SUSE-SU-2015:1224-1
- Source
- https://www.suse.com/support/update/announcement/2015/suse-su-20151224-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:1224-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2015:1224-1
- Upstream
- Related
- Published
- 2015-07-31T10:31:13Z
- Modified
- 2025-05-08T17:00:54.272176Z
- Summary
- Security update for the Linux Kernel
- Details
-
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix the following bugs and security issues.
The following security issues have been fixed:
- Update patches.fixes/udp-fix-behavior-of-wrong-checksums.patch (bsc#936831, CVE-2015-5364, CVE-2015-5366).
- Btrfs: make xattr replace operations atomic (bnc#923908, CVE-2014-9710).
- udp: fix behavior of wrong checksums (bsc#936831, CVE-2015-5364, CVE-2015-5366).
- vfs: read filehandle only once in handleto_path (bsc#915517, CVE-2015-1420).
- x86: bpf_jit: fix compilation of large bpf programs (bnc#935705,CVE-2015-4700).
- udf: Check length of extended attributes and allocation (bsc#936831, CVE-2015-5364, CVE-2015-5366).
- Update patches.fixes/udf-Check-component-length-before-reading-it.patch (bsc#933904, CVE-2014-9728, CVE-2014-9730).
- Update patches.fixes/udf-Verify-i_size-when-loading-inode.patch (bsc#933904, CVE-2014-9728, CVE-2014-9729).
- Update patches.fixes/udf-Verify-symlink-size-before-loading-it.patch (bsc#933904, CVE-2014-9728).
- Update patches.fixes/udf-Check-path-length-when-reading-symlink.patch (bnc#933896, CVE-2014-9731).
- pipe: fix iov overrun for failed atomic copy (bsc#933429, CVE-2015-1805).
- ipv6: Don't reduce hop limit for an interface (bsc#922583, CVE-2015-2922).
- net: llc: use correct size for sysctl timeout entries (bsc#919007, CVE-2015-2041).
- ipv4: Missing sknullsnodeinit() in pingunhash() (bsc#929525, CVE-2015-3636).
- ipv6: Don't reduce hop limit for an interface (bsc#922583, CVE-2015-2922).
- net: llc: use correct size for sysctl timeout entries (bsc#919007, CVE-2015-2041).
- ipv4: Missing sknullsnodeinit() in pingunhash() (bsc#929525, CVE-2015-3636).
The following non-security issues have been fixed:
- mlx4: Check for assigned VFs before disabling SR-IOV (bsc#927355).
- ixgbe: Use pcivfsassigned instead of ixgbevfsare_assigned (bsc#927355).
- pci: Add SRIOV helper function to determine if VFs are assigned to guest (bsc#927355).
- net/mlx4_core: Don't disable SRIOV if there are active VFs (bsc#927355).
- udf: Remove repeated loads blocksize (bsc#933907).
- Refresh patches.fixes/deal-with-deadlock-in-dwalk-fix.patch. based on 3.2 stable fix 20defcec264c ('dcache: Fix locking bugs in backported 'deal with deadlock in dwalk()''). Not harmfull for regular SLES kernels but RT or PREEMPT kernels would see disbalance.
- sched: Fix potential near-infinite distributecfsruntime() loop (bnc#930786)
- tty: Correct tty buffer flush (bnc#929647).
- tty: hold lock across tty buffer finding and buffer filling (bnc#929647).
- References
-
- https://www.suse.com/support/update/announcement/2015/suse-su-20151224-1/
- https://bugzilla.suse.com/915517
- https://bugzilla.suse.com/919007
- https://bugzilla.suse.com/922583
- https://bugzilla.suse.com/923908
- https://bugzilla.suse.com/927355
- https://bugzilla.suse.com/929525
- https://bugzilla.suse.com/929647
- https://bugzilla.suse.com/930786
- https://bugzilla.suse.com/933429
- https://bugzilla.suse.com/933896
- https://bugzilla.suse.com/933904
- https://bugzilla.suse.com/933907
- https://bugzilla.suse.com/935705
- https://bugzilla.suse.com/936831
- https://www.suse.com/security/cve/CVE-2014-9710
- https://www.suse.com/security/cve/CVE-2014-9728
- https://www.suse.com/security/cve/CVE-2014-9729
- https://www.suse.com/security/cve/CVE-2014-9730
- https://www.suse.com/security/cve/CVE-2014-9731
- https://www.suse.com/security/cve/CVE-2015-1420
- https://www.suse.com/security/cve/CVE-2015-1805
- https://www.suse.com/security/cve/CVE-2015-2041
- https://www.suse.com/security/cve/CVE-2015-2922
- https://www.suse.com/security/cve/CVE-2015-3636
- https://www.suse.com/security/cve/CVE-2015-4700
- https://www.suse.com/security/cve/CVE-2015-5364
- https://www.suse.com/security/cve/CVE-2015-5366
Affected packages
SUSE:Linux Enterprise Server 11 SP3-TERADATA
kernel-default
Package
- Name
- kernel-default
- Purl
- pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-0.63.TDC.1
Ecosystem specific
{
"binaries": [
{
"kernel-xen-devel": "3.0.101-0.63.TDC.1",
"kernel-xen": "3.0.101-0.63.TDC.1",
"kernel-trace": "3.0.101-0.63.TDC.1",
"kernel-syms": "3.0.101-0.63.TDC.1",
"kernel-trace-devel": "3.0.101-0.63.TDC.1",
"kernel-default-devel": "3.0.101-0.63.TDC.1",
"kernel-xen-base": "3.0.101-0.63.TDC.1",
"kernel-source": "3.0.101-0.63.TDC.1",
"kernel-default": "3.0.101-0.63.TDC.1",
"kernel-trace-base": "3.0.101-0.63.TDC.1",
"kernel-default-base": "3.0.101-0.63.TDC.1"
}
]
}kernel-source
Package
- Name
- kernel-source
- Purl
- pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-0.63.TDC.1
Ecosystem specific
{
"binaries": [
{
"kernel-xen-devel": "3.0.101-0.63.TDC.1",
"kernel-xen": "3.0.101-0.63.TDC.1",
"kernel-trace": "3.0.101-0.63.TDC.1",
"kernel-syms": "3.0.101-0.63.TDC.1",
"kernel-trace-devel": "3.0.101-0.63.TDC.1",
"kernel-default-devel": "3.0.101-0.63.TDC.1",
"kernel-xen-base": "3.0.101-0.63.TDC.1",
"kernel-source": "3.0.101-0.63.TDC.1",
"kernel-default": "3.0.101-0.63.TDC.1",
"kernel-trace-base": "3.0.101-0.63.TDC.1",
"kernel-default-base": "3.0.101-0.63.TDC.1"
}
]
}kernel-syms
Package
- Name
- kernel-syms
- Purl
- pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-0.63.TDC.1
Ecosystem specific
{
"binaries": [
{
"kernel-xen-devel": "3.0.101-0.63.TDC.1",
"kernel-xen": "3.0.101-0.63.TDC.1",
"kernel-trace": "3.0.101-0.63.TDC.1",
"kernel-syms": "3.0.101-0.63.TDC.1",
"kernel-trace-devel": "3.0.101-0.63.TDC.1",
"kernel-default-devel": "3.0.101-0.63.TDC.1",
"kernel-xen-base": "3.0.101-0.63.TDC.1",
"kernel-source": "3.0.101-0.63.TDC.1",
"kernel-default": "3.0.101-0.63.TDC.1",
"kernel-trace-base": "3.0.101-0.63.TDC.1",
"kernel-default-base": "3.0.101-0.63.TDC.1"
}
]
}kernel-trace
Package
- Name
- kernel-trace
- Purl
- pkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-0.63.TDC.1
Ecosystem specific
{
"binaries": [
{
"kernel-xen-devel": "3.0.101-0.63.TDC.1",
"kernel-xen": "3.0.101-0.63.TDC.1",
"kernel-trace": "3.0.101-0.63.TDC.1",
"kernel-syms": "3.0.101-0.63.TDC.1",
"kernel-trace-devel": "3.0.101-0.63.TDC.1",
"kernel-default-devel": "3.0.101-0.63.TDC.1",
"kernel-xen-base": "3.0.101-0.63.TDC.1",
"kernel-source": "3.0.101-0.63.TDC.1",
"kernel-default": "3.0.101-0.63.TDC.1",
"kernel-trace-base": "3.0.101-0.63.TDC.1",
"kernel-default-base": "3.0.101-0.63.TDC.1"
}
]
}kernel-xen
Package
- Name
- kernel-xen
- Purl
- pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-0.63.TDC.1
Ecosystem specific
{
"binaries": [
{
"kernel-xen-devel": "3.0.101-0.63.TDC.1",
"kernel-xen": "3.0.101-0.63.TDC.1",
"kernel-trace": "3.0.101-0.63.TDC.1",
"kernel-syms": "3.0.101-0.63.TDC.1",
"kernel-trace-devel": "3.0.101-0.63.TDC.1",
"kernel-default-devel": "3.0.101-0.63.TDC.1",
"kernel-xen-base": "3.0.101-0.63.TDC.1",
"kernel-source": "3.0.101-0.63.TDC.1",
"kernel-default": "3.0.101-0.63.TDC.1",
"kernel-trace-base": "3.0.101-0.63.TDC.1",
"kernel-default-base": "3.0.101-0.63.TDC.1"
}
]
}