SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:1100-1
Rating:             important
References:         #588458 #603804 #632870 #642896 #649625 #650309 
                    #667386 #669378 #688859 #694670 #699354 #699355 
                    #699357 #701443 #701686 #704347 #706557 #707096 
                    #707125 #707737 #708675 #708877 #709412 #711203 
                    #711969 #712456 #712929 #713138 #713430 #714001 
                    #714966 #715235 #715763 #716901 #719117 #719450 
                    
Cross-References:   CVE-2011-2928 CVE-2011-3191 CVE-2011-3353
                   
Affected Products:
                    SUSE Linux Enterprise Server 11 SP1 for VMware
                    SUSE Linux Enterprise Server 11 SP1
                    SUSE Linux Enterprise High Availability Extension 11 SP1
                    SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________

   An update that solves three vulnerabilities and has 33
   fixes is now available. It includes one version update.

Description:


   The SUSE Linux Enterprise 11 Service Pack 1 kernel was
   updated to 2.6.32.46  and fixes various bugs and security
   issues.

   Following security issues were fixed: CVE-2011-3191: A
   signedness issue in  CIFS could possibly have lead to to
   memory corruption, if a malicious  server could send
   crafted replies to the host.

   CVE-2011-3353: In the fuse filesystem,
   FUSE_NOTIFY_INVAL_ENTRY did not  check the length of the
   write so the message processing could overrun and  result
   in a BUG_ON() in fuse_copy_fill(). This flaw could be used
   by local  users able to mount FUSE filesystems to crash the
   system.

   CVE-2011-2928: The befs_follow_link function in
   fs/befs/linuxvfs.c in the  Linux kernel did not validate
   the length attribute of long symlinks, which  allowed local
   users to cause a denial of service (incorrect pointer
   dereference and OOPS) by accessing a long symlink on a
   malformed Be  filesystem.

   Also the following non security bugs were fixed: -
   CONFIG_CGROUP_MEM_RES_CTLR_SWAP enabled -
   CONFIG_CGROUP_MEM_RES_CTLR_SWAP_ENABLED disabled by
   default. Swap  accounting can be turned on by swapaccount=1
   kernel command line parameter  (bnc#719450) - Make swap
   accounting default behavior configurable  (bnc#719450,
   bnc#650309, fate#310471).

   *

   Added a missing reset for ioc_reset_in_progress in
   SoftReset in the mtpsas driver (bnc#711969).

   *

   Add support for the Digi/IBM PCIe 2-port Adapter
   (bnc#708675).

   *

   Always enable MSI-X on 5709 (bnc#707737).

   *

   sched: fix broken SCHED_RESET_ON_FORK handling
   (bnc#708877).

   *

   sched: Fix rt_rq runtime leakage bug (bnc#707096).

   *

   ACPI: allow passing down C1 information if no other
   C-states exist.

   *

   KDB: turn off kdb usb support by default (bnc#694670
   bnc#603804).

   *

   xfs: Added event tracing support.

   *

   xfs: fix xfs_fsblock_t tracing.

   *

   igb: extend maximum frame size to receive VLAN tagged
   frames (bnc#688859).

   *

   cfq: Do not allow queue merges for queues that have
   no process references (bnc#712929).

   * cfq: break apart merged cfqqs if they stop
   cooperating (bnc#712929).
   * cfq: calculate the seek_mean per cfq_queue not per
   cfq_io_context (bnc#712929).
   * cfq: change the meaning of the cfqq_coop flag
   (bnc#712929).
   * cfq-iosched: get rid of the coop_preempt flag
   (bnc#712929).
   *

   cfq: merge cooperating cfq_queues (bnc#712929).

   *

   Fix FDDI and TR config checks in ipv4 arp and LLC
   (bnc#715235).

   *

   writeback: do uninterruptible sleep in
   balance_dirty_pages() (bnc#699354 bnc#699357).

   * xfs: fix memory reclaim recursion deadlock on locked
   inode buffer (bnc#699355 bnc#699354).
   *

   xfs: use GFP_NOFS for page cache allocation
   (bnc#699355 bnc#699354).

   *

   virtio-net: init link state correctly (bnc#714966).

   *

   cpufreq: pcc-cpufreq: sanity check to prevent a NULL
   pointer dereference (bnc#709412).

