Test ID:	1.3.6.1.4.1.25623.1.0.851415
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for kernel (openSUSE-SU-2016:2584-1)
Summary:	The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the referenced advisory. Vulnerability Insight: The openSUSE 13.1 kernel was updated to fix bugs and security issues. The following security bugs were fixed: - CVE-2016-8666: The IP stack in the Linux kernel allowed remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039 (bnc#1001486). - CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed, which is reportedly exploited in the wild (bsc#1004418). The following non-security bugs were fixed: - sched/core: Fix a race between try_to_wake_up() and a woken up task (bsc#1002165, bsc#1001419). - sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule() (bnc#1001419). - tunnels: Do not apply GRO to multiple layers of encapsulation (bsc#1001486). Affected Software/OS: Kernel on openSUSE 13.1 Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5195 BugTraq ID: 93793 http://www.securityfocus.com/bid/93793 Bugtraq: 20161020 [CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability (Google Search) http://www.securityfocus.com/archive/1/539611/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded Bugtraq: 20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege (Google Search) http://www.securityfocus.com/archive/1/540252/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded Bugtraq: 20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege (Google Search) http://www.securityfocus.com/archive/1/540344/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded Bugtraq: 20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege (Google Search) http://www.securityfocus.com/archive/1/540736/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded CERT/CC vulnerability note: VU#243144 https://www.kb.cert.org/vuls/id/243144 Cisco Security Advisory: 20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux Cisco Security Advisory: 20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd Debian Security Information: DSA-3696 (Google Search) http://www.debian.org/security/2016/dsa-3696 https://www.exploit-db.com/exploits/40611/ https://www.exploit-db.com/exploits/40616/ https://www.exploit-db.com/exploits/40839/ https://www.exploit-db.com/exploits/40847/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/ http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html https://dirtycow.ninja https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026 http://www.openwall.com/lists/oss-security/2016/10/21/1 http://www.openwall.com/lists/oss-security/2016/10/26/7 http://www.openwall.com/lists/oss-security/2016/10/27/13 http://www.openwall.com/lists/oss-security/2016/10/30/1 http://www.openwall.com/lists/oss-security/2016/11/03/7 http://www.openwall.com/lists/oss-security/2022/03/07/1 http://www.openwall.com/lists/oss-security/2022/08/08/1 http://www.openwall.com/lists/oss-security/2022/08/08/2 http://www.openwall.com/lists/oss-security/2022/08/08/7 http://www.openwall.com/lists/oss-security/2022/08/08/8 http://www.openwall.com/lists/oss-security/2022/08/09/4 http://www.openwall.com/lists/oss-security/2022/08/15/1 RedHat Security Advisories: RHSA-2016:2098 http://rhn.redhat.com/errata/RHSA-2016-2098.html RedHat Security Advisories: RHSA-2016:2105 http://rhn.redhat.com/errata/RHSA-2016-2105.html RedHat Security Advisories: RHSA-2016:2106 http://rhn.redhat.com/errata/RHSA-2016-2106.html RedHat Security Advisories: RHSA-2016:2107 http://rhn.redhat.com/errata/RHSA-2016-2107.html RedHat Security Advisories: RHSA-2016:2110 http://rhn.redhat.com/errata/RHSA-2016-2110.html RedHat Security Advisories: RHSA-2016:2118 http://rhn.redhat.com/errata/RHSA-2016-2118.html RedHat Security Advisories: RHSA-2016:2120 http://rhn.redhat.com/errata/RHSA-2016-2120.html RedHat Security Advisories: RHSA-2016:2124 http://rhn.redhat.com/errata/RHSA-2016-2124.html RedHat Security Advisories: RHSA-2016:2126 http://rhn.redhat.com/errata/RHSA-2016-2126.html RedHat Security Advisories: RHSA-2016:2127 http://rhn.redhat.com/errata/RHSA-2016-2127.html RedHat Security Advisories: RHSA-2016:2128 http://rhn.redhat.com/errata/RHSA-2016-2128.html RedHat Security Advisories: RHSA-2016:2132 http://rhn.redhat.com/errata/RHSA-2016-2132.html RedHat Security Advisories: RHSA-2016:2133 http://rhn.redhat.com/errata/RHSA-2016-2133.html RedHat Security Advisories: RHSA-2017:0372 https://access.redhat.com/errata/RHSA-2017:0372 http://www.securitytracker.com/id/1037078 SuSE Security Announcement: SUSE-SU-2016:2585 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html SuSE Security Announcement: SUSE-SU-2016:2592 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html SuSE Security Announcement: SUSE-SU-2016:2593 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html SuSE Security Announcement: SUSE-SU-2016:2596 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html SuSE Security Announcement: SUSE-SU-2016:2614 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html SuSE Security Announcement: SUSE-SU-2016:2629 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html SuSE Security Announcement: SUSE-SU-2016:2630 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html SuSE Security Announcement: SUSE-SU-2016:2631 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html SuSE Security Announcement: SUSE-SU-2016:2632 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html SuSE Security Announcement: SUSE-SU-2016:2633 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html SuSE Security Announcement: SUSE-SU-2016:2634 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html SuSE Security Announcement: SUSE-SU-2016:2635 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html SuSE Security Announcement: SUSE-SU-2016:2636 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html SuSE Security Announcement: SUSE-SU-2016:2637 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html SuSE Security Announcement: SUSE-SU-2016:2638 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html SuSE Security Announcement: SUSE-SU-2016:2655 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html SuSE Security Announcement: SUSE-SU-2016:2657 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html SuSE Security Announcement: SUSE-SU-2016:2658 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html SuSE Security Announcement: SUSE-SU-2016:2659 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html SuSE Security Announcement: SUSE-SU-2016:2673 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html SuSE Security Announcement: SUSE-SU-2016:3069 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html SuSE Security Announcement: SUSE-SU-2016:3304 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html SuSE Security Announcement: openSUSE-SU-2016:2583 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html SuSE Security Announcement: openSUSE-SU-2016:2584 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html SuSE Security Announcement: openSUSE-SU-2016:2625 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html SuSE Security Announcement: openSUSE-SU-2016:2649 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html SuSE Security Announcement: openSUSE-SU-2020:0554 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html http://www.ubuntu.com/usn/USN-3104-1 http://www.ubuntu.com/usn/USN-3104-2 http://www.ubuntu.com/usn/USN-3105-1 http://www.ubuntu.com/usn/USN-3105-2 http://www.ubuntu.com/usn/USN-3106-1 http://www.ubuntu.com/usn/USN-3106-2 http://www.ubuntu.com/usn/USN-3106-3 http://www.ubuntu.com/usn/USN-3106-4 http://www.ubuntu.com/usn/USN-3107-1 http://www.ubuntu.com/usn/USN-3107-2 Common Vulnerability Exposure (CVE) ID: CVE-2016-8666 BugTraq ID: 93562 http://www.securityfocus.com/bid/93562 http://www.openwall.com/lists/oss-security/2016/10/13/11 RedHat Security Advisories: RHSA-2016:2047 http://rhn.redhat.com/errata/RHSA-2016-2047.html RedHat Security Advisories: RHSA-2017:0004 http://rhn.redhat.com/errata/RHSA-2017-0004.html Common Vulnerability Exposure (CVE) ID: CVE-2016-7039 BugTraq ID: 93476 http://www.securityfocus.com/bid/93476 http://www.openwall.com/lists/oss-security/2016/10/10/15
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.