You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa Linux Kernel

Sigurnosni nedostaci programskog paketa Linux Kernel

by ncert - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LSU

openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2016:3118-1
Rating: important
References: #1013533 #1013604
Cross-References: CVE-2016-9576 CVE-2016-9794
Affected Products:
openSUSE 13.1
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

The openSUSE 13.1 kernel was updated to fix two security issues.

The following security bugs were fixed:

– CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver
allows users with write access to /dev/sg* or /dev/bsg* to elevate their
privileges (bsc#1013604).
– CVE-2016-9794: A use-after-free vulnerability in the ALSA pcm layer
allowed local users to cause a denial of service, memory corruption or
possibly even to elevate their privileges (bsc#1013533).

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE 13.1:

zypper in -t patch openSUSE-2016-1454=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE 13.1 (i586 x86_64):

cloop-2.639-11.40.1
cloop-debuginfo-2.639-11.40.1
cloop-debugsource-2.639-11.40.1
cloop-kmp-default-2.639_k3.12.67_64-11.40.1
cloop-kmp-default-debuginfo-2.639_k3.12.67_64-11.40.1
cloop-kmp-desktop-2.639_k3.12.67_64-11.40.1
cloop-kmp-desktop-debuginfo-2.639_k3.12.67_64-11.40.1
cloop-kmp-xen-2.639_k3.12.67_64-11.40.1
cloop-kmp-xen-debuginfo-2.639_k3.12.67_64-11.40.1
crash-7.0.2-2.40.1
crash-debuginfo-7.0.2-2.40.1
crash-debugsource-7.0.2-2.40.1
crash-devel-7.0.2-2.40.1
crash-doc-7.0.2-2.40.1
crash-eppic-7.0.2-2.40.1
crash-eppic-debuginfo-7.0.2-2.40.1
crash-gcore-7.0.2-2.40.1
crash-gcore-debuginfo-7.0.2-2.40.1
crash-kmp-default-7.0.2_k3.12.67_64-2.40.1
crash-kmp-default-debuginfo-7.0.2_k3.12.67_64-2.40.1
crash-kmp-desktop-7.0.2_k3.12.67_64-2.40.1
crash-kmp-desktop-debuginfo-7.0.2_k3.12.67_64-2.40.1
crash-kmp-xen-7.0.2_k3.12.67_64-2.40.1
crash-kmp-xen-debuginfo-7.0.2_k3.12.67_64-2.40.1
hdjmod-debugsource-1.28-16.40.1
hdjmod-kmp-default-1.28_k3.12.67_64-16.40.1
hdjmod-kmp-default-debuginfo-1.28_k3.12.67_64-16.40.1
hdjmod-kmp-desktop-1.28_k3.12.67_64-16.40.1
hdjmod-kmp-desktop-debuginfo-1.28_k3.12.67_64-16.40.1
hdjmod-kmp-xen-1.28_k3.12.67_64-16.40.1
hdjmod-kmp-xen-debuginfo-1.28_k3.12.67_64-16.40.1
ipset-6.21.1-2.44.1
ipset-debuginfo-6.21.1-2.44.1
ipset-debugsource-6.21.1-2.44.1
ipset-devel-6.21.1-2.44.1
ipset-kmp-default-6.21.1_k3.12.67_64-2.44.1
ipset-kmp-default-debuginfo-6.21.1_k3.12.67_64-2.44.1
ipset-kmp-desktop-6.21.1_k3.12.67_64-2.44.1
ipset-kmp-desktop-debuginfo-6.21.1_k3.12.67_64-2.44.1
ipset-kmp-xen-6.21.1_k3.12.67_64-2.44.1
ipset-kmp-xen-debuginfo-6.21.1_k3.12.67_64-2.44.1
iscsitarget-1.4.20.3-13.40.1
iscsitarget-debuginfo-1.4.20.3-13.40.1
iscsitarget-debugsource-1.4.20.3-13.40.1
iscsitarget-kmp-default-1.4.20.3_k3.12.67_64-13.40.1
iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.12.67_64-13.40.1
iscsitarget-kmp-desktop-1.4.20.3_k3.12.67_64-13.40.1
iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.12.67_64-13.40.1
iscsitarget-kmp-xen-1.4.20.3_k3.12.67_64-13.40.1
iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.12.67_64-13.40.1
kernel-default-3.12.67-64.1
kernel-default-base-3.12.67-64.1
kernel-default-base-debuginfo-3.12.67-64.1
kernel-default-debuginfo-3.12.67-64.1
kernel-default-debugsource-3.12.67-64.1
kernel-default-devel-3.12.67-64.1
kernel-syms-3.12.67-64.1
libipset3-6.21.1-2.44.1