   *

   x86: ucode-amd: Do not warn when no ucode is
   available for a CPU

   *

   patches.arch/x86_64-unwind-annotations: Refresh
   (bnc#588458).

   *

   patches.suse/stack-unwind: Refresh (bnc#588458).

   *

   splice: direct_splice_actor() should not use pos in
   sd (bnc#715763).

   *

   qdio: 2nd stage retry on SIGA-W busy conditions
   (bnc#713138,LTC#74402).

   *

   TTY: pty, fix pty counting (bnc#711203).

   *

   Avoid deadlock in GFP_IO/GFP_FS allocation
   (bnc#632870).

   *

   novfs: fix some DirCache locking issues (bnc#669378).

   * novfs: fix some kmalloc/kfree issues (bnc#669378).
   * novfs: fix off-by-one allocation error (bnc#669378).
   * novfs: unlink directory after unmap (bnc#649625).
   *

   novfs: last modification time not reliable
   (bnc#642896).

   *

   x86 / IO APIC: Reset IRR in clear_IO_APIC_pin()
   (bnc#701686, bnc#667386).

   *

   mptfusion : Added check for SILI bit in READ_6 CDB
   for DATA UNDERRUN ERRATA (bnc #712456).

   *

   xfs: serialise unaligned direct IOs (bnc#707125).

   *

   NFS: Ensure that we handle NFS4ERR_STALE_STATEID
   correctly (bnc#701443).

   * NFSv4: Do not call nfs4_state_mark_reclaim_reboot()
   from error handlers (bnc#701443).
   * NFSv4: Fix open recovery (bnc#701443).
   * NFSv4.1: Do not call nfs4_schedule_state_recovery()
   unnecessarily (bnc#701443).

   Security Issues:

   * CVE-2011-3191
   
   * CVE-2011-3353
   
   * CVE-2011-2928
   

Indications:

   Everyone using the Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11 SP1 for VMware:

      zypper in -t patch slessp1-kernel-5219 slessp1-kernel-5223

   - SUSE Linux Enterprise Server 11 SP1:

      zypper in -t patch slessp1-kernel-5219 slessp1-kernel-5220 slessp1-kernel-5221 slessp1-kernel-5222 slessp1-kernel-5223

   - SUSE Linux Enterprise High Availability Extension 11 SP1:

      zypper in -t patch sleshasp1-kernel-5219 sleshasp1-kernel-5220 sleshasp1-kernel-5221 sleshasp1-kernel-5222 sleshasp1-kernel-5223

   - SUSE Linux Enterprise Desktop 11 SP1:

      zypper in -t patch sledsp1-kernel-5219 sledsp1-kernel-5223

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 2.6.32.46]:

      btrfs-kmp-default-0_2.6.32.46_0.3-0.3.57
      ext4dev-kmp-default-0_2.6.32.46_0.3-7.9.24
      hyper-v-kmp-default-0_2.6.32.46_0.3-0.14.11
      kernel-default-2.6.32.46-0.3.1
      kernel-default-base-2.6.32.46-0.3.1
      kernel-default-devel-2.6.32.46-0.3.1
      kernel-source-2.6.32.46-0.3.1
      kernel-syms-2.6.32.46-0.3.1
      kernel-trace-2.6.32.46-0.3.1
      kernel-trace-base-2.6.32.46-0.3.1
      kernel-trace-devel-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Server 11 SP1 for VMware (i586) [New Version: 2.6.32.46]:

      btrfs-kmp-pae-0_2.6.32.46_0.3-0.3.57
      ext4dev-kmp-pae-0_2.6.32.46_0.3-7.9.24
      hyper-v-kmp-pae-0_2.6.32.46_0.3-0.14.11
      kernel-pae-2.6.32.46-0.3.1
      kernel-pae-base-2.6.32.46-0.3.1
      kernel-pae-devel-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.32.46]:

      btrfs-kmp-default-0_2.6.32.46_0.3-0.3.57
      ext4dev-kmp-default-0_2.6.32.46_0.3-7.9.24
      kernel-default-2.6.32.46-0.3.1
      kernel-default-base-2.6.32.46-0.3.1
      kernel-default-devel-2.6.32.46-0.3.1
      kernel-source-2.6.32.46-0.3.1
      kernel-syms-2.6.32.46-0.3.1
      kernel-trace-2.6.32.46-0.3.1
      kernel-trace-base-2.6.32.46-0.3.1
      kernel-trace-devel-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Server 11 SP1 (i586 x86_64) [New Version: 2.6.32.46]:

      btrfs-kmp-xen-0_2.6.32.46_0.3-0.3.57
      ext4dev-kmp-xen-0_2.6.32.46_0.3-7.9.24
      hyper-v-kmp-default-0_2.6.32.46_0.3-0.14.11
      kernel-ec2-2.6.32.46-0.3.1
      kernel-ec2-base-2.6.32.46-0.3.1
      kernel-xen-2.6.32.46-0.3.1
      kernel-xen-base-2.6.32.46-0.3.1
      kernel-xen-devel-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Server 11 SP1 (s390x) [New Version: 2.6.32.46]:

      kernel-default-man-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Server 11 SP1 (ppc64) [New Version: 2.6.32.46]:

      ext4dev-kmp-ppc64-0_2.6.32.46_0.3-7.9.24
      kernel-ppc64-2.6.32.46-0.3.1
      kernel-ppc64-base-2.6.32.46-0.3.1
      kernel-ppc64-devel-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Server 11 SP1 (i586) [New Version: 2.6.32.46]:

      btrfs-kmp-pae-0_2.6.32.46_0.3-0.3.57
      ext4dev-kmp-pae-0_2.6.32.46_0.3-7.9.24
      hyper-v-kmp-pae-0_2.6.32.46_0.3-0.14.11
      kernel-pae-2.6.32.46-0.3.1
      kernel-pae-base-2.6.32.46-0.3.1
      kernel-pae-devel-2.6.32.46-0.3.1

   - SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 ia64 ppc64 s390x x86_64):

      cluster-network-kmp-default-1.4_2.6.32.46_0.3-2.5.9
      gfs2-kmp-default-2_2.6.32.46_0.3-0.2.56
      ocfs2-kmp-default-1.6_2.6.32.46_0.3-0.4.2.9

   - SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 x86_64):

      cluster-network-kmp-xen-1.4_2.6.32.46_0.3-2.5.9
      gfs2-kmp-xen-2_2.6.32.46_0.3-0.2.56
      ocfs2-kmp-xen-1.6_2.6.32.46_0.3-0.4.2.9

   - SUSE Linux Enterprise High Availability Extension 11 SP1 (ppc64):

      cluster-network-kmp-ppc64-1.4_2.6.32.46_0.3-2.5.9
      gfs2-kmp-ppc64-2_2.6.32.46_0.3-0.2.56
      ocfs2-kmp-ppc64-1.6_2.6.32.46_0.3-0.4.2.9

   - SUSE Linux Enterprise High Availability Extension 11 SP1 (i586):

      cluster-network-kmp-pae-1.4_2.6.32.46_0.3-2.5.9
      gfs2-kmp-pae-2_2.6.32.46_0.3-0.2.56
      ocfs2-kmp-pae-1.6_2.6.32.46_0.3-0.4.2.9

   - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 2.6.32.46]:

      btrfs-kmp-default-0_2.6.32.46_0.3-0.3.57
      btrfs-kmp-xen-0_2.6.32.46_0.3-0.3.57
      hyper-v-kmp-default-0_2.6.32.46_0.3-0.14.11
      kernel-default-2.6.32.46-0.3.1
      kernel-default-base-2.6.32.46-0.3.1
      kernel-default-devel-2.6.32.46-0.3.1
      kernel-default-extra-2.6.32.46-0.3.1
      kernel-desktop-devel-2.6.32.46-0.3.1
      kernel-source-2.6.32.46-0.3.1
      kernel-syms-2.6.32.46-0.3.1
      kernel-xen-2.6.32.46-0.3.1
      kernel-xen-base-2.6.32.46-0.3.1
      kernel-xen-devel-2.6.32.46-0.3.1
      kernel-xen-extra-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Desktop 11 SP1 (i586) [New Version: 2.6.32.46]:

      btrfs-kmp-pae-0_2.6.32.46_0.3-0.3.57
      hyper-v-kmp-pae-0_2.6.32.46_0.3-0.14.11
      kernel-pae-2.6.32.46-0.3.1
      kernel-pae-base-2.6.32.46-0.3.1
      kernel-pae-devel-2.6.32.46-0.3.1
      kernel-pae-extra-2.6.32.46-0.3.1


References:

   https://www.suse.com/security/cve/CVE-2011-2928.html
   https://www.suse.com/security/cve/CVE-2011-3191.html
   https://www.suse.com/security/cve/CVE-2011-3353.html
   https://bugzilla.novell.com/588458
   https://bugzilla.novell.com/603804
   https://bugzilla.novell.com/632870
   https://bugzilla.novell.com/642896
   https://bugzilla.novell.com/649625
   https://bugzilla.novell.com/650309
   https://bugzilla.novell.com/667386
   https://bugzilla.novell.com/669378
   https://bugzilla.novell.com/688859
   https://bugzilla.novell.com/694670
   https://bugzilla.novell.com/699354
   https://bugzilla.novell.com/699355
   https://bugzilla.novell.com/699357
   https://bugzilla.novell.com/701443
   https://bugzilla.novell.com/701686
   https://bugzilla.novell.com/704347
   https://bugzilla.novell.com/706557
   https://bugzilla.novell.com/707096
   https://bugzilla.novell.com/707125
   https://bugzilla.novell.com/707737
   https://bugzilla.novell.com/708675
   https://bugzilla.novell.com/708877
   https://bugzilla.novell.com/709412
   https://bugzilla.novell.com/711203
   https://bugzilla.novell.com/711969
   https://bugzilla.novell.com/712456
   https://bugzilla.novell.com/712929
   https://bugzilla.novell.com/713138
   https://bugzilla.novell.com/713430
   https://bugzilla.novell.com/714001
   https://bugzilla.novell.com/714966
   https://bugzilla.novell.com/715235
   https://bugzilla.novell.com/715763
   https://bugzilla.novell.com/716901
   https://bugzilla.novell.com/719117
   https://bugzilla.novell.com/719450
   https://login.microfocus.com/nidp/idff/sso
   https://login.microfocus.com/nidp/idff/sso
   https://login.microfocus.com/nidp/idff/sso
   https://login.microfocus.com/nidp/idff/sso
   https://login.microfocus.com/nidp/idff/sso

SuSE: 2011:1100-1: important: Linux kernel

October 8, 2011
An update that solves three vulnerabilities and has 33 An update that solves three vulnerabilities and has 33 An update that solves three vulnerabilities and has 33 fixes is now av...

Summary

   SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:1100-1
Rating:             important
References:         #588458 #603804 #632870 #642896 #649625 #650309 
                    #667386 #669378 #688859 #694670 #699354 #699355 
                    #699357 #701443 #701686 #704347 #706557 #707096 
                    #707125 #707737 #708675 #708877 #709412 #711203 
                    #711969 #712456 #712929 #713138 #713430 #714001 
                    #714966 #715235 #715763 #716901 #719117 #719450 
                    
Cross-References:   CVE-2011-2928 CVE-2011-3191 CVE-2011-3353
                   
Affected Products:
                    SUSE Linux Enterprise Server 11 SP1 for VMware
                    SUSE Linux Enterprise Server 11 SP1
                    SUSE Linux Enterprise High Availability Extension 11 SP1
                    SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________

   An update that solves three vulnerabilities and has 33
   fixes is now available. It includes one version update.

Description:


   The SUSE Linux Enterprise 11 Service Pack 1 kernel was
   updated to 2.6.32.46  and fixes various bugs and security
   issues.

   Following security issues were fixed: CVE-2011-3191: A
   signedness issue in  CIFS could possibly have lead to to
   memory corruption, if a malicious  server could send
   crafted replies to the host.

   CVE-2011-3353: In the fuse filesystem,
   FUSE_NOTIFY_INVAL_ENTRY did not  check the length of the
   write so the message processing could overrun and  result
   in a BUG_ON() in fuse_copy_fill(). This flaw could be used
   by local  users able to mount FUSE filesystems to crash the
   system.

   CVE-2011-2928: The befs_follow_link function in
   fs/befs/linuxvfs.c in the  Linux kernel did not validate
   the length attribute of long symlinks, which  allowed local
   users to cause a denial of service (incorrect pointer
   dereference and OOPS) by accessing a long symlink on a
   malformed Be  filesystem.

   Also the following non security bugs were fixed: -
   CONFIG_CGROUP_MEM_RES_CTLR_SWAP enabled -
   CONFIG_CGROUP_MEM_RES_CTLR_SWAP_ENABLED disabled by
   default. Swap  accounting can be turned on by swapaccount=1
   kernel command line parameter  (bnc#719450) - Make swap
   accounting default behavior configurable  (bnc#719450,
   bnc#650309, fate#310471).

