Security Update for Linux Kernel
SUSE Security Update: Security Update for Linux Kernel
The SUSE Linux Enterprise Server 12 kernel was updated to 3.12.39 to
receive various security and bugfixes.
Following security bugs were fixed:
- CVE-2015-0777: The XEN usb backend could leak information to the guest
system due to copying uninitialized memory.
- CVE-2015-2150: Xen and the Linux kernel did not properly restrict access
to PCI command registers, which might have allowed local guest users to
cause a denial of service (non-maskable interrupt and host crash) by
disabling the (1) memory or (2) I/O decoding for a PCI Express device
and then accessing the device, which triggers an Unsupported Request
(UR) response.
The following non-security bugs were fixed:
- Added Little Endian support to vtpm module (bsc#918620).
- Add support for pnfs block layout. Patches not included by default yet
- ALSA: hda - Fix regression of HD-audio controller fallback modes
(bsc#921313).
- btrfs: add missing blk_finish_plug in btrfs_sync_log() (bnc#922284).
- btrfs: cleanup orphans while looking up default subvolume (bsc#914818).
- btrfs: do not ignore errors from btrfs_lookup_xattr in do_setxattr
(bnc#922272).
- btrfs: fix BUG_ON in btrfs_orphan_add() when delete unused block group
(bnc#922278).
- btrfs: fix data loss in the fast fsync path (bnc#922275).
- btrfs: fix fsync data loss after adding hard link to inode (bnc#922275).
- cgroup: revert cgroup_mutex removal from idr_remove (bnc#918644).
- cifs: fix use-after-free bug in find_writable_file (bnc#909477).
- crypto: rng - RNGs must return 0 in success case (bsc#920805).
- crypto: testmgr - fix RNG return code enforcement (bsc#920805).
- exit: Always reap resource stats in __exit_signal() (Time scalability).
- fork: report pid reservation failure properly (bnc#909684).
- fsnotify: Fix handling of renames in audit (bnc#915200).
- HID: hyperv: match wait_for_completion_timeout return type.
- hv: address compiler warnings for hv_fcopy_daemon.c.
- hv: address compiler warnings for hv_kvp_daemon.c.
- hv: check vmbus_device_create() return value in vmbus_process_offer().
- hv: do not add redundant / in hv_start_fcopy().
- hv: hv_balloon: Do not post pressure status from interrupt context.
- hv: hv_balloon: Fix a locking bug in the balloon driver.
- hv: hv_balloon: Make adjustments in computing the floor.
- hv: hv_fcopy: drop the obsolete message on transfer failure.
- hv: kvp_daemon: make IPv6-only-injection work.
- hv: remove unused bytes_written from kvp_update_file().
- hv: rename sc_lock to the more generic lock.
- hv: vmbus: Fix a bug in vmbus_establish_gpadl().
- hv: vmbus: hv_process_timer_expiration() can be static.
- hv: vmbus: Implement a clockevent device.
- hv: vmbus: serialize Offer and Rescind offer.
- hv: vmbus: Support a vmbus API for efficiently sending page arrays.
- hv: vmbus: Use get_cpu() to get the current CPU.
- hyperv: fix sparse warnings.
- hyperv: Fix the error processing in netvsc_send().
- hyperv: match wait_for_completion_timeout return type.
- hyperv: netvsc.c: match wait_for_completion_timeout return type.
- iommu/vt-d: Fix dmar_domain leak in iommu_attach_device (bsc#924460).
- kabi, mm: prevent endless growth of anon_vma hierarchy (bnc#904242).
- kABI: protect linux/namei.h include in procfs.
- kABI: protect struct hif_scatter_req.
- kabi/severities: Stop maintaining the kgraft kabi
- kernel/sched/clock.c: add another clock for use with the soft lockup
watchdog (bsc#919939).
- kgr: Allow patches to require an exact kernel version (bnc#920615).
- KVM: PPC: Book3S HV: ptes are big endian (bsc#920839).
- mm: convert the rest to new page table lock api (the suse-only cases)
(fate#315482).
- mm: fix anon_vma->degree underflow in anon_vma endless growing
prevention (bnc#904242).
- mm: fix corner case in anon_vma endless growing prevention (bnc#904242).
- mm: prevent endless growth of anon_vma hierarchy (bnc#904242).
- mm: prevent endless growth of anon_vma hierarchy mm: prevent endless
growth of anon_vma hierarchy (bnc#904242).