libipset3-debuginfo-6.21.1-2.44.1
ndiswrapper-1.58-41.1
ndiswrapper-debuginfo-1.58-41.1
ndiswrapper-debugsource-1.58-41.1
ndiswrapper-kmp-default-1.58_k3.12.67_64-41.1
ndiswrapper-kmp-default-debuginfo-1.58_k3.12.67_64-41.1
ndiswrapper-kmp-desktop-1.58_k3.12.67_64-41.1
ndiswrapper-kmp-desktop-debuginfo-1.58_k3.12.67_64-41.1
openvswitch-1.11.0-0.47.1
openvswitch-controller-1.11.0-0.47.1
openvswitch-controller-debuginfo-1.11.0-0.47.1
openvswitch-debuginfo-1.11.0-0.47.1
openvswitch-debugsource-1.11.0-0.47.1
openvswitch-kmp-default-1.11.0_k3.12.67_64-0.47.1
openvswitch-kmp-default-debuginfo-1.11.0_k3.12.67_64-0.47.1
openvswitch-kmp-desktop-1.11.0_k3.12.67_64-0.47.1
openvswitch-kmp-desktop-debuginfo-1.11.0_k3.12.67_64-0.47.1
openvswitch-kmp-xen-1.11.0_k3.12.67_64-0.47.1
openvswitch-kmp-xen-debuginfo-1.11.0_k3.12.67_64-0.47.1
openvswitch-pki-1.11.0-0.47.1
openvswitch-switch-1.11.0-0.47.1
openvswitch-switch-debuginfo-1.11.0-0.47.1
openvswitch-test-1.11.0-0.47.1
pcfclock-0.44-258.41.1
pcfclock-debuginfo-0.44-258.41.1
pcfclock-debugsource-0.44-258.41.1
pcfclock-kmp-default-0.44_k3.12.67_64-258.41.1
pcfclock-kmp-default-debuginfo-0.44_k3.12.67_64-258.41.1
pcfclock-kmp-desktop-0.44_k3.12.67_64-258.41.1
pcfclock-kmp-desktop-debuginfo-0.44_k3.12.67_64-258.41.1
python-openvswitch-1.11.0-0.47.1
python-openvswitch-test-1.11.0-0.47.1
python-virtualbox-4.2.36-2.72.1
python-virtualbox-debuginfo-4.2.36-2.72.1
vhba-kmp-debugsource-20130607-2.40.1
vhba-kmp-default-20130607_k3.12.67_64-2.40.1
vhba-kmp-default-debuginfo-20130607_k3.12.67_64-2.40.1
vhba-kmp-desktop-20130607_k3.12.67_64-2.40.1
vhba-kmp-desktop-debuginfo-20130607_k3.12.67_64-2.40.1
vhba-kmp-xen-20130607_k3.12.67_64-2.40.1
vhba-kmp-xen-debuginfo-20130607_k3.12.67_64-2.40.1
virtualbox-4.2.36-2.72.1
virtualbox-debuginfo-4.2.36-2.72.1
virtualbox-debugsource-4.2.36-2.72.1
virtualbox-devel-4.2.36-2.72.1
virtualbox-guest-kmp-default-4.2.36_k3.12.67_64-2.72.1
virtualbox-guest-kmp-default-debuginfo-4.2.36_k3.12.67_64-2.72.1
virtualbox-guest-kmp-desktop-4.2.36_k3.12.67_64-2.72.1
virtualbox-guest-kmp-desktop-debuginfo-4.2.36_k3.12.67_64-2.72.1
virtualbox-guest-tools-4.2.36-2.72.1
virtualbox-guest-tools-debuginfo-4.2.36-2.72.1
virtualbox-guest-x11-4.2.36-2.72.1
virtualbox-guest-x11-debuginfo-4.2.36-2.72.1
virtualbox-host-kmp-default-4.2.36_k3.12.67_64-2.72.1
virtualbox-host-kmp-default-debuginfo-4.2.36_k3.12.67_64-2.72.1
virtualbox-host-kmp-desktop-4.2.36_k3.12.67_64-2.72.1
virtualbox-host-kmp-desktop-debuginfo-4.2.36_k3.12.67_64-2.72.1
virtualbox-qt-4.2.36-2.72.1
virtualbox-qt-debuginfo-4.2.36-2.72.1
virtualbox-websrv-4.2.36-2.72.1
virtualbox-websrv-debuginfo-4.2.36-2.72.1
xen-debugsource-4.3.4_10-73.1
xen-devel-4.3.4_10-73.1
xen-kmp-default-4.3.4_10_k3.12.67_64-73.1
xen-kmp-default-debuginfo-4.3.4_10_k3.12.67_64-73.1
xen-kmp-desktop-4.3.4_10_k3.12.67_64-73.1
xen-kmp-desktop-debuginfo-4.3.4_10_k3.12.67_64-73.1
xen-libs-4.3.4_10-73.1
xen-libs-debuginfo-4.3.4_10-73.1
xen-tools-domU-4.3.4_10-73.1
xen-tools-domU-debuginfo-4.3.4_10-73.1
xtables-addons-2.3-2.39.1
xtables-addons-debuginfo-2.3-2.39.1
xtables-addons-debugsource-2.3-2.39.1
xtables-addons-kmp-default-2.3_k3.12.67_64-2.39.1
xtables-addons-kmp-default-debuginfo-2.3_k3.12.67_64-2.39.1
xtables-addons-kmp-desktop-2.3_k3.12.67_64-2.39.1
xtables-addons-kmp-desktop-debuginfo-2.3_k3.12.67_64-2.39.1
xtables-addons-kmp-xen-2.3_k3.12.67_64-2.39.1
xtables-addons-kmp-xen-debuginfo-2.3_k3.12.67_64-2.39.1

