openSUSE Security Update: kernel: security and bugfix update.
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2012:0206-1
Rating:             important
References:         #691052 #692498 #698450 #699709 #700879 #702037 
                    #707288 #709764 #710235 #726788 #728661 #735612 
                    #736149 
Cross-References:   CVE-2011-1576 CVE-2011-1770 CVE-2011-2203
                    CVE-2011-2213 CVE-2011-2525 CVE-2011-2534
                    CVE-2011-2699 CVE-2011-2723 CVE-2011-2898
                    CVE-2011-4081 CVE-2011-4604
Affected Products:
                    openSUSE 11.3
______________________________________________________________________________

   An update that solves 11 vulnerabilities and has two fixes
   is now available. It includes one version update.

Description:

   The openSUSE 11.3 kernel was updated to fix various bugs
   and security issues.

   Following security issues have been fixed: CVE-2011-4604:
   If root does read() on a specific socket, it's possible to
   corrupt (kernel) memory over network, with an ICMP packet,
   if the B.A.T.M.A.N. mesh protocol is used.

   CVE-2011-2525: A flaw allowed the tc_fill_qdisc() function
   in the Linux kernels packet scheduler API implementation to
   be called on built-in qdisc structures. A local,
   unprivileged user could have used this flaw to trigger a
   NULL pointer dereference, resulting in a denial of service.

   CVE-2011-2699: Fernando Gont discovered that the IPv6 stack
   used predictable fragment identification numbers. A remote
   attacker could exploit this to exhaust network resources,
   leading to a denial of service.

   CVE-2011-2213: The inet_diag_bc_audit function in
   net/ipv4/inet_diag.c in the Linux kernel did not properly
   audit INET_DIAG bytecode, which allowed local users to
   cause a denial of service (kernel infinite loop) via
   crafted INET_DIAG_REQ_BYTECODE instructions in a netlink
   message, as demonstrated by an INET_DIAG_BC_JMP instruction
   with a zero yes value, a different vulnerability than
   CVE-2010-3880.

   CVE-2011-1576: The Generic Receive Offload (GRO)
   implementation in the Linux kernel allowed remote attackers   to cause a denial of service via crafted VLAN packets that
   are processed by the napi_reuse_skb function, leading to
   (1) a memory leak or (2) memory corruption, a different
   vulnerability than CVE-2011-1478.

   CVE-2011-2534: Buffer overflow in the clusterip_proc_write
   function in net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux
   kernel might have allowed local users to cause a denial of
   service or have unspecified other impact via a crafted
   write operation, related to string data that lacks a
   terminating '\0' character.

   CVE-2011-1770: Integer underflow in the dccp_parse_options
   function (net/dccp/options.c) in the Linux kernel allowed
   remote attackers to cause a denial of service via a
   Datagram Congestion Control Protocol (DCCP) packet with an
   invalid feature options length, which triggered a buffer
   over-read.

   CVE-2011-2723: The skb_gro_header_slow function in
   include/linux/netdevice.h in the Linux kernel, when Generic
   Receive Offload (GRO) is enabled, reset certain fields in
   incorrect situations, which allowed remote attackers to
   cause a denial of service (system crash) via crafted
   network traffic.

   CVE-2011-2898: A kernel information leak in the AF_PACKET
   protocol was fixed which might have allowed local attackers   to read kernel memory.

   CVE-2011-2203: A NULL ptr dereference on mounting corrupt
   hfs filesystems was fixed which could be used by local
   attackers to crash the kernel.

   CVE-2011-4081: Using the crypto interface a local user
   could Oops the kernel by writing to a AF_ALG socket.


