SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:1391-1
Rating:             important
References:         #674284 #703156 #734056 #738400 #738528 #747576 
                    #755546 #758985 #760974 #762581 #763526 #765102 
                    #765320 #767277 #767504 #767766 #767939 #769784 
                    #770507 #770697 #772409 #773272 #773831 #776888 
                    #777575 #783058 
Cross-References:   CVE-2011-1044 CVE-2011-4110 CVE-2012-2136
                    CVE-2012-2663 CVE-2012-2744 CVE-2012-3510
                   
Affected Products:
                    SUSE Linux Enterprise Server 10 SP4
                    SUSE Linux Enterprise Desktop 10 SP4
                    SLE SDK 10 SP4
______________________________________________________________________________

   An update that solves 6 vulnerabilities and has 20 fixes is
   now available.

Description:


   This Linux kernel update fixes various security issues and
   bugs in the SUSE  Linux Enterprise 10 SP4 kernel.

   The following security issues have been fixed:

   *

   CVE-2011-2494: kernel/taskstats.c in the Linux kernel
   allowed local users to obtain sensitive I/O statistics by
   sending taskstats commands to a netlink socket, as
   demonstrated by discovering the length of another users   password (a side channel attack).

   *

   CVE-2012-2744:
   net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux
   kernel, when the nf_conntrack_ipv6 module is enabled,
   allowed remote attackers to cause a denial of service (NULL
   pointer dereference and system crash) via certain types of
   fragmented IPv6 packets.

   *

   CVE-2012-3510: Use-after-free vulnerability in the
   xacct_add_tsk function in kernel/tsacct.c in the Linux
   kernel allowed local users to obtain potentially sensitive
   information from kernel memory or cause a denial of service
   (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID
   command.

   *

   CVE-2011-4110: The user_update function in
   security/keys/user_defined.c in the Linux kernel 2.6
   allowed local users to cause a denial of service (NULL
   pointer dereference and kernel oops) via vectors related to
   a user-defined key and updating a negative key into a fully
   instantiated key.

   *

   CVE-2011-1044: The ib_uverbs_poll_cq function in
   drivers/infiniband/core/uverbs_cmd.c in the Linux kernel
   did not initialize a certain response buffer, which allowed
   local users to obtain potentially sensitive information
   from kernel memory via vectors that cause this buffer to be
   only partially filled, a different vulnerability than
   CVE-2010-4649.

   *

   CVE-2012-3400: Heap-based buffer overflow in the
   udf_load_logicalvol function in fs/udf/super.c in the Linux
   kernel allowed remote attackers to cause a denial of
   service (system crash) or possibly have unspecified other
   impact via a crafted UDF filesystem.

   *

   CVE-2012-2136: The sock_alloc_send_pskb function in
   net/core/sock.c in the Linux kernel did not properly
   validate a certain length value, which allowed local users   to cause a denial of service (heap-based buffer overflow
   and system crash) or possibly gain privileges by leveraging
   access to a TUN/TAP device.

   *

   CVE-2012-2663: A small denial of service leak in
   dropping syn+fin messages was fixed.

   The following non-security issues have been fixed:

   Packaging:

   * kbuild: Fix gcc -x syntax (bnc#773831).

   NFS:

   * knfsd: An assortment of little fixes to the sunrpc
   cache code (bnc#767766).
   * knfsd: Unexport cache_fresh and fix a small race
   (bnc#767766).
   * knfsd: nfsd: do not drop silently on upcall deferral
   (bnc#767766).
   * knfsd: svcrpc: remove another silent drop from
   deferral code (bnc#767766).
   * sunrpc/cache: simplify cache_fresh_locked and
   cache_