SUSE-SU-2015:0658-1: important: Security Update for Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Apr 2 13:04:53 MDT 2015


   SUSE Security Update: Security Update for Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2015:0658-1
Rating:             important
References:         #898675 #903997 #904242 #909309 #909477 #909684 
                    #910517 #913080 #914818 #915200 #915660 #917830 
                    #918584 #918615 #918620 #918644 #919463 #919719 
                    #919939 #920615 #920805 #920839 #921313 #921527 
                    #921990 #922272 #922275 #922278 #922284 #924460 
                    
Cross-References:   CVE-2015-0777 CVE-2015-2150
Affected Products:
                    SUSE Linux Enterprise Workstation Extension 12
                    SUSE Linux Enterprise Software Development Kit 12
                    SUSE Linux Enterprise Server 12
                    SUSE Linux Enterprise Module for Public Cloud 12
                    SUSE Linux Enterprise Live Patching 12
                    SUSE Linux Enterprise Desktop 12
______________________________________________________________________________

   An update that solves two vulnerabilities and has 28 fixes
   is now available.

Description:


   The SUSE Linux Enterprise Server 12 kernel was updated to 3.12.39 to
   receive various security and bugfixes.

   Following security bugs were fixed:
   - CVE-2015-0777: The XEN usb backend could leak information to the guest
     system due to copying uninitialized memory.

   - CVE-2015-2150: Xen and the Linux kernel did not properly restrict access
     to PCI command registers, which might have allowed local guest users to
     cause a denial of service (non-maskable interrupt and host crash) by
     disabling the (1) memory or (2) I/O decoding for a PCI Express device
     and then accessing the device, which triggers an Unsupported Request
     (UR) response.