– openSUSE 13.1 (i686 x86_64):

kernel-debug-3.12.67-64.1
kernel-debug-base-3.12.67-64.1
kernel-debug-base-debuginfo-3.12.67-64.1
kernel-debug-debuginfo-3.12.67-64.1
kernel-debug-debugsource-3.12.67-64.1
kernel-debug-devel-3.12.67-64.1
kernel-debug-devel-debuginfo-3.12.67-64.1
kernel-desktop-3.12.67-64.1
kernel-desktop-base-3.12.67-64.1
kernel-desktop-base-debuginfo-3.12.67-64.1
kernel-desktop-debuginfo-3.12.67-64.1
kernel-desktop-debugsource-3.12.67-64.1
kernel-desktop-devel-3.12.67-64.1
kernel-ec2-3.12.67-64.1
kernel-ec2-base-3.12.67-64.1
kernel-ec2-base-debuginfo-3.12.67-64.1
kernel-ec2-debuginfo-3.12.67-64.1
kernel-ec2-debugsource-3.12.67-64.1
kernel-ec2-devel-3.12.67-64.1
kernel-trace-3.12.67-64.1
kernel-trace-base-3.12.67-64.1
kernel-trace-base-debuginfo-3.12.67-64.1
kernel-trace-debuginfo-3.12.67-64.1
kernel-trace-debugsource-3.12.67-64.1
kernel-trace-devel-3.12.67-64.1
kernel-vanilla-3.12.67-64.1
kernel-vanilla-debuginfo-3.12.67-64.1
kernel-vanilla-debugsource-3.12.67-64.1
kernel-vanilla-devel-3.12.67-64.1
kernel-xen-3.12.67-64.1
kernel-xen-base-3.12.67-64.1
kernel-xen-base-debuginfo-3.12.67-64.1
kernel-xen-debuginfo-3.12.67-64.1
kernel-xen-debugsource-3.12.67-64.1
kernel-xen-devel-3.12.67-64.1

