SuSE Local Security Checks : SUSE: Security Advisory (SUSE-SU-2016:2475-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.1.4.2016.2475.1

Category: SuSE Local Security Checks

Title: SUSE: Security Advisory (SUSE-SU-2016:2475-1)

Summary: The remote host is missing an update for the 'systemd' package(s) announced via the SUSE-SU-2016:2475-1 advisory.

Description: Summary:
The remote host is missing an update for the 'systemd' package(s) announced via the SUSE-SU-2016:2475-1 advisory.

Vulnerability Insight:
This update for systemd fixes the following security issue:

- CVE-2016-7796: A zero-length message received over systemd's notification socket
could make manager_dispatch_notify_fd() return an error and, as a side effect,
disable the notification handler completely. As the notification socket is
world-writable, this could have allowed a local user to perform a denial-of-service
attack against systemd. (bsc#1001765)

Additionally, the following non-security fixes are included:

- Fix HMAC calculation when appending a data object to journal. (bsc#1000435)
- Never accept file descriptors from file systems with mandatory locking enabled.
(bsc#954374)
- Do not warn about missing install info with 'preset'. (bsc#970293)
- Save /run/systemd/users/UID before starting user@.service. (bsc#996269)
- Make sure that /var/lib/systemd/sysv-convert/database is always initialized.
(bsc#982211)
- Remove daylight saving time handling and tzfile parser. (bsc#990074)
- Make sure directory watch is started before cryptsetup. (bsc#987173)
- Introduce sd_pid_notify() and sd_pid_notifyf() APIs. (bsc#987857)
- Set KillMode=mixed for our daemons that fork worker processes.
- Add nosuid and nodev options to tmp.mount.
- Don't start console-getty.service when /dev/console is missing. (bsc#982251)
- Correct segmentation fault in udev/path_id due to missing NULL check. (bsc#982210)

Affected Software/OS:
'systemd' package(s) on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server for SAP Applications 12.

Solution:
Please install the updated package(s).

CVSS Score:
4.9

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-7796
BugTraq ID: 93250
http://www.securityfocus.com/bid/93250
https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet
http://www.openwall.com/lists/oss-security/2016/09/30/1
RedHat Security Advisories: RHBA-2015:2092
https://rhn.redhat.com/errata/RHBA-2015-2092.html
RedHat Security Advisories: RHSA-2017:0003
http://rhn.redhat.com/errata/RHSA-2017-0003.html
http://www.securitytracker.com/id/1037320
SuSE Security Announcement: SUSE-SU-2016:2475 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00015.html
SuSE Security Announcement: SUSE-SU-2016:2476 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00016.html

Copyright Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.4.2016.2475.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2016:2475-1)
Summary:	The remote host is missing an update for the 'systemd' package(s) announced via the SUSE-SU-2016:2475-1 advisory.
Description:	Summary: The remote host is missing an update for the 'systemd' package(s) announced via the SUSE-SU-2016:2475-1 advisory. Vulnerability Insight: This update for systemd fixes the following security issue: - CVE-2016-7796: A zero-length message received over systemd's notification socket could make manager_dispatch_notify_fd() return an error and, as a side effect, disable the notification handler completely. As the notification socket is world-writable, this could have allowed a local user to perform a denial-of-service attack against systemd. (bsc#1001765) Additionally, the following non-security fixes are included: - Fix HMAC calculation when appending a data object to journal. (bsc#1000435) - Never accept file descriptors from file systems with mandatory locking enabled. (bsc#954374) - Do not warn about missing install info with 'preset'. (bsc#970293) - Save /run/systemd/users/UID before starting user@.service. (bsc#996269) - Make sure that /var/lib/systemd/sysv-convert/database is always initialized. (bsc#982211) - Remove daylight saving time handling and tzfile parser. (bsc#990074) - Make sure directory watch is started before cryptsetup. (bsc#987173) - Introduce sd_pid_notify() and sd_pid_notifyf() APIs. (bsc#987857) - Set KillMode=mixed for our daemons that fork worker processes. - Add nosuid and nodev options to tmp.mount. - Don't start console-getty.service when /dev/console is missing. (bsc#982251) - Correct segmentation fault in udev/path_id due to missing NULL check. (bsc#982210) Affected Software/OS: 'systemd' package(s) on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server for SAP Applications 12. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-7796 BugTraq ID: 93250 http://www.securityfocus.com/bid/93250 https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet http://www.openwall.com/lists/oss-security/2016/09/30/1 RedHat Security Advisories: RHBA-2015:2092 https://rhn.redhat.com/errata/RHBA-2015-2092.html RedHat Security Advisories: RHSA-2017:0003 http://rhn.redhat.com/errata/RHSA-2017-0003.html http://www.securitytracker.com/id/1037320 SuSE Security Announcement: SUSE-SU-2016:2475 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00015.html SuSE Security Announcement: SUSE-SU-2016:2476 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00016.html
Copyright	Copyright (C) 2021 Greenbone AG