   The following non-security bugs were fixed:
   - Added Little Endian support to vtpm module (bsc#918620).
   - Add support for pnfs block layout. Patches not included by default yet
   - ALSA: hda - Fix regression of HD-audio controller fallback modes
     (bsc#921313).
   - btrfs: add missing blk_finish_plug in btrfs_sync_log() (bnc#922284).
   - btrfs: cleanup orphans while looking up default subvolume (bsc#914818).
   - btrfs: do not ignore errors from btrfs_lookup_xattr in do_setxattr
     (bnc#922272).
   - btrfs: fix BUG_ON in btrfs_orphan_add() when delete unused block group
     (bnc#922278).
   - btrfs: fix data loss in the fast fsync path (bnc#922275).
   - btrfs: fix fsync data loss after adding hard link to inode (bnc#922275).
   - cgroup: revert cgroup_mutex removal from idr_remove (bnc#918644).
   - cifs: fix use-after-free bug in find_writable_file (bnc#909477).
   - crypto: rng - RNGs must return 0 in success case (bsc#920805).
   - crypto: testmgr - fix RNG return code enforcement (bsc#920805).
   - exit: Always reap resource stats in __exit_signal() (Time scalability).
   - fork: report pid reservation failure properly (bnc#909684).
   - fsnotify: Fix handling of renames in audit (bnc#915200).
   - HID: hyperv: match wait_for_completion_timeout return type.
   - hv: address compiler warnings for hv_fcopy_daemon.c.
   - hv: address compiler warnings for hv_kvp_daemon.c.
   - hv: check vmbus_device_create() return value in vmbus_process_offer().
   - hv: do not add redundant / in hv_start_fcopy().
   - hv: hv_balloon: Do not post pressure status from interrupt context.
   - hv: hv_balloon: Fix a locking bug in the balloon driver.
   - hv: hv_balloon: Make adjustments in computing the floor.
   - hv: hv_fcopy: drop the obsolete message on transfer failure.
   - hv: kvp_daemon: make IPv6-only-injection work.
   - hv: remove unused bytes_written from kvp_update_file().
   - hv: rename sc_lock to the more generic lock.
   - hv: vmbus: Fix a bug in vmbus_establish_gpadl().
   - hv: vmbus: hv_process_timer_expiration() can be static.
   - hv: vmbus: Implement a clockevent device.
   - hv: vmbus: serialize Offer and Rescind offer.
   - hv: vmbus: Support a vmbus API for efficiently sending page arrays.
   - hv: vmbus: Use get_cpu() to get the current CPU.
   - hyperv: fix sparse warnings.
   - hyperv: Fix the error processing in netvsc_send().
   - hyperv: match wait_for_completion_timeout return type.
   - hyperv: netvsc.c: match wait_for_completion_timeout return type.
   - iommu/vt-d: Fix dmar_domain leak in iommu_attach_device (bsc#924460).
   - kabi, mm: prevent endless growth of anon_vma hierarchy (bnc#904242).
   - kABI: protect linux/namei.h include in procfs.
   - kABI: protect struct hif_scatter_req.
   - kabi/severities: Stop maintaining the kgraft kabi
   - kernel/sched/clock.c: add another clock for use with the soft lockup
     watchdog (bsc#919939).
   - kgr: Allow patches to require an exact kernel version (bnc#920615).
   - KVM: PPC: Book3S HV: ptes are big endian (bsc#920839).
   - mm: convert the rest to new page table lock api (the suse-only cases)
     (fate#315482).
   - mm: fix anon_vma->degree underflow in anon_vma endless growing
     prevention (bnc#904242).
   - mm: fix corner case in anon_vma endless growing prevention (bnc#904242).
   - mm: prevent endless growth of anon_vma hierarchy (bnc#904242).
   - mm: prevent endless growth of anon_vma hierarchy  mm: prevent endless
     growth of anon_vma hierarchy (bnc#904242).
   - mm: vmscan: count only dirty pages as congested (VM Performance,
     bnc#910517).
   - module: Clean up ro/nx after early module load failures (bsc#921990).
   - module: set nx before marking module MODULE_STATE_COMING (bsc#921990).
   - net: add sysfs helpers for netdev_adjacent logic (bnc#915660).
   - net: correct error path in rtnl_newlink() (bnc#915660).
   - net: fix creation adjacent device symlinks (bnc#915660).
   - net: prevent of emerging cross-namespace symlinks (bnc#915660).
   - net: rename sysfs symlinks on device name change (bnc#915660).
   - nfs: cap request size to fit a kmalloced page array (bnc#898675).
   - nfs: commit layouts in fdatasync (bnc#898675).
   - NFSv4.1: Do not trust attributes if a pNFS LAYOUTCOMMIT is outstanding
     (bnc#898675).
   - NFSv4.1: Ensure that the layout recall callback matches layout stateids
     (bnc#898675).
   - NFSv4.1: Ensure that we free existing layout segments if we get a new
     layout (bnc#898675).
   - NFSv4.1: Fix a race in nfs4_write_inode (bnc#898675).
   - NFSv4.1: Fix wraparound issues in pnfs_seqid_is_newer() (bnc#898675).
   - NFSv4.1: Minor optimisation in get_layout_by_fh_locked() (bnc#898675).