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.3:

      zypper in -t patch kernel-5605

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 11.3 (i586 x86_64) [New Version: 2.6.34.10]:

      kernel-debug-2.6.34.10-0.6.1
      kernel-debug-base-2.6.34.10-0.6.1
      kernel-debug-devel-2.6.34.10-0.6.1
      kernel-default-2.6.34.10-0.6.1
      kernel-default-base-2.6.34.10-0.6.1
      kernel-default-devel-2.6.34.10-0.6.1
      kernel-desktop-2.6.34.10-0.6.1
      kernel-desktop-base-2.6.34.10-0.6.1
      kernel-desktop-devel-2.6.34.10-0.6.1
      kernel-ec2-2.6.34.10-0.6.1
      kernel-ec2-base-2.6.34.10-0.6.1
      kernel-ec2-devel-2.6.34.10-0.6.1
      kernel-ec2-extra-2.6.34.10-0.6.1
      kernel-syms-2.6.34.10-0.6.1
      kernel-trace-2.6.34.10-0.6.1
      kernel-trace-base-2.6.34.10-0.6.1
      kernel-trace-devel-2.6.34.10-0.6.1
      kernel-vanilla-2.6.34.10-0.6.1
      kernel-vanilla-base-2.6.34.10-0.6.1
      kernel-vanilla-devel-2.6.34.10-0.6.1
      kernel-xen-2.6.34.10-0.6.1
      kernel-xen-base-2.6.34.10-0.6.1
      kernel-xen-devel-2.6.34.10-0.6.1
      preload-kmp-default-1.1_k2.6.34.10_0.6-19.1.37
      preload-kmp-desktop-1.1_k2.6.34.10_0.6-19.1.37

   - openSUSE 11.3 (noarch) [New Version: 2.6.34.10]:

      kernel-devel-2.6.34.10-0.6.1
      kernel-source-2.6.34.10-0.6.1
      kernel-source-vanilla-2.6.34.10-0.6.1

   - openSUSE 11.3 (i586) [New Version: 2.6.34.10]:

      kernel-pae-2.6.34.10-0.6.1
      kernel-pae-base-2.6.34.10-0.6.1
      kernel-pae-devel-2.6.34.10-0.6.1
      kernel-vmi-2.6.34.10-0.6.1
      kernel-vmi-base-2.6.34.10-0.6.1
      kernel-vmi-devel-2.6.34.10-0.6.1


References:

   https://www.suse.com/security/cve/CVE-2011-1576.html
   https://www.suse.com/security/cve/CVE-2011-1770.html
   https://www.suse.com/security/cve/CVE-2011-2203.html
   https://www.suse.com/security/cve/CVE-2011-2213.html
   https://www.suse.com/security/cve/CVE-2011-2525.html
   https://www.suse.com/security/cve/CVE-2011-2534.html
   https://www.suse.com/security/cve/CVE-2011-2699.html
   https://www.suse.com/security/cve/CVE-2011-2723.html
   https://www.suse.com/security/cve/CVE-2011-2898.html
   https://www.suse.com/security/cve/CVE-2011-4081.html
   https://www.suse.com/security/cve/CVE-2011-4604.html
   https://bugzilla.novell.com/691052
   https://bugzilla.novell.com/692498
   https://bugzilla.novell.com/698450
   https://bugzilla.novell.com/699709
   https://bugzilla.novell.com/700879
   https://bugzilla.novell.com/702037
   https://bugzilla.novell.com/707288
   https://bugzilla.novell.com/709764
   https://bugzilla.novell.com/710235
   https://bugzilla.novell.com/726788
   https://bugzilla.novell.com/728661
   https://bugzilla.novell.com/735612
   https://bugzilla.novell.com/736149

openSUSE: 2012:0206-1: important: kernel

February 9, 2012
An update that solves 11 vulnerabilities and has two fixes An update that solves 11 vulnerabilities and has two fixes An update that solves 11 vulnerabilities and has two fixes is ...

Description

The openSUSE 11.3 kernel was updated to fix various bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read() on a specific socket, it's possible to corrupt (kernel) memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used. CVE-2011-2525: A flaw allowed the tc_fill_qdisc() function in the Linux kernels packet scheduler API implementation to be called on built-in qdisc structures. A local, unprivileged user could have used this flaw to trigger a NULL pointer dereference, resulting in a denial of service. CVE-2011-2699: Fernando Gont discovered that the IPv6 stack used predictable fragment identification numbers. A remote attacker could exploit this to exhaust network resources, leading to a denial of service. CVE-2011-2213: The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel did not properly audit INET_DIAG bytecode, which allowed loca...