- mm: vmscan: count only dirty pages as congested (VM Performance,
bnc#910517).
- module: Clean up ro/nx after early module load failures (bsc#921990).
- module: set nx before marking module MODULE_STATE_COMING (bsc#921990).
- net: add sysfs helpers for netdev_adjacent logic (bnc#915660).
- net: correct error path in rtnl_newlink() (bnc#915660).
- net: fix creation adjacent device symlinks (bnc#915660).
- net: prevent of emerging cross-namespace symlinks (bnc#915660).
- net: rename sysfs symlinks on device name change (bnc#915660).
- nfs: cap request size to fit a kmalloced page array (bnc#898675).
- nfs: commit layouts in fdatasync (bnc#898675).
- NFSv4.1: Do not trust attributes if a pNFS LAYOUTCOMMIT is outstanding
(bnc#898675).
- NFSv4.1: Ensure that the layout recall callback matches layout stateids
(bnc#898675).
- NFSv4.1: Ensure that we free existing layout segments if we get a new
layout (bnc#898675).
- NFSv4.1: Fix a race in nfs4_write_inode (bnc#898675).
- NFSv4.1: Fix wraparound issues in pnfs_seqid_is_newer() (bnc#898675).
- NFSv4.1: Minor optimisation in get_layout_by_fh_locked() (bnc#898675).
- NFSv4: Do not update the open stateid unless it is newer than the old
one (bnc#898675).
- pnfs: add a common GETDEVICELIST implementation (bnc#898675).
- pnfs: add a nfs4_get_deviceid helper (bnc#898675).
- pnfs: add flag to force read-modify-write in ->write_begin
(bnc#898675).
- pnfs: add return_range method (bnc#898675).
- pnfs: allow splicing pre-encoded pages into the layoutcommit args
(bnc#898675).
- pnfs: avoid using stale stateids after layoutreturn (bnc#898675).
- pnfs/blocklayout: allocate separate pages for the layoutcommit payload
(bnc#898675).
- pnfs/blocklayout: correctly decrement extent length (bnc#898675).
- pnfs/blocklayout: do not set pages uptodate (bnc#898675).
- pnfs/blocklayout: Fix a 64-bit division/remainder issue in bl_map_stripe
(bnc#898675).
- pnfs/blocklayout: implement the return_range method (bnc#898675).
- pnfs/blocklayout: improve GETDEVICEINFO error reporting (bnc#898675).
- pnfs/blocklayout: include vmalloc.h for __vmalloc (bnc#898675).
- pnfs/blocklayout: in-kernel GETDEVICEINFO XDR parsing (bnc#898675).
- pnfs/blocklayout: move all rpc_pipefs related code into a single file
(bnc#898675).
- pnfs/blocklayout: move extent processing to blocklayout.c (bnc#898675).
- pnfs/blocklayout: plug block queues (bnc#898675).
- pnfs/blocklayout: refactor extent processing (bnc#898675).
- pnfs/blocklayout: reject pnfs blocksize larger than page size
(bnc#898675).
- pNFS/blocklayout: Remove a couple of unused variables (bnc#898675).
- pnfs/blocklayout: remove read-modify-write handling in bl_write_pagelist
(bnc#898675).
- pnfs/blocklayout: remove some debugging (bnc#898675).
- pnfs/blocklayout: return layouts on setattr (bnc#898675).
- pnfs/blocklayout: rewrite extent tracking (bnc#898675).
- pnfs/blocklayout: use the device id cache (bnc#898675).
- pnfs: do not check sequence on new stateids in layoutget (bnc#898675).
- pnfs: do not pass uninitialized lsegs to ->free_lseg (bnc#898675).
- pnfs: enable CB_NOTIFY_DEVICEID support (bnc#898675).
- pnfs: factor GETDEVICEINFO implementations (bnc#898675).
- pnfs: force a layout commit when encountering busy segments during
recall (bnc#898675).
- pnfs: remove GETDEVICELIST implementation (bnc#898675).
- pnfs: retry after a bad stateid error from layoutget (bnc#898675).
- powerpc: add running_clock for powerpc to prevent spurious softlockup
warnings (bsc#919939).
- powerpc/pseries: Fix endian problems with LE migration (bsc#918584).
- remove cgroup_mutex around deactivate_super because it might be
dangerous.
- rtmutex: Document pi chain walk (mutex scalability).
- rtmutex: No need to keep task ref for lock owner check (mutex
scalability).
- rtmutex: Simplify rtmutex_slowtrylock() (mutex scalability).
- rtnetlink: fix a memory leak when ->newlink fails (bnc#915660).
- sched: Change thread_group_cputime() to use for_each_thread() (Time
scalability).
- sched: replace INIT_COMPLETION with reinit_completion.
- sched, time: Atomically increment stime & utime (Time scalability).
- scsi: storvsc: Always send on the selected outgoing channel.
- scsi: storvsc: Do not assume that the scatterlist is not chained.
- scsi: storvsc: Enable clustering.
- scsi: storvsc: Fix a bug in copy_from_bounce_buffer().
- scsi: storvsc: Increase the ring buffer size.
- scsi: storvsc: Retrieve information about the capability of the target.
- scsi: storvsc: Set the tablesize based on the information given by the
host.
- scsi: storvsc: Size the queue depth based on the ringbuffer size.
- storvsc: fix a bug in storvsc limits.
- storvsc: force discovery of LUNs that may have been removed.
- storvsc: force SPC-3 compliance on win8 and win8 r2 hosts.
- storvsc: in responce to a scan event, scan the host.
- take read_seqbegin_or_lock() and friends to seqlock.h (Time scalability).
- tcp: prevent fetching dst twice in early demux code (bnc#903997
bnc#919719).
- time, signal: Protect resource use statistics with seqlock -kabi (Time
scalability).
- time, signal: Protect resource use statistics with seqlock (Time
scalability).
- udp: only allow UFO for packets from SOCK_DGRAM sockets (bnc#909309).
- Update Xen patches to 3.12.39.
- virtio: rng: add derating factor for use by hwrng core (bsc#918615).
- x86, AVX-512: AVX-512 Feature Detection (bsc#921527).
- x86, AVX-512: Enable AVX-512 States Context Switch (bsc#921527).
- xenbus: add proper handling of XS_ERROR from Xenbus for transactions.
- xfs: xfs_alloc_fix_minleft can underflow near ENOSPC (bnc#913080).
Announcement ID: | SUSE-SU-2015:0658-1 |
Rating: | important |
References: | #898675 #903997 #904242 #909309 #909477 #909684 #910517 #913080 #914818 #915200 #915660 #917830 #918584 #918615 #918620 #918644 #919463 #919719 #919939 #920615 #920805 #920839 #921313 #921527 #921990 #922272 #922275 #922278 #922284 #924460 |
Affected Products: |
An update that solves two vulnerabilities and has 28 fixes is now available.
Description:
The SUSE Linux Enterprise Server 12 kernel was updated to 3.12.39 to
receive various security and bugfixes.
Following security bugs were fixed:
- CVE-2015-0777: The XEN usb backend could leak information to the guest
system due to copying uninitialized memory.
- CVE-2015-2150: Xen and the Linux kernel did not properly restrict access
to PCI command registers, which might have allowed local guest users to
cause a denial of service (non-maskable interrupt and host crash) by
disabling the (1) memory or (2) I/O decoding for a PCI Express device
and then accessing the device, which triggers an Unsupported Request
(UR) response.
The following non-security bugs were fixed:
- Added Little Endian support to vtpm module (bsc#918620).
- Add support for pnfs block layout. Patches not included by default yet
- ALSA: hda - Fix regression of HD-audio controller fallback modes
(bsc#921313).
- btrfs: add missing blk_finish_plug in btrfs_sync_log() (bnc#922284).
- btrfs: cleanup orphans while looking up default subvolume (bsc#914818).
- btrfs: do not ignore errors from btrfs_lookup_xattr in do_setxattr
(bnc#922272).
- btrfs: fix BUG_ON in btrfs_orphan_add() when delete unused block group
(bnc#922278).
- btrfs: fix data loss in the fast fsync path (bnc#922275).
- btrfs: fix fsync data loss after adding hard link to inode (bnc#922275).
- cgroup: revert cgroup_mutex removal from idr_remove (bnc#918644).
- cifs: fix use-after-free bug in find_writable_file (bnc#909477).
- crypto: rng - RNGs must return 0 in success case (bsc#920805).
- crypto: testmgr - fix RNG return code enforcement (bsc#920805).
- exit: Always reap resource stats in __exit_signal() (Time scalability).
- fork: report pid reservation failure properly (bnc#909684).
- fsnotify: Fix handling of renames in audit (bnc#915200).
- HID: hyperv: match wait_for_completion_timeout return type.
- hv: address compiler warnings for hv_fcopy_daemon.c.
