Live patch for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:1490-1 Final 1 1 2015-08-14T12:59:33Z current 2015-08-14T12:59:33Z 2015-08-14T12:59:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Live patch for the Linux Kernel This update contains a kernel live patch for the 3.12.43-52.6 SUSE Linux Enterprise Server 12 Kernel, fixing following security issues. - CVE-2015-5364/CVE-2015-5366: Two denial of service attacks via a flood of UDP packets with invalid checksums were fixed that could be used by remote attackers to delay execution. (bsc#939276) - CVE-2015-1805: The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel did not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allowed local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an 'I/O vector array overrun.' (bsc#939270) - CVE-2015-4700: A BPF Jit optimization flaw could allow local users to panic the kernel. (bsc#939273) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Live-Patching-12-2015-488 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20151490-1/ Link for SUSE-SU-2015:1490-1 https://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html E-Mail link for SUSE-SU-2015:1490-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/939044 SUSE Bug 939044 https://bugzilla.suse.com/939270 SUSE Bug 939270 https://bugzilla.suse.com/939273 SUSE Bug 939273 https://bugzilla.suse.com/939276 SUSE Bug 939276 https://www.suse.com/security/cve/CVE-2015-1805/ SUSE CVE CVE-2015-1805 page https://www.suse.com/security/cve/CVE-2015-4700/ SUSE CVE CVE-2015-4700 page https://www.suse.com/security/cve/CVE-2015-5364/ SUSE CVE CVE-2015-5364 page https://www.suse.com/security/cve/CVE-2015-5366/ SUSE CVE CVE-2015-5366 page SUSE Linux Enterprise Live Patching 12 kgraft-patch-3_12_43-52_6-default-2-6.1 kgraft-patch-3_12_43-52_6-xen-2-6.1 kgraft-patch-3_12_43-52_6-default-2-6.1 as a component of SUSE Linux Enterprise Live Patching 12 kgraft-patch-3_12_43-52_6-xen-2-6.1 as a component of SUSE Linux Enterprise Live Patching 12 The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun." CVE-2015-1805 SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-2-6.1 SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-2-6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151490-1/ https://www.suse.com/security/cve/CVE-2015-1805.html CVE-2015-1805 https://bugzilla.suse.com/917839 SUSE Bug 917839 https://bugzilla.suse.com/933429 SUSE Bug 933429 https://bugzilla.suse.com/939270 SUSE Bug 939270 https://bugzilla.suse.com/964730 SUSE Bug 964730 https://bugzilla.suse.com/964732 SUSE Bug 964732 The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler. CVE-2015-4700 SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-2-6.1 SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-2-6.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151490-1/ https://www.suse.com/security/cve/CVE-2015-4700.html CVE-2015-4700 https://bugzilla.suse.com/935705 SUSE Bug 935705 https://bugzilla.suse.com/939273 SUSE Bug 939273 The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood. CVE-2015-5364 SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-2-6.1 SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-2-6.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151490-1/ https://www.suse.com/security/cve/CVE-2015-5364.html CVE-2015-5364 https://bugzilla.suse.com/1115893 SUSE Bug 1115893 https://bugzilla.suse.com/781018 SUSE Bug 781018 https://bugzilla.suse.com/936831 SUSE Bug 936831 https://bugzilla.suse.com/939276 SUSE Bug 939276 https://bugzilla.suse.com/945112 SUSE Bug 945112 The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364. CVE-2015-5366 SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-default-2-6.1 SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_43-52_6-xen-2-6.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151490-1/ https://www.suse.com/security/cve/CVE-2015-5366.html CVE-2015-5366 https://bugzilla.suse.com/781018 SUSE Bug 781018 https://bugzilla.suse.com/936831 SUSE Bug 936831 https://bugzilla.suse.com/939276 SUSE Bug 939276 https://bugzilla.suse.com/945112 SUSE Bug 945112