   - NFSv4: Do not update the open stateid unless it is newer than the old
     one (bnc#898675).
   - pnfs: add a common GETDEVICELIST implementation (bnc#898675).
   - pnfs: add a nfs4_get_deviceid helper (bnc#898675).
   - pnfs: add flag to force read-modify-write in ->write_begin
     (bnc#898675).
   - pnfs: add return_range method (bnc#898675).
   - pnfs: allow splicing pre-encoded pages into the layoutcommit args
     (bnc#898675).
   - pnfs: avoid using stale stateids after layoutreturn (bnc#898675).
   - pnfs/blocklayout: allocate separate pages for the layoutcommit payload
     (bnc#898675).
   - pnfs/blocklayout: correctly decrement extent length (bnc#898675).
   - pnfs/blocklayout: do not set pages uptodate (bnc#898675).
   - pnfs/blocklayout: Fix a 64-bit division/remainder issue in bl_map_stripe
     (bnc#898675).
   - pnfs/blocklayout: implement the return_range method (bnc#898675).
   - pnfs/blocklayout: improve GETDEVICEINFO error reporting (bnc#898675).
   - pnfs/blocklayout: include vmalloc.h for __vmalloc (bnc#898675).
   - pnfs/blocklayout: in-kernel GETDEVICEINFO XDR parsing (bnc#898675).
   - pnfs/blocklayout: move all rpc_pipefs related code into a single file
     (bnc#898675).
   - pnfs/blocklayout: move extent processing to blocklayout.c (bnc#898675).
   - pnfs/blocklayout: plug block queues (bnc#898675).
   - pnfs/blocklayout: refactor extent processing (bnc#898675).
   - pnfs/blocklayout: reject pnfs blocksize larger than page size
     (bnc#898675).
   - pNFS/blocklayout: Remove a couple of unused variables (bnc#898675).
   - pnfs/blocklayout: remove read-modify-write handling in bl_write_pagelist
     (bnc#898675).
   - pnfs/blocklayout: remove some debugging (bnc#898675).
   - pnfs/blocklayout: return layouts on setattr (bnc#898675).
   - pnfs/blocklayout: rewrite extent tracking (bnc#898675).
   - pnfs/blocklayout: use the device id cache (bnc#898675).
   - pnfs: do not check sequence on new stateids in layoutget (bnc#898675).
   - pnfs: do not pass uninitialized lsegs to ->free_lseg (bnc#898675).
   - pnfs: enable CB_NOTIFY_DEVICEID support (bnc#898675).
   - pnfs: factor GETDEVICEINFO implementations (bnc#898675).
   - pnfs: force a layout commit when encountering busy segments during
     recall (bnc#898675).
   - pnfs: remove GETDEVICELIST implementation (bnc#898675).
   - pnfs: retry after a bad stateid error from layoutget (bnc#898675).
   - powerpc: add running_clock for powerpc to prevent spurious softlockup
     warnings (bsc#919939).
   - powerpc/pseries: Fix endian problems with LE migration (bsc#918584).
   - remove cgroup_mutex around deactivate_super because it might be
     dangerous.
   - rtmutex: Document pi chain walk (mutex scalability).
   - rtmutex: No need to keep task ref for lock owner check (mutex
     scalability).
   - rtmutex: Simplify rtmutex_slowtrylock() (mutex scalability).
   - rtnetlink: fix a memory leak when ->newlink fails (bnc#915660).
   - sched: Change thread_group_cputime() to use for_each_thread() (Time
     scalability).
   - sched: replace INIT_COMPLETION with reinit_completion.
   - sched, time: Atomically increment stime & utime (Time scalability).
   - scsi: storvsc: Always send on the selected outgoing channel.
   - scsi: storvsc: Do not assume that the scatterlist is not chained.
   - scsi: storvsc: Enable clustering.
   - scsi: storvsc: Fix a bug in copy_from_bounce_buffer().
   - scsi: storvsc: Increase the ring buffer size.
   - scsi: storvsc: Retrieve information about the capability of the target.
   - scsi: storvsc: Set the tablesize based on the information given by the
     host.
   - scsi: storvsc: Size the queue depth based on the ringbuffer size.
   - storvsc: fix a bug in storvsc limits.
   - storvsc: force discovery of LUNs that may have been removed.
   - storvsc: force SPC-3 compliance on win8 and win8 r2 hosts.
   - storvsc: in responce to a scan event, scan the host.
   - take read_seqbegin_or_lock() and friends to seqlock.h (Time scalability).
   - tcp: prevent fetching dst twice in early demux code (bnc#903997
     bnc#919719).
   - time, signal: Protect resource use statistics with seqlock -kabi (Time
     scalability).
   - time, signal: Protect resource use statistics with seqlock (Time
     scalability).
   - udp: only allow UFO for packets from SOCK_DGRAM sockets (bnc#909309).
   - Update Xen patches to 3.12.39.
   - virtio: rng: add derating factor for use by hwrng core (bsc#918615).
   - x86, AVX-512: AVX-512 Feature Detection (bsc#921527).
   - x86, AVX-512: Enable AVX-512 States Context Switch (bsc#921527).
   - xenbus: add proper handling of XS_ERROR from Xenbus for transactions.
   - xfs: xfs_alloc_fix_minleft can underflow near ENOSPC (bnc#913080).


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Workstation Extension 12:

      zypper in -t patch SUSE-SLE-WE-12-2015-152=1

   - SUSE Linux Enterprise Software Development Kit 12:

      zypper in -t patch SUSE-SLE-SDK-12-2015-152=1

   - SUSE Linux Enterprise Server 12:

      zypper in -t patch SUSE-SLE-SERVER-12-2015-152=1

   - SUSE Linux Enterprise Module for Public Cloud 12:

      zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-152=1

   - SUSE Linux Enterprise Live Patching 12:

      zypper in -t patch SUSE-SLE-Live-Patching-12-2015-152=1

   - SUSE Linux Enterprise Desktop 12:

      zypper in -t patch SUSE-SLE-DESKTOP-12-2015-152=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Workstation Extension 12 (x86_64):

      kernel-default-debuginfo-3.12.39-47.1
      kernel-default-debugsource-3.12.39-47.1
      kernel-default-extra-3.12.39-47.1
      kernel-default-extra-debuginfo-3.12.39-47.1

   - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):

      kernel-obs-build-3.12.39-47.2
      kernel-obs-build-debugsource-3.12.39-47.2

   - SUSE Linux Enterprise Software Development Kit 12 (noarch):

      kernel-docs-3.12.39-47.3

   - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):

      kernel-default-3.12.39-47.1
      kernel-default-base-3.12.39-47.1
      kernel-default-base-debuginfo-3.12.39-47.1
      kernel-default-debuginfo-3.12.39-47.1
      kernel-default-debugsource-3.12.39-47.1
      kernel-default-devel-3.12.39-47.1
      kernel-syms-3.12.39-47.1

   - SUSE Linux Enterprise Server 12 (x86_64):

      kernel-xen-3.12.39-47.1
      kernel-xen-base-3.12.39-47.1
      kernel-xen-base-debuginfo-3.12.39-47.1
      kernel-xen-debuginfo-3.12.39-47.1
      kernel-xen-debugsource-3.12.39-47.1
      kernel-xen-devel-3.12.39-47.1

   - SUSE Linux Enterprise Server 12 (noarch):

      kernel-devel-3.12.39-47.1
      kernel-macros-3.12.39-47.1
      kernel-source-3.12.39-47.1

   - SUSE Linux Enterprise Server 12 (s390x):

      kernel-default-man-3.12.39-47.1

   - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):

      kernel-ec2-3.12.39-47.1
      kernel-ec2-debuginfo-3.12.39-47.1
      kernel-ec2-debugsource-3.12.39-47.1
      kernel-ec2-devel-3.12.39-47.1
      kernel-ec2-extra-3.12.39-47.1
      kernel-ec2-extra-debuginfo-3.12.39-47.1

   - SUSE Linux Enterprise Live Patching 12 (x86_64):

      kgraft-patch-3_12_39-47-default-1-2.1
      kgraft-patch-3_12_39-47-xen-1-2.1

   - SUSE Linux Enterprise Desktop 12 (x86_64):

      kernel-default-3.12.39-47.1
      kernel-default-debuginfo-3.12.39-47.1
      kernel-default-debugsource-3.12.39-47.1
      kernel-default-devel-3.12.39-47.1
      kernel-default-extra-3.12.39-47.1
      kernel-default-extra-debuginfo-3.12.39-47.1
      kernel-syms-3.12.39-47.1
      kernel-xen-3.12.39-47.1
      kernel-xen-debuginfo-3.12.39-47.1
      kernel-xen-debugsource-3.12.39-47.1
      kernel-xen-devel-3.12.39-47.1

   - SUSE Linux Enterprise Desktop 12 (noarch):

      kernel-devel-3.12.39-47.1
      kernel-macros-3.12.39-47.1
      kernel-source-3.12.39-47.1


References:

   https://www.suse.com/security/cve/CVE-2015-0777.html
   https://www.suse.com/security/cve/CVE-2015-2150.html
   https://bugzilla.suse.com/898675
   https://bugzilla.suse.com/903997
   https://bugzilla.suse.com/904242
   https://bugzilla.suse.com/909309
   https://bugzilla.suse.com/909477
   https://bugzilla.suse.com/909684
   https://bugzilla.suse.com/910517
   https://bugzilla.suse.com/913080
   https://bugzilla.suse.com/914818
   https://bugzilla.suse.com/915200
   https://bugzilla.suse.com/915660
   https://bugzilla.suse.com/917830
   https://bugzilla.suse.com/918584
   https://bugzilla.suse.com/918615
   https://bugzilla.suse.com/918620
   https://bugzilla.suse.com/918644
   https://bugzilla.suse.com/919463
   https://bugzilla.suse.com/919719
   https://bugzilla.suse.com/919939
   https://bugzilla.suse.com/920615
   https://bugzilla.suse.com/920805
   https://bugzilla.suse.com/920839
   https://bugzilla.suse.com/921313
   https://bugzilla.suse.com/921527
   https://bugzilla.suse.com/921990
   https://bugzilla.suse.com/922272
   https://bugzilla.suse.com/922275
   https://bugzilla.suse.com/922278
   https://bugzilla.suse.com/922284
   https://bugzilla.suse.com/924460



More information about the sle-security-updates mailing list