- hv: address compiler warnings for hv_kvp_daemon.c.
- hv: check vmbus_device_create() return value in vmbus_process_offer().
- hv: do not add redundant / in hv_start_fcopy().
- hv: hv_balloon: Do not post pressure status from interrupt context.
- hv: hv_balloon: Fix a locking bug in the balloon driver.
- hv: hv_balloon: Make adjustments in computing the floor.
- hv: hv_fcopy: drop the obsolete message on transfer failure.
- hv: kvp_daemon: make IPv6-only-injection work.
- hv: remove unused bytes_written from kvp_update_file().
- hv: rename sc_lock to the more generic lock.
- hv: vmbus: Fix a bug in vmbus_establish_gpadl().
- hv: vmbus: hv_process_timer_expiration() can be static.
- hv: vmbus: Implement a clockevent device.
- hv: vmbus: serialize Offer and Rescind offer.
- hv: vmbus: Support a vmbus API for efficiently sending page arrays.
- hv: vmbus: Use get_cpu() to get the current CPU.
- hyperv: fix sparse warnings.
- hyperv: Fix the error processing in netvsc_send().
- hyperv: match wait_for_completion_timeout return type.
- hyperv: netvsc.c: match wait_for_completion_timeout return type.
- iommu/vt-d: Fix dmar_domain leak in iommu_attach_device (bsc#924460).
- kabi, mm: prevent endless growth of anon_vma hierarchy (bnc#904242).
- kABI: protect linux/namei.h include in procfs.
- kABI: protect struct hif_scatter_req.
- kabi/severities: Stop maintaining the kgraft kabi
- kernel/sched/clock.c: add another clock for use with the soft lockup
watchdog (bsc#919939).
- kgr: Allow patches to require an exact kernel version (bnc#920615).
- KVM: PPC: Book3S HV: ptes are big endian (bsc#920839).
- mm: convert the rest to new page table lock api (the suse-only cases)
(fate#315482).
- mm: fix anon_vma->degree underflow in anon_vma endless growing
prevention (bnc#904242).
- mm: fix corner case in anon_vma endless growing prevention (bnc#904242).
- mm: prevent endless growth of anon_vma hierarchy (bnc#904242).
- mm: prevent endless growth of anon_vma hierarchy mm: prevent endless
growth of anon_vma hierarchy (bnc#904242).
- mm: vmscan: count only dirty pages as congested (VM Performance,
bnc#910517).
- module: Clean up ro/nx after early module load failures (bsc#921990).
- module: set nx before marking module MODULE_STATE_COMING (bsc#921990).
- net: add sysfs helpers for netdev_adjacent logic (bnc#915660).
- net: correct error path in rtnl_newlink() (bnc#915660).
- net: fix creation adjacent device symlinks (bnc#915660).
- net: prevent of emerging cross-namespace symlinks (bnc#915660).
- net: rename sysfs symlinks on device name change (bnc#915660).
- nfs: cap request size to fit a kmalloced page array (bnc#898675).
- nfs: commit layouts in fdatasync (bnc#898675).
- NFSv4.1: Do not trust attributes if a pNFS LAYOUTCOMMIT is outstanding
(bnc#898675).
- NFSv4.1: Ensure that the layout recall callback matches layout stateids
(bnc#898675).
- NFSv4.1: Ensure that we free existing layout segments if we get a new
layout (bnc#898675).
- NFSv4.1: Fix a race in nfs4_write_inode (bnc#898675).
- NFSv4.1: Fix wraparound issues in pnfs_seqid_is_newer() (bnc#898675).
- NFSv4.1: Minor optimisation in get_layout_by_fh_locked() (bnc#898675).
- NFSv4: Do not update the open stateid unless it is newer than the old
one (bnc#898675).
- pnfs: add a common GETDEVICELIST implementation (bnc#898675).
- pnfs: add a nfs4_get_deviceid helper (bnc#898675).
- pnfs: add flag to force read-modify-write in ->write_begin
(bnc#898675).
- pnfs: add return_range method (bnc#898675).
- pnfs: allow splicing pre-encoded pages into the layoutcommit args
(bnc#898675).
- pnfs: avoid using stale stateids after layoutreturn (bnc#898675).
- pnfs/blocklayout: allocate separate pages for the layoutcommit payload
(bnc#898675).
- pnfs/blocklayout: correctly decrement extent length (bnc#898675).
- pnfs/blocklayout: do not set pages uptodate (bnc#898675).
- pnfs/blocklayout: Fix a 64-bit division/remainder issue in bl_map_stripe
(bnc#898675).
- pnfs/blocklayout: implement the return_range method (bnc#898675).
- pnfs/blocklayout: improve GETDEVICEINFO error reporting (bnc#898675).
- pnfs/blocklayout: include vmalloc.h for __vmalloc (bnc#898675).
- pnfs/blocklayout: in-kernel GETDEVICEINFO XDR parsing (bnc#898675).
- pnfs/blocklayout: move all rpc_pipefs related code into a single file
(bnc#898675).
- pnfs/blocklayout: move extent processing to blocklayout.c (bnc#898675).
- pnfs/blocklayout: plug block queues (bnc#898675).
- pnfs/blocklayout: refactor extent processing (bnc#898675).
- pnfs/blocklayout: reject pnfs blocksize larger than page size
(bnc#898675).
- pNFS/blocklayout: Remove a couple of unused variables (bnc#898675).
- pnfs/blocklayout: remove read-modify-write handling in bl_write_pagelist
(bnc#898675).
- pnfs/blocklayout: remove some debugging (bnc#898675).
- pnfs/blocklayout: return layouts on setattr (bnc#898675).
- pnfs/blocklayout: rewrite extent tracking (bnc#898675).
- pnfs/blocklayout: use the device id cache (bnc#898675).
- pnfs: do not check sequence on new stateids in layoutget (bnc#898675).
- pnfs: do not pass uninitialized lsegs to ->free_lseg (bnc#898675).
- pnfs: enable CB_NOTIFY_DEVICEID support (bnc#898675).
- pnfs: factor GETDEVICEINFO implementations (bnc#898675).
- pnfs: force a layout commit when encountering busy segments during
recall (bnc#898675).
- pnfs: remove GETDEVICELIST implementation (bnc#898675).
- pnfs: retry after a bad stateid error from layoutget (bnc#898675).
- powerpc: add running_clock for powerpc to prevent spurious softlockup
warnings (bsc#919939).
- powerpc/pseries: Fix endian problems with LE migration (bsc#918584).
- remove cgroup_mutex around deactivate_super because it might be
dangerous.
- rtmutex: Document pi chain walk (mutex scalability).
- rtmutex: No need to keep task ref for lock owner check (mutex
scalability).
- rtmutex: Simplify rtmutex_slowtrylock() (mutex scalability).
- rtnetlink: fix a memory leak when ->newlink fails (bnc#915660).
- sched: Change thread_group_cputime() to use for_each_thread() (Time
scalability).
- sched: replace INIT_COMPLETION with reinit_completion.
- sched, time: Atomically increment stime & utime (Time scalability).
- scsi: storvsc: Always send on the selected outgoing channel.
- scsi: storvsc: Do not assume that the scatterlist is not chained.
- scsi: storvsc: Enable clustering.
- scsi: storvsc: Fix a bug in copy_from_bounce_buffer().
- scsi: storvsc: Increase the ring buffer size.
- scsi: storvsc: Retrieve information about the capability of the target.
- scsi: storvsc: Set the tablesize based on the information given by the
host.
- scsi: storvsc: Size the queue depth based on the ringbuffer size.
- storvsc: fix a bug in storvsc limits.
- storvsc: force discovery of LUNs that may have been removed.
- storvsc: force SPC-3 compliance on win8 and win8 r2 hosts.
- storvsc: in responce to a scan event, scan the host.
- take read_seqbegin_or_lock() and friends to seqlock.h (Time scalability).
- tcp: prevent fetching dst twice in early demux code (bnc#903997
bnc#919719).
- time, signal: Protect resource use statistics with seqlock -kabi (Time
scalability).
- time, signal: Protect resource use statistics with seqlock (Time
scalability).
- udp: only allow UFO for packets from SOCK_DGRAM sockets (bnc#909309).
- Update Xen patches to 3.12.39.
- virtio: rng: add derating factor for use by hwrng core (bsc#918615).
- x86, AVX-512: AVX-512 Feature Detection (bsc#921527).
- x86, AVX-512: Enable AVX-512 States Context Switch (bsc#921527).
- xenbus: add proper handling of XS_ERROR from Xenbus for transactions.
- xfs: xfs_alloc_fix_minleft can underflow near ENOSPC (bnc#913080).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12:
zypper in -t patch SUSE-SLE-WE-12-2015-152=1
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2015-152=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2015-152=1
- SUSE Linux Enterprise Module for Public Cloud 12:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-152=1
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2015-152=1
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2015-152=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12 (x86_64):
- kernel-default-debuginfo-3.12.39-47.1
- kernel-default-debugsource-3.12.39-47.1
- kernel-default-extra-3.12.39-47.1
- kernel-default-extra-debuginfo-3.12.39-47.1
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
- kernel-obs-build-3.12.39-47.2
- kernel-obs-build-debugsource-3.12.39-47.2
- SUSE Linux Enterprise Software Development Kit 12 (noarch):
- kernel-docs-3.12.39-47.3
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
- kernel-default-3.12.39-47.1
- kernel-default-base-3.12.39-47.1
- kernel-default-base-debuginfo-3.12.39-47.1
- kernel-default-debuginfo-3.12.39-47.1
- kernel-default-debugsource-3.12.39-47.1
- kernel-default-devel-3.12.39-47.1
- kernel-syms-3.12.39-47.1
- SUSE Linux Enterprise Server 12 (x86_64):
- kernel-xen-3.12.39-47.1
- kernel-xen-base-3.12.39-47.1
- kernel-xen-base-debuginfo-3.12.39-47.1
- kernel-xen-debuginfo-3.12.39-47.1
- kernel-xen-debugsource-3.12.39-47.1
- kernel-xen-devel-3.12.39-47.1
- SUSE Linux Enterprise Server 12 (noarch):
- kernel-devel-3.12.39-47.1
- kernel-macros-3.12.39-47.1
- kernel-source-3.12.39-47.1
- SUSE Linux Enterprise Server 12 (s390x):
- kernel-default-man-3.12.39-47.1
- SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):
- kernel-ec2-3.12.39-47.1
- kernel-ec2-debuginfo-3.12.39-47.1
- kernel-ec2-debugsource-3.12.39-47.1
- kernel-ec2-devel-3.12.39-47.1
- kernel-ec2-extra-3.12.39-47.1
- kernel-ec2-extra-debuginfo-3.12.39-47.1
- SUSE Linux Enterprise Live Patching 12 (x86_64):
- kgraft-patch-3_12_39-47-default-1-2.1
- kgraft-patch-3_12_39-47-xen-1-2.1
- SUSE Linux Enterprise Desktop 12 (x86_64):
- kernel-default-3.12.39-47.1
- kernel-default-debuginfo-3.12.39-47.1
- kernel-default-debugsource-3.12.39-47.1
- kernel-default-devel-3.12.39-47.1
- kernel-default-extra-3.12.39-47.1
- kernel-default-extra-debuginfo-3.12.39-47.1
- kernel-syms-3.12.39-47.1
- kernel-xen-3.12.39-47.1
- kernel-xen-debuginfo-3.12.39-47.1
- kernel-xen-debugsource-3.12.39-47.1
- kernel-xen-devel-3.12.39-47.1
- SUSE Linux Enterprise Desktop 12 (noarch):
- kernel-devel-3.12.39-47.1
- kernel-macros-3.12.39-47.1
- kernel-source-3.12.39-47.1
References:
- https://www.suse.com/security/cve/CVE-2015-0777.html
- https://www.suse.com/security/cve/CVE-2015-2150.html
- https://bugzilla.suse.com/898675
- https://bugzilla.suse.com/903997
- https://bugzilla.suse.com/904242
- https://bugzilla.suse.com/909309
- https://bugzilla.suse.com/909477
- https://bugzilla.suse.com/909684
- https://bugzilla.suse.com/910517
- https://bugzilla.suse.com/913080
- https://bugzilla.suse.com/914818
- https://bugzilla.suse.com/915200
- https://bugzilla.suse.com/915660
- https://bugzilla.suse.com/917830
- https://bugzilla.suse.com/918584
- https://bugzilla.suse.com/918615
- https://bugzilla.suse.com/918620
- https://bugzilla.suse.com/918644
- https://bugzilla.suse.com/919463
- https://bugzilla.suse.com/919719
- https://bugzilla.suse.com/919939
- https://bugzilla.suse.com/920615
- https://bugzilla.suse.com/920805
- https://bugzilla.suse.com/920839
- https://bugzilla.suse.com/921313
- https://bugzilla.suse.com/921527
- https://bugzilla.suse.com/921990
- https://bugzilla.suse.com/922272
- https://bugzilla.suse.com/922275
- https://bugzilla.suse.com/922278
- https://bugzilla.suse.com/922284
- https://bugzilla.suse.com/924460