– openSUSE 13.1 (x86_64):

xen-4.3.4_10-73.1
xen-doc-html-4.3.4_10-73.1
xen-libs-32bit-4.3.4_10-73.1
xen-libs-debuginfo-32bit-4.3.4_10-73.1
xen-tools-4.3.4_10-73.1
xen-tools-debuginfo-4.3.4_10-73.1
xen-xend-tools-4.3.4_10-73.1
xen-xend-tools-debuginfo-4.3.4_10-73.1

– openSUSE 13.1 (noarch):

kernel-devel-3.12.67-64.1
kernel-docs-3.12.67-64.2
kernel-macros-3.12.67-64.1
kernel-source-3.12.67-64.1
kernel-source-vanilla-3.12.67-64.1
virtualbox-host-source-4.2.36-2.72.1

– openSUSE 13.1 (i686):

kernel-pae-3.12.67-64.1
kernel-pae-base-3.12.67-64.1
kernel-pae-base-debuginfo-3.12.67-64.1
kernel-pae-debuginfo-3.12.67-64.1
kernel-pae-debugsource-3.12.67-64.1
kernel-pae-devel-3.12.67-64.1

– openSUSE 13.1 (i586):

cloop-kmp-pae-2.639_k3.12.67_64-11.40.1
cloop-kmp-pae-debuginfo-2.639_k3.12.67_64-11.40.1
crash-kmp-pae-7.0.2_k3.12.67_64-2.40.1
crash-kmp-pae-debuginfo-7.0.2_k3.12.67_64-2.40.1
hdjmod-kmp-pae-1.28_k3.12.67_64-16.40.1
hdjmod-kmp-pae-debuginfo-1.28_k3.12.67_64-16.40.1
ipset-kmp-pae-6.21.1_k3.12.67_64-2.44.1
ipset-kmp-pae-debuginfo-6.21.1_k3.12.67_64-2.44.1
iscsitarget-kmp-pae-1.4.20.3_k3.12.67_64-13.40.1
iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.12.67_64-13.40.1
ndiswrapper-kmp-pae-1.58_k3.12.67_64-41.1
ndiswrapper-kmp-pae-debuginfo-1.58_k3.12.67_64-41.1
openvswitch-kmp-pae-1.11.0_k3.12.67_64-0.47.1
openvswitch-kmp-pae-debuginfo-1.11.0_k3.12.67_64-0.47.1
pcfclock-kmp-pae-0.44_k3.12.67_64-258.41.1
pcfclock-kmp-pae-debuginfo-0.44_k3.12.67_64-258.41.1
vhba-kmp-pae-20130607_k3.12.67_64-2.40.1
vhba-kmp-pae-debuginfo-20130607_k3.12.67_64-2.40.1
virtualbox-guest-kmp-pae-4.2.36_k3.12.67_64-2.72.1
virtualbox-guest-kmp-pae-debuginfo-4.2.36_k3.12.67_64-2.72.1
virtualbox-host-kmp-pae-4.2.36_k3.12.67_64-2.72.1
virtualbox-host-kmp-pae-debuginfo-4.2.36_k3.12.67_64-2.72.1
xen-kmp-pae-4.3.4_10_k3.12.67_64-73.1
xen-kmp-pae-debuginfo-4.3.4_10_k3.12.67_64-73.1
xtables-addons-kmp-pae-2.3_k3.12.67_64-2.39.1
xtables-addons-kmp-pae-debuginfo-2.3_k3.12.67_64-2.39.1

References:

https://www.suse.com/security/cve/CVE-2016-9576.html
https://www.suse.com/security/cve/CVE-2016-9794.html
https://bugzilla.suse.com/1013533
https://bugzilla.suse.com/1013604


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: SUSE-SU-2016:3146-1
Rating: important
References: #1013533 #1013604
Cross-References: CVE-2016-9576 CVE-2016-9794
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP2
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
SUSE Linux Enterprise Server 12-SP2
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise High Availability 12-SP2
SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

The SUSE Linux Enterprise 12 SP 2 kernel was updated to fix two security
issues.

The following security bugs were fixed:

– CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver
allows users with write access to /dev/sg* or /dev/bsg* to elevate their
privileges (bsc#1013604).
– CVE-2016-9794: A use-after-free vulnerability in the ALSA pcm layer
allowed local users to cause a denial of service, memory corruption or
possibly even to elevate their privileges (bsc#1013533).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Workstation Extension 12-SP2:

zypper in -t patch SUSE-SLE-WE-12-SP2-2016-1815=1

– SUSE Linux Enterprise Software Development Kit 12-SP2:

zypper in -t patch SUSE-SLE-SDK-12-SP2-2016-1815=1

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:

zypper in -t patch SUSE-SLE-RPI-12-SP2-2016-1815=1

– SUSE Linux Enterprise Server 12-SP2:

zypper in -t patch SUSE-SLE-SERVER-12-SP2-2016-1815=1

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1815=1

– SUSE Linux Enterprise High Availability 12-SP2:

zypper in -t patch SUSE-SLE-HA-12-SP2-2016-1815=1

– SUSE Linux Enterprise Desktop 12-SP2:

zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2016-1815=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64):

kernel-default-debuginfo-4.4.21-90.1
kernel-default-debugsource-4.4.21-90.1
kernel-default-extra-4.4.21-90.1
kernel-default-extra-debuginfo-4.4.21-90.1

– SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):

kernel-obs-build-4.4.21-90.1
kernel-obs-build-debugsource-4.4.21-90.1

– SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch):

kernel-docs-4.4.21-90.3

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):

kernel-default-4.4.21-90.1
kernel-default-base-4.4.21-90.1
kernel-default-base-debuginfo-4.4.21-90.1
kernel-default-debuginfo-4.4.21-90.1
kernel-default-debugsource-4.4.21-90.1
kernel-default-devel-4.4.21-90.1
kernel-syms-4.4.21-90.1

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch):

kernel-devel-4.4.21-90.1
kernel-macros-4.4.21-90.1
kernel-source-4.4.21-90.1

– SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64):

kernel-default-4.4.21-90.1
kernel-default-base-4.4.21-90.1
kernel-default-base-debuginfo-4.4.21-90.1
kernel-default-debuginfo-4.4.21-90.1
kernel-default-debugsource-4.4.21-90.1
kernel-default-devel-4.4.21-90.1
kernel-syms-4.4.21-90.1

– SUSE Linux Enterprise Server 12-SP2 (noarch):

kernel-devel-4.4.21-90.1
kernel-macros-4.4.21-90.1
kernel-source-4.4.21-90.1

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_21-90-default-1-2.3

– SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64):

cluster-md-kmp-default-4.4.21-90.1
cluster-md-kmp-default-debuginfo-4.4.21-90.1
cluster-network-kmp-default-4.4.21-90.1
cluster-network-kmp-default-debuginfo-4.4.21-90.1
dlm-kmp-default-4.4.21-90.1
dlm-kmp-default-debuginfo-4.4.21-90.1
gfs2-kmp-default-4.4.21-90.1
gfs2-kmp-default-debuginfo-4.4.21-90.1
kernel-default-debuginfo-4.4.21-90.1
kernel-default-debugsource-4.4.21-90.1
ocfs2-kmp-default-4.4.21-90.1
ocfs2-kmp-default-debuginfo-4.4.21-90.1

– SUSE Linux Enterprise Desktop 12-SP2 (x86_64):

kernel-default-4.4.21-90.1
kernel-default-debuginfo-4.4.21-90.1
kernel-default-debugsource-4.4.21-90.1
kernel-default-devel-4.4.21-90.1
kernel-default-extra-4.4.21-90.1
kernel-default-extra-debuginfo-4.4.21-90.1
kernel-syms-4.4.21-90.1

– SUSE Linux Enterprise Desktop 12-SP2 (noarch):

kernel-devel-4.4.21-90.1
kernel-macros-4.4.21-90.1
kernel-source-4.4.21-90.1

References:

https://www.suse.com/security/cve/CVE-2016-9576.html
https://www.suse.com/security/cve/CVE-2016-9794.html
https://bugzilla.suse.com/1013533
https://bugzilla.suse.com/1013604


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

AutorTomislav Protega
Cert idNCERT-REF-2016-12-0120-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
ncert
Top
More in Preporuke
Nadogradnja za Adobe Flash Player

Adobe je izdao nadogradnju za otklanjanje višestrukih kritičnih ranjivosti programskog paketa Adobe Flash Player. Otkrivene ranjivosti potencijalnim udaljenim napadačima omogućuju...

Close