Read the Full Advisory

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch kernel-5605 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE 11.3 (i586 x86_64) [New Version: 2.6.34.10]: kernel-debug-2.6.34.10-0.6.1 kernel-debug-base-2.6.34.10-0.6.1 kernel-debug-devel-2.6.34.10-0.6.1 kernel-default-2.6.34.10-0.6.1 kernel-default-base-2.6.34.10-0.6.1 kernel-default-devel-2.6.34.10-0.6.1 kernel-desktop-2.6.34.10-0.6.1 kernel-desktop-base-2.6.34.10-0.6.1 kernel-desktop-devel-2.6.34.10-0.6.1 kernel-ec2-2.6.34.10-0.6.1 kernel-ec2-base-2.6.34.10-0.6.1 kernel-ec2-devel-2.6.34.10-0.6.1 kernel-ec2-extra-2.6.34.10-0.6.1 kernel-syms-2.6.34.10-0.6.1 kernel-trace-2.6.34.10-0.6.1 kernel-trace-base-2.6.34.10-0.6.1 kernel-trace-devel-2.6.34.10-0.6.1 kernel-vanilla-2.6.34.10-0.6.1 kernel-vanilla-base-2.6.34.10-0.6.1 kernel-vanilla-devel-2.6.34.10-0.6.1 kernel-xen-2.6.34.10-0.6.1 kernel-xen-base-2.6.34.10-0.6.1 kernel-xen-devel-2.6.34.10-0.6.1 preload-kmp-default-1.1_k2.6.34.10_0.6-19.1.37 preload-kmp-desktop-1.1_k2.6.34.10_0.6-19.1.37 - openSUSE 11.3 (noarch) [New Version: 2.6.34.10]: kernel-devel-2.6.34.10-0.6.1 kernel-source-2.6.34.10-0.6.1 kernel-source-vanilla-2.6.34.10-0.6.1 - openSUSE 11.3 (i586) [New Version: 2.6.34.10]: kernel-pae-2.6.34.10-0.6.1 kernel-pae-base-2.6.34.10-0.6.1 kernel-pae-devel-2.6.34.10-0.6.1 kernel-vmi-2.6.34.10-0.6.1 kernel-vmi-base-2.6.34.10-0.6.1 kernel-vmi-devel-2.6.34.10-0.6.1


References

https://www.suse.com/security/cve/CVE-2011-1576.html https://www.suse.com/security/cve/CVE-2011-1770.html https://www.suse.com/security/cve/CVE-2011-2203.html https://www.suse.com/security/cve/CVE-2011-2213.html https://www.suse.com/security/cve/CVE-2011-2525.html https://www.suse.com/security/cve/CVE-2011-2534.html https://www.suse.com/security/cve/CVE-2011-2699.html https://www.suse.com/security/cve/CVE-2011-2723.html https://www.suse.com/security/cve/CVE-2011-2898.html https://www.suse.com/security/cve/CVE-2011-4081.html https://www.suse.com/security/cve/CVE-2011-4604.html https://bugzilla.novell.com/691052 https://bugzilla.novell.com/692498 https://bugzilla.novell.com/698450 https://bugzilla.novell.com/699709 https://bugzilla.novell.com/700879 https://bugzilla.novell.com/702037 https://bugzilla.novell.com/707288 https://bugzilla.novell.com/709764 https://bugzilla.novell.com/710235 https://bugzilla.novell.com/726788 https://bugzilla.novell.com/728661 https://bugzilla.novell.com/735612 https://bugzilla.novell.com/736149


Severity
Announcement ID: openSUSE-SU-2012:0206-1
Rating: important
Affected Products: openSUSE 11.3

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved