SUSE Security Update: Security update for Real Time Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:0364-1
Rating:             important
References:         #590980 #591293 #651219 #653260 #698450 #699709 
                    #707096 #707288 #708877 #711203 #711539 #712366 
                    #714001 #716901 #722406 #726788 #732021 #734056 
                    #745881 
Cross-References:   CVE-2010-3873 CVE-2011-1576 CVE-2011-1577
                    CVE-2011-1833 CVE-2011-2203 CVE-2011-2918
                    CVE-2011-2928 CVE-2011-3191 CVE-2011-3353
                    CVE-2011-4081 CVE-2011-4110 CVE-2011-4326
                   
Affected Products:
                    SUSE Linux Enterprise Real Time 11 SP1
______________________________________________________________________________

   An update that solves 12 vulnerabilities and has 7 fixes is
   now available. It includes one version update.

Description:


   The SUSE Linux Enterprise Server 11 SP1 Realtime kernel was
   updated to  2.6.33.20 to fix various bugs and security
   issues.

   The following security issues have been fixed:

   * CVE-2011-4110: KEYS: Fix a NULL pointer deref in the
   user-defined key type, which allowed local attackers to
   Oops the kernel.
   * CVE-2011-4081: Avoid potential NULL pointer deref in
   ghash, which allowed local attackers to Oops the kernel.
   * CVE-2010-3873: When using X.25 communication a
   malicious sender could corrupt data structures, causing
   crashes or potential code execution. Please note that X.25
   needs to be setup to make this effective, which these days
   is usually not the case.
   * CVE-2011-2203: A NULL ptr dereference on mounting
   corrupt hfs filesystems was fixed which could be used by
   local attackers to crash the kernel.
   * CVE-2011-3191: A malicious CIFS server could cause a
   integer overflow on the local machine on directory index
   operations, in turn causing memory corruption.
   * CVE-2011-3353: In the fuse filesystem,
   FUSE_NOTIFY_INVAL_ENTRY did not check the length of the
   write so the message processing could overrun and result in
   a BUG_ON() in fuse_copy_fill(). This flaw could be used by
   local users able to mount FUSE filesystems to crash the
   system.
   * CVE-2011-4326: A bug was found in the way headroom
   check was performed in udp6_ufo_fragment() function. A
   remote attacker could use this flaw to crash the system.
   * CVE-2011-1576: The Generic Receive Offload (GRO)
   implementation in the Linux kernel allowed remote attackers   to cause a denial of service via crafted VLAN packets that
   are processed by the napi_reuse_skb function, leading to
   (1) a memory leak or (2) memory corruption, a different
   vulnerability than CVE-2011-1478.
   * CVE-2011-1833: Added a kernel option to ensure
   ecryptfs is mounting only on paths belonging to the current
   ui, which would have allowed local attackers to potentially
   gain privileges via symlink attacks.
   * CVE-2011-2918: In the perf framework software event
   overflows could deadlock or delete an uninitialized timer.

   Included in Linux 2.6.32.19 stable update:

   * CVE-2011-2928: The befs_follow_link function in
   fs/befs/linuxvfs.c in the Linux kernel did not validate the
   length attribute of long symlinks, which allowed local
   users to cause a denial of service (incorrect pointer
   dereference and OOPS) by accessing a long symlink on a
   malformed Be filesystem.
   * CVE-2011-3353: In the fuse filesystem,
   FUSE_NOTIFY_INVAL_ENTRY did not check the length of the
   write so the message processing could overrun and result in
   a BUG_ON() in fuse_copy_fill(). This flaw could be used by
   local users able to mount FUSE filesystems to crash the
   system.
   * CVE-2011-1577: The Linux kernel automatically
   evaluated partition tables of storage devices. The code for
   evaluating EFI GUID partitions (in fs/partitions/efi.c)
   contained a bug that causes a kernel oops on certain
   corrupted GUID partition tables, which might be used by
   local attackers to crash the kernel or potentially execute
   code.

   The following non security bugs have been fixed:

   * Fix DL980G7 numa enumeration problem. HP bios SRAT
   table contains more entries (256) than SLERT NR_CPUS (128).
   Pull in mainline fixes to always parse the entire table,
   regardless of configured NR_CPUS.
   * x86, acpi: Parse all SRAT cpu entries even above the
   cpu number limitation (bnc#745881).
   * x86, ia64, acpi: Clean up x86-ism in
   drivers/acpi/numa.c (bnc#745881).
   * rt, timerfd: fix timerfd_settime() livelock.
   * Fix build failure on 12.1 systems.
   CONFIG_BUILD_DOCSRC builds Documentation/video4linux but
   without reference to local includes, thus build only
   succeeds on older SUSE releases where linux-glibc-devel
   provides (obsolete) videodev.h. Add upstream patch which
   drops support for v4lgrab.c which is safe as sample
   executable is not packaged in any released rpm.
   * Add missing references symset for the rt flavor
   (bnc#722406#c69).
   * Pick up SP1 82576 ET2 Quad Port driver addon. Pick up
   I350 as well, since it's just recognition of a follow-on
   part for 82580.
   * igb: Add support for 82576 ET2 Quad Port Server
   Adapter (bnc#591293, bnc#722406).
   * igb: add support for Intel I350 Gigabit Network
   Connection (bnc#590980).
   * Fix regression introduced by backport of mainline
   commit 43fa5460
   * sched/rt: Migrate equal priority tasks to available
   CPUs.
   * sched: fix broken SCHED_RESET_ON_FORK handling
   (bnc#708877).
   * sched: Fix rt_rq runtime leakage bug (bnc#707096).

   Security Issue references:

   * CVE-2011-4110
   
   * CVE-2011-4081
   
   * CVE-2010-3873
   
   * CVE-2011-2203
   
   * CVE-2011-3191
   
   * CVE-2011-3353
   
   * CVE-2011-4326
   
   * CVE-2011-1576
   
   * CVE-2011-1833
   
   * CVE-2011-2918
   
   * CVE-2011-2928
   
   * CVE-2011-3353
   
   * CVE-2011-1577
   

Indications:

   Everyone using the Real Time Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Real Time 11 SP1:

      zypper in -t patch slertesp1-kernel-5802

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Real Time 11 SP1 (x86_64) [New Version: 2.6.33.20]:

      brocade-bna-kmp-rt-2.1.0.0_2.6.33.20_rt31_0.3-0.2.34
      cluster-network-kmp-rt-1.4_2.6.33.20_rt31_0.3-2.5.28
      cluster-network-kmp-rt_trace-1.4_2.6.33.20_rt31_0.3-2.5.28
      drbd-kmp-rt-8.3.11_2.6.33.20_rt31_0.3-0.3.28
      drbd-kmp-rt_trace-8.3.11_2.6.33.20_rt31_0.3-0.3.28
      iscsitarget-kmp-rt-1.4.19_2.6.33.20_rt31_0.3-0.9.11.2
      kernel-rt-2.6.33.20-0.3.1
      kernel-rt-base-2.6.33.20-0.3.1
      kernel-rt-devel-2.6.33.20-0.3.1
      kernel-rt_trace-2.6.33.20-0.3.1
      kernel-rt_trace-base-2.6.33.20-0.3.1
      kernel-rt_trace-devel-2.6.33.20-0.3.1
      kernel-source-rt-2.6.33.20-0.3.1
      kernel-syms-rt-2.6.33.20-0.3.1
      ocfs2-kmp-rt-1.6_2.6.33.20_rt31_0.3-0.4.2.28
      ocfs2-kmp-rt_trace-1.6_2.6.33.20_rt31_0.3-0.4.2.28
      ofed-kmp-rt-1.5.2_2.6.33.20_rt31_0.3-0.9.13.15


References:

   https://www.suse.com/security/cve/CVE-2010-3873.html
   https://www.suse.com/security/cve/CVE-2011-1576.html
   https://www.suse.com/security/cve/CVE-2011-1577.html
   https://www.suse.com/security/cve/CVE-2011-1833.html
   https://www.suse.com/security/cve/CVE-2011-2203.html
   https://www.suse.com/security/cve/CVE-2011-2918.html
   https://www.suse.com/security/cve/CVE-2011-2928.html
   https://www.suse.com/security/cve/CVE-2011-3191.html
   https://www.suse.com/security/cve/CVE-2011-3353.html
   https://www.suse.com/security/cve/CVE-2011-4081.html
   https://www.suse.com/security/cve/CVE-2011-4110.html
   https://www.suse.com/security/cve/CVE-2011-4326.html
   https://bugzilla.novell.com/590980
   https://bugzilla.novell.com/591293
   https://bugzilla.novell.com/651219
   https://bugzilla.novell.com/653260
   https://bugzilla.novell.com/698450
   https://bugzilla.novell.com/699709
   https://bugzilla.novell.com/707096
   https://bugzilla.novell.com/707288
   https://bugzilla.novell.com/708877
   https://bugzilla.novell.com/711203
   https://bugzilla.novell.com/711539
   https://bugzilla.novell.com/712366
   https://bugzilla.novell.com/714001
   https://bugzilla.novell.com/716901
   https://bugzilla.novell.com/722406
   https://bugzilla.novell.com/726788
   https://bugzilla.novell.com/732021
   https://bugzilla.novell.com/734056
   https://bugzilla.novell.com/745881
   https://login.microfocus.com/nidp/app/login

SuSE: 2012:0364-1: important: Real Time Linux Kernel

March 14, 2012
An update that solves 12 vulnerabilities and has 7 fixes is An update that solves 12 vulnerabilities and has 7 fixes is An update that solves 12 vulnerabilities and has 7 fixes is ...

Summary

The SUSE Linux Enterprise Server 11 SP1 Realtime kernel was updated to 2.6.33.20 to fix various bugs and security issues. The following security issues have been fixed: * CVE-2011-4110: KEYS: Fix a NULL pointer deref in the user-defined key type, which allowed local attackers to Oops the kernel. * CVE-2011-4081: Avoid potential NULL pointer deref in ghash, which allowed local attackers to Oops the kernel. * CVE-2010-3873: When using X.25 communication a malicious sender could corrupt data structures, causing crashes or potential code execution. Please note that X.25 needs to be setup to make this effective, which these days is usually not the case. * CVE-2011-2203: A NULL ptr dereference on mounting corrupt hfs filesystems was fixed which could be used by local attackers to crash the kernel. * CVE-2011-3191: A malicious CIFS server could cause a integer overflow on the local machine on directory index operations, in t...

Read the Full Advisory

References

#590980 #591293 #651219 #653260 #698450 #699709

#707096 #707288 #708877 #711203 #711539 #712366

#714001 #716901 #722406 #726788 #732021 #734056

#745881

Cross- CVE-2010-3873 CVE-2011-1576 CVE-2011-1577

CVE-2011-1833 CVE-2011-2203 CVE-2011-2918

CVE-2011-2928 CVE-2011-3191 CVE-2011-3353

CVE-2011-4081 CVE-2011-4110 CVE-2011-4326

Affected Products:

SUSE Linux Enterprise Real Time 11 SP1

https://www.suse.com/security/cve/CVE-2010-3873.html

https://www.suse.com/security/cve/CVE-2011-1576.html

https://www.suse.com/security/cve/CVE-2011-1577.html

https://www.suse.com/security/cve/CVE-2011-1833.html

https://www.suse.com/security/cve/CVE-2011-2203.html

https://www.suse.com/security/cve/CVE-2011-2918.html

https://www.suse.com/security/cve/CVE-2011-2928.html

https://www.suse.com/security/cve/CVE-2011-3191.html

https...

Read the Full Advisory

Severity
Announcement ID: SUSE-SU-2012:0364-1
Rating: important

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved