Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2016:2585-1 Final 1 1 2016-10-21T11:53:13Z current 2016-10-21T11:53:13Z 2016-10-21T11:53:13Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 11 SP4 kernel was updated to fix one security issue. This security bug was fixed: - CVE-2016-5195: Local privilege escalation using MAP_PRIVATE. It is reportedly exploited in the wild (bsc#1004418). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp4-kernel-source-12804,slessp4-kernel-source-12804,slexsp3-kernel-source-12804 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2016/suse-su-20162585-1/ Link for SUSE-SU-2016:2585-1 https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html E-Mail link for SUSE-SU-2016:2585-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1004418 SUSE Bug 1004418 https://www.suse.com/security/cve/CVE-2016-5195/ SUSE CVE CVE-2016-5195 page SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 kernel-docs-3.0.101-84.2 kernel-default-3.0.101-84.1 kernel-default-base-3.0.101-84.1 kernel-default-devel-3.0.101-84.1 kernel-default-man-3.0.101-84.1 kernel-ec2-3.0.101-84.1 kernel-ec2-base-3.0.101-84.1 kernel-ec2-devel-3.0.101-84.1 kernel-pae-3.0.101-84.1 kernel-pae-base-3.0.101-84.1 kernel-pae-devel-3.0.101-84.1 kernel-ppc64-3.0.101-84.1 kernel-ppc64-base-3.0.101-84.1 kernel-ppc64-devel-3.0.101-84.1 kernel-source-3.0.101-84.1 kernel-syms-3.0.101-84.1 kernel-trace-3.0.101-84.1 kernel-trace-base-3.0.101-84.1 kernel-trace-devel-3.0.101-84.1 kernel-xen-3.0.101-84.1 kernel-xen-base-3.0.101-84.1 kernel-xen-devel-3.0.101-84.1 kernel-default-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-default-base-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-default-devel-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-default-man-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-ec2-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-ec2-base-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-ec2-devel-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-pae-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-pae-base-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-pae-devel-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-ppc64-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-ppc64-base-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-ppc64-devel-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-source-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-syms-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-trace-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-trace-base-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-trace-devel-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-xen-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-xen-base-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-xen-devel-3.0.101-84.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-default-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-default-base-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-default-devel-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-default-man-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-ec2-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-ec2-base-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-ec2-devel-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-pae-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-pae-base-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-pae-devel-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-ppc64-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-ppc64-base-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-ppc64-devel-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-source-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-syms-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-trace-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-trace-base-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-trace-devel-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-xen-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-xen-base-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-xen-devel-3.0.101-84.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-docs-3.0.101-84.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." CVE-2016-5195 SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-84.1 SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-84.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-84.1 SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-84.2 important 6.6 AV:L/AC:M/Au:S/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162585-1/ https://www.suse.com/security/cve/CVE-2016-5195.html CVE-2016-5195 https://bugzilla.suse.com/1004418 SUSE Bug 1004418 https://bugzilla.suse.com/1004419 SUSE Bug 1004419 https://bugzilla.suse.com/1004436 SUSE Bug 1004436 https://bugzilla.suse.com/1006323 SUSE Bug 1006323 https://bugzilla.suse.com/1006695 SUSE Bug 1006695 https://bugzilla.suse.com/1007291 SUSE Bug 1007291 https://bugzilla.suse.com/1008110 SUSE Bug 1008110 https://bugzilla.suse.com/1030118 SUSE Bug 1030118 https://bugzilla.suse.com/1046453 SUSE Bug 1046453 https://bugzilla.suse.com/1069496 SUSE Bug 1069496 https://bugzilla.suse.com/1149725 SUSE Bug 1149725 https://bugzilla.suse.com/870618 SUSE Bug 870618 https://bugzilla.suse.com/986445 SUSE Bug 986445 https://bugzilla.suse.com/998689 SUSE Bug 998689