   *

   Added a missing reset for ioc_reset_in_progress in
   SoftReset in the mtpsas driver (bnc#711969).

   *

   Add support for the Digi/IBM PCIe 2-port Adapter
   (bnc#708675).

   *

   Always enable MSI-X on 5709 (bnc#707737).

   *

   sched: fix broken SCHED_RESET_ON_FORK handling
   (bnc#708877).

   *

   sched: Fix rt_rq runtime leakage bug (bnc#707096).

   *

   ACPI: allow passing down C1 information if no other
   C-states exist.

   *

   KDB: turn off kdb usb support by default (bnc#694670
   bnc#603804).

   *

   xfs: Added event tracing support.

   *

   xfs: fix xfs_fsblock_t tracing.

   *

   igb: extend maximum frame size to receive VLAN tagged
   frames (bnc#688859).

   *

   cfq: Do not allow queue merges for queues that have
   no process references (bnc#712929).

   * cfq: break apart merged cfqqs if they stop
   cooperating (bnc#712929).
   * cfq: calculate the seek_mean per cfq_queue not per
   cfq_io_context (bnc#712929).
   * cfq: change the meaning of the cfqq_coop flag
   (bnc#712929).
   * cfq-iosched: get rid of the coop_preempt flag
   (bnc#712929).
   *

   cfq: merge cooperating cfq_queues (bnc#712929).

   *

   Fix FDDI and TR config checks in ipv4 arp and LLC
   (bnc#715235).

   *

   writeback: do uninterruptible sleep in
   balance_dirty_pages() (bnc#699354 bnc#699357).

   * xfs: fix memory reclaim recursion deadlock on locked
   inode buffer (bnc#699355 bnc#699354).
   *

   xfs: use GFP_NOFS for page cache allocation
   (bnc#699355 bnc#699354).

   *

   virtio-net: init link state correctly (bnc#714966).

   *

   cpufreq: pcc-cpufreq: sanity check to prevent a NULL
   pointer dereference (bnc#709412).

   *

   x86: ucode-amd: Do not warn when no ucode is
   available for a CPU

   *

   patches.arch/x86_64-unwind-annotations: Refresh
   (bnc#588458).

   *

   patches.suse/stack-unwind: Refresh (bnc#588458).

   *

   splice: direct_splice_actor() should not use pos in
   sd (bnc#715763).

   *

   qdio: 2nd stage retry on SIGA-W busy conditions
   (bnc#713138,LTC#74402).

   *

   TTY: pty, fix pty counting (bnc#711203).

   *

   Avoid deadlock in GFP_IO/GFP_FS allocation
   (bnc#632870).

   *

   novfs: fix some DirCache locking issues (bnc#669378).

   * novfs: fix some kmalloc/kfree issues (bnc#669378).
   * novfs: fix off-by-one allocation error (bnc#669378).
   * novfs: unlink directory after unmap (bnc#649625).
   *

   novfs: last modification time not reliable
   (bnc#642896).

   *

   x86 / IO APIC: Reset IRR in clear_IO_APIC_pin()
   (bnc#701686, bnc#667386).

   *

   mptfusion : Added check for SILI bit in READ_6 CDB
   for DATA UNDERRUN ERRATA (bnc #712456).

   *

   xfs: serialise unaligned direct IOs (bnc#707125).

   *

   NFS: Ensure that we handle NFS4ERR_STALE_STATEID
   correctly (bnc#701443).

   * NFSv4: Do not call nfs4_state_mark_reclaim_reboot()
   from error handlers (bnc#701443).
   * NFSv4: Fix open recovery (bnc#701443).
   * NFSv4.1: Do not call nfs4_schedule_state_recovery()
   unnecessarily (bnc#701443).

   Security Issues:

   * CVE-2011-3191
   
   * CVE-2011-3353
   
   * CVE-2011-2928
   

Indications:

   Everyone using the Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11 SP1 for VMware:

      zypper in -t patch slessp1-kernel-5219 slessp1-kernel-5223

   - SUSE Linux Enterprise Server 11 SP1:

      zypper in -t patch slessp1-kernel-5219 slessp1-kernel-5220 slessp1-kernel-5221 slessp1-kernel-5222 slessp1-kernel-5223

   - SUSE Linux Enterprise High Availability Extension 11 SP1:

      zypper in -t patch sleshasp1-kernel-5219 sleshasp1-kernel-5220 sleshasp1-kernel-5221 sleshasp1-kernel-5222 sleshasp1-kernel-5223

   - SUSE Linux Enterprise Desktop 11 SP1:

      zypper in -t patch sledsp1-kernel-5219 sledsp1-kernel-5223

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 2.6.32.46]:

      btrfs-kmp-default-0_2.6.32.46_0.3-0.3.57
      ext4dev-kmp-default-0_2.6.32.46_0.3-7.9.24
      hyper-v-kmp-default-0_2.6.32.46_0.3-0.14.11
      kernel-default-2.6.32.46-0.3.1
      kernel-default-base-2.6.32.46-0.3.1
      kernel-default-devel-2.6.32.46-0.3.1
      kernel-source-2.6.32.46-0.3.1
      kernel-syms-2.6.32.46-0.3.1
      kernel-trace-2.6.32.46-0.3.1
      kernel-trace-base-2.6.32.46-0.3.1
      kernel-trace-devel-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Server 11 SP1 for VMware (i586) [New Version: 2.6.32.46]:

      btrfs-kmp-pae-0_2.6.32.46_0.3-0.3.57
      ext4dev-kmp-pae-0_2.6.32.46_0.3-7.9.24
      hyper-v-kmp-pae-0_2.6.32.46_0.3-0.14.11
      kernel-pae-2.6.32.46-0.3.1
      kernel-pae-base-2.6.32.46-0.3.1
      kernel-pae-devel-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.32.46]:

      btrfs-kmp-default-0_2.6.32.46_0.3-0.3.57
      ext4dev-kmp-default-0_2.6.32.46_0.3-7.9.24
      kernel-default-2.6.32.46-0.3.1
      kernel-default-base-2.6.32.46-0.3.1
      kernel-default-devel-2.6.32.46-0.3.1
      kernel-source-2.6.32.46-0.3.1
      kernel-syms-2.6.32.46-0.3.1
      kernel-trace-2.6.32.46-0.3.1
      kernel-trace-base-2.6.32.46-0.3.1
      kernel-trace-devel-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Server 11 SP1 (i586 x86_64) [New Version: 2.6.32.46]:

      btrfs-kmp-xen-0_2.6.32.46_0.3-0.3.57
      ext4dev-kmp-xen-0_2.6.32.46_0.3-7.9.24
      hyper-v-kmp-default-0_2.6.32.46_0.3-0.14.11
      kernel-ec2-2.6.32.46-0.3.1
      kernel-ec2-base-2.6.32.46-0.3.1
      kernel-xen-2.6.32.46-0.3.1
      kernel-xen-base-2.6.32.46-0.3.1
      kernel-xen-devel-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Server 11 SP1 (s390x) [New Version: 2.6.32.46]:

      kernel-default-man-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Server 11 SP1 (ppc64) [New Version: 2.6.32.46]:

      ext4dev-kmp-ppc64-0_2.6.32.46_0.3-7.9.24
      kernel-ppc64-2.6.32.46-0.3.1
      kernel-ppc64-base-2.6.32.46-0.3.1
      kernel-ppc64-devel-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Server 11 SP1 (i586) [New Version: 2.6.32.46]:

      btrfs-kmp-pae-0_2.6.32.46_0.3-0.3.57
      ext4dev-kmp-pae-0_2.6.32.46_0.3-7.9.24
      hyper-v-kmp-pae-0_2.6.32.46_0.3-0.14.11
      kernel-pae-2.6.32.46-0.3.1
      kernel-pae-base-2.6.32.46-0.3.1
      kernel-pae-devel-2.6.32.46-0.3.1

   - SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 ia64 ppc64 s390x x86_64):

      cluster-network-kmp-default-1.4_2.6.32.46_0.3-2.5.9
      gfs2-kmp-default-2_2.6.32.46_0.3-0.2.56
      ocfs2-kmp-default-1.6_2.6.32.46_0.3-0.4.2.9

   - SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 x86_64):

      cluster-network-kmp-xen-1.4_2.6.32.46_0.3-2.5.9
      gfs2-kmp-xen-2_2.6.32.46_0.3-0.2.56
      ocfs2-kmp-xen-1.6_2.6.32.46_0.3-0.4.2.9

   - SUSE Linux Enterprise High Availability Extension 11 SP1 (ppc64):

      cluster-network-kmp-ppc64-1.4_2.6.32.46_0.3-2.5.9
      gfs2-kmp-ppc64-2_2.6.32.46_0.3-0.2.56
      ocfs2-kmp-ppc64-1.6_2.6.32.46_0.3-0.4.2.9

   - SUSE Linux Enterprise High Availability Extension 11 SP1 (i586):

      cluster-network-kmp-pae-1.4_2.6.32.46_0.3-2.5.9
      gfs2-kmp-pae-2_2.6.32.46_0.3-0.2.56
      ocfs2-kmp-pae-1.6_2.6.32.46_0.3-0.4.2.9

   - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 2.6.32.46]:

      btrfs-kmp-default-0_2.6.32.46_0.3-0.3.57
      btrfs-kmp-xen-0_2.6.32.46_0.3-0.3.57
      hyper-v-kmp-default-0_2.6.32.46_0.3-0.14.11
      kernel-default-2.6.32.46-0.3.1
      kernel-default-base-2.6.32.46-0.3.1
      kernel-default-devel-2.6.32.46-0.3.1
      kernel-default-extra-2.6.32.46-0.3.1
      kernel-desktop-devel-2.6.32.46-0.3.1
      kernel-source-2.6.32.46-0.3.1
      kernel-syms-2.6.32.46-0.3.1
      kernel-xen-2.6.32.46-0.3.1
      kernel-xen-base-2.6.32.46-0.3.1
      kernel-xen-devel-2.6.32.46-0.3.1
      kernel-xen-extra-2.6.32.46-0.3.1

   - SUSE Linux Enterprise Desktop 11 SP1 (i586) [New Version: 2.6.32.46]:

      btrfs-kmp-pae-0_2.6.32.46_0.3-0.3.57
      hyper-v-kmp-pae-0_2.6.32.46_0.3-0.14.11
      kernel-pae-2.6.32.46-0.3.1
      kernel-pae-base-2.6.32.46-0.3.1
      kernel-pae-devel-2.6.32.46-0.3.1
      kernel-pae-extra-2.6.32.46-0.3.1


References:

   https://www.suse.com/security/cve/CVE-2011-2928.html
   https://www.suse.com/security/cve/CVE-2011-3191.html
   https://www.suse.com/security/cve/CVE-2011-3353.html
   https://bugzilla.novell.com/588458
   https://bugzilla.novell.com/603804
   https://bugzilla.novell.com/632870
   https://bugzilla.novell.com/642896
   https://bugzilla.novell.com/649625
   https://bugzilla.novell.com/650309
   https://bugzilla.novell.com/667386
   https://bugzilla.novell.com/669378
   https://bugzilla.novell.com/688859
   https://bugzilla.novell.com/694670
   https://bugzilla.novell.com/699354
   https://bugzilla.novell.com/699355
   https://bugzilla.novell.com/699357
   https://bugzilla.novell.com/701443
   https://bugzilla.novell.com/701686
   https://bugzilla.novell.com/704347
   https://bugzilla.novell.com/706557
   https://bugzilla.novell.com/707096
   https://bugzilla.novell.com/707125
   https://bugzilla.novell.com/707737
   https://bugzilla.novell.com/708675
   https://bugzilla.novell.com/708877
   https://bugzilla.novell.com/709412
   https://bugzilla.novell.com/711203
   https://bugzilla.novell.com/711969
   https://bugzilla.novell.com/712456
   https://bugzilla.novell.com/712929
   https://bugzilla.novell.com/713138
   https://bugzilla.novell.com/713430
   https://bugzilla.novell.com/714001
   https://bugzilla.novell.com/714966
   https://bugzilla.novell.com/715235
   https://bugzilla.novell.com/715763
   https://bugzilla.novell.com/716901
   https://bugzilla.novell.com/719117
   https://bugzilla.novell.com/719450
   https://login.microfocus.com/nidp/idff/sso
   https://login.microfocus.com/nidp/idff/sso
   https://login.microfocus.com/nidp/idff/sso
   https://login.microfocus.com/nidp/idff/sso
   https://login.microfocus.com/nidp/idff/sso

References

Severity

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved