openSUSE Security Update : the Linux Kernel (openSUSE-2017-929)

high Nessus Plugin ID 102509

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

The openSUSE Leap 42.2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

- CVE-2017-1000111: Fixed a race condition in net-packet code that could be exploited to cause out-of-bounds memory access (bsc#1052365).

- CVE-2017-1000112: Fixed a race condition in net-packet code that could have been exploited by unprivileged users to gain root access. (bsc#1052311).

- CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994).

The following non-security bugs were fixed :

- IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151).

- bcache: force trigger gc (bsc#1038078).

- bcache: only recovery I/O error for writethrough mode (bsc#1043652).

- block: do not allow updates through sysfs until registration completes (bsc#1047027).

- ibmvnic: Check for transport event on driver resume (bsc#1051556, bsc#1052709).

- ibmvnic: Initialize SCRQ's during login renegotiation (bsc#1052223).

- ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).

- iommu/amd: Fix schedule-while-atomic BUG in initialization code (bsc1052533).

- libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175).

- libnvdimm: fix badblock range handling of ARS range (bsc#1023175).

- qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374).

- scsi_devinfo: fixup string compare (bsc#1037404).

- scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792).

- vfs: fix missing inode_get_dev sites (bsc#1052049).

- x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache() (bsc#1051399).

Solution

Update the affected the Linux Kernel packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1023175

https://bugzilla.opensuse.org/show_bug.cgi?id=1037404

https://bugzilla.opensuse.org/show_bug.cgi?id=1038078

https://bugzilla.opensuse.org/show_bug.cgi?id=1043652

https://bugzilla.opensuse.org/show_bug.cgi?id=1019151

https://bugzilla.opensuse.org/show_bug.cgi?id=1037994

https://bugzilla.opensuse.org/show_bug.cgi?id=1038792

https://bugzilla.opensuse.org/show_bug.cgi?id=1047027

https://bugzilla.opensuse.org/show_bug.cgi?id=1051399

https://bugzilla.opensuse.org/show_bug.cgi?id=1051556

https://bugzilla.opensuse.org/show_bug.cgi?id=1052049

https://bugzilla.opensuse.org/show_bug.cgi?id=1052223

https://bugzilla.opensuse.org/show_bug.cgi?id=1052311

https://bugzilla.opensuse.org/show_bug.cgi?id=1052365

https://bugzilla.opensuse.org/show_bug.cgi?id=1052533

https://bugzilla.opensuse.org/show_bug.cgi?id=1052709

https://bugzilla.opensuse.org/show_bug.cgi?id=1052773

https://bugzilla.opensuse.org/show_bug.cgi?id=1052794

Plugin Details

Severity: High

ID: 102509

File Name: openSUSE-2017-929.nasl

Version: 3.7

Type: local

Agent: unix

Published: 8/16/2017

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-macros, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-base, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-obs-build, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-obs-qa, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, cpe:/o:novell:opensuse:42.2, p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-docs-pdf, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-docs-html

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/15/2017

Vulnerability Publication Date: 5/8/2017

Exploitable With

Core Impact

Metasploit (Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation)

Reference Information

CVE: CVE-2017-1000111, CVE-2017-1000112, CVE-2017-8831