctlioctlsccb function in drivers/s390/char/sclpctl.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by changing a certain length value, aka a 'double fetch' vulnerability (bnc#987542). - CVE-2016-6327: drivers/infiniband/ulp/srpt/ibsrpt.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORTTASK command to abort a device write operation (bnc#994748). - CVE-2016-6480: Race condition in the ioctlsendfib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a 'double fetch' vulnerability (bnc#991608). - CVE-2016-6828: The tcpchecksendhead function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcpxmitretransmitqueue use-after-free and system crash) via a crafted SACK option (bnc#994296). - CVE-2016-7425: The arcmsriopmessagexfer function in drivers/scsi/arcmsr/arcmsrhba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSRMESSAGEWRITEWQBUFFER control code (bnc#999932). - CVE-2016-8658: Stack-based buffer overflow in the brcmfcfg80211start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket (bnc#1004462). - CVE-2016-8666: The IP stack in the Linux kernel allowed remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039 (bsc#1001486).
The following non-security bugs were fixed:
{ "binaries": [ { "kernel-macros": "3.12.67-60.64.18.1", "kernel-devel": "3.12.67-60.64.18.1", "kernel-xen-devel": "3.12.67-60.64.18.1", "kernel-default": "3.12.67-60.64.18.1", "kernel-source": "3.12.67-60.64.18.1", "kernel-default-extra": "3.12.67-60.64.18.1", "kernel-syms": "3.12.67-60.64.18.1", "kernel-default-devel": "3.12.67-60.64.18.1", "kernel-xen": "3.12.67-60.64.18.1" } ] }
{ "binaries": [ { "kernel-macros": "3.12.67-60.64.18.1", "kernel-devel": "3.12.67-60.64.18.1", "kernel-xen-devel": "3.12.67-60.64.18.1", "kernel-default": "3.12.67-60.64.18.1", "kernel-source": "3.12.67-60.64.18.1", "kernel-default-extra": "3.12.67-60.64.18.1", "kernel-syms": "3.12.67-60.64.18.1", "kernel-default-devel": "3.12.67-60.64.18.1", "kernel-xen": "3.12.67-60.64.18.1" } ] }
{ "binaries": [ { "kernel-macros": "3.12.67-60.64.18.1", "kernel-devel": "3.12.67-60.64.18.1", "kernel-xen-devel": "3.12.67-60.64.18.1", "kernel-default": "3.12.67-60.64.18.1", "kernel-source": "3.12.67-60.64.18.1", "kernel-default-extra": "3.12.67-60.64.18.1", "kernel-syms": "3.12.67-60.64.18.1", "kernel-default-devel": "3.12.67-60.64.18.1", "kernel-xen": "3.12.67-60.64.18.1" } ] }
{ "binaries": [ { "kernel-macros": "3.12.67-60.64.18.1", "kernel-devel": "3.12.67-60.64.18.1", "kernel-xen-devel": "3.12.67-60.64.18.1", "kernel-default": "3.12.67-60.64.18.1", "kernel-source": "3.12.67-60.64.18.1", "kernel-default-extra": "3.12.67-60.64.18.1", "kernel-syms": "3.12.67-60.64.18.1", "kernel-default-devel": "3.12.67-60.64.18.1", "kernel-xen": "3.12.67-60.64.18.1" } ] }
{ "binaries": [ { "kernel-macros": "3.12.67-60.64.18.1", "kernel-devel": "3.12.67-60.64.18.1", "kernel-default-base": "3.12.67-60.64.18.1", "kernel-default-man": "3.12.67-60.64.18.1", "kernel-xen-devel": "3.12.67-60.64.18.1", "kernel-default": "3.12.67-60.64.18.1", "kernel-source": "3.12.67-60.64.18.1", "kernel-xen-base": "3.12.67-60.64.18.1", "kernel-syms": "3.12.67-60.64.18.1", "kernel-default-devel": "3.12.67-60.64.18.1", "kernel-xen": "3.12.67-60.64.18.1" } ] }
{ "binaries": [ { "kernel-macros": "3.12.67-60.64.18.1", "kernel-devel": "3.12.67-60.64.18.1", "kernel-default-base": "3.12.67-60.64.18.1", "kernel-default-man": "3.12.67-60.64.18.1", "kernel-xen-devel": "3.12.67-60.64.18.1", "kernel-default": "3.12.67-60.64.18.1", "kernel-source": "3.12.67-60.64.18.1", "kernel-xen-base": "3.12.67-60.64.18.1", "kernel-syms": "3.12.67-60.64.18.1", "kernel-default-devel": "3.12.67-60.64.18.1", "kernel-xen": "3.12.67-60.64.18.1" } ] }
{ "binaries": [ { "kernel-macros": "3.12.67-60.64.18.1", "kernel-devel": "3.12.67-60.64.18.1", "kernel-default-base": "3.12.67-60.64.18.1", "kernel-default-man": "3.12.67-60.64.18.1", "kernel-xen-devel": "3.12.67-60.64.18.1", "kernel-default": "3.12.67-60.64.18.1", "kernel-source": "3.12.67-60.64.18.1", "kernel-xen-base": "3.12.67-60.64.18.1", "kernel-syms": "3.12.67-60.64.18.1", "kernel-default-devel": "3.12.67-60.64.18.1", "kernel-xen": "3.12.67-60.64.18.1" } ] }
{ "binaries": [ { "kernel-macros": "3.12.67-60.64.18.1", "kernel-devel": "3.12.67-60.64.18.1", "kernel-default-base": "3.12.67-60.64.18.1", "kernel-default-man": "3.12.67-60.64.18.1", "kernel-xen-devel": "3.12.67-60.64.18.1", "kernel-default": "3.12.67-60.64.18.1", "kernel-source": "3.12.67-60.64.18.1", "kernel-xen-base": "3.12.67-60.64.18.1", "kernel-syms": "3.12.67-60.64.18.1", "kernel-default-devel": "3.12.67-60.64.18.1", "kernel-xen": "3.12.67-60.64.18.1" } ] }
{ "binaries": [ { "kernel-macros": "3.12.67-60.64.18.1", "kernel-devel": "3.12.67-60.64.18.1", "kernel-default-base": "3.12.67-60.64.18.1", "kernel-default-man": "3.12.67-60.64.18.1", "kernel-xen-devel": "3.12.67-60.64.18.1", "kernel-default": "3.12.67-60.64.18.1", "kernel-source": "3.12.67-60.64.18.1", "kernel-xen-base": "3.12.67-60.64.18.1", "kernel-syms": "3.12.67-60.64.18.1", "kernel-default-devel": "3.12.67-60.64.18.1", "kernel-xen": "3.12.67-60.64.18.1" } ] }
{ "binaries": [ { "kernel-macros": "3.12.67-60.64.18.1", "kernel-devel": "3.12.67-60.64.18.1", "kernel-default-base": "3.12.67-60.64.18.1", "kernel-default-man": "3.12.67-60.64.18.1", "kernel-xen-devel": "3.12.67-60.64.18.1", "kernel-default": "3.12.67-60.64.18.1", "kernel-source": "3.12.67-60.64.18.1", "kernel-xen-base": "3.12.67-60.64.18.1", "kernel-syms": "3.12.67-60.64.18.1", "kernel-default-devel": "3.12.67-60.64.18.1", "kernel-xen": "3.12.67-60.64.18.1" } ] }
{ "binaries": [ { "kernel-macros": "3.12.67-60.64.18.1", "kernel-devel": "3.12.67-60.64.18.1", "kernel-default-base": "3.12.67-60.64.18.1", "kernel-default-man": "3.12.67-60.64.18.1", "kernel-xen-devel": "3.12.67-60.64.18.1", "kernel-default": "3.12.67-60.64.18.1", "kernel-source": "3.12.67-60.64.18.1", "kernel-xen-base": "3.12.67-60.64.18.1", "kernel-syms": "3.12.67-60.64.18.1", "kernel-default-devel": "3.12.67-60.64.18.1", "kernel-xen": "3.12.67-60.64.18.1" } ] }
{ "binaries": [ { "kernel-macros": "3.12.67-60.64.18.1", "kernel-devel": "3.12.67-60.64.18.1", "kernel-default-base": "3.12.67-60.64.18.1", "kernel-default-man": "3.12.67-60.64.18.1", "kernel-xen-devel": "3.12.67-60.64.18.1", "kernel-default": "3.12.67-60.64.18.1", "kernel-source": "3.12.67-60.64.18.1", "kernel-xen-base": "3.12.67-60.64.18.1", "kernel-syms": "3.12.67-60.64.18.1", "kernel-default-devel": "3.12.67-60.64.18.1", "kernel-xen": "3.12.67-60.64.18.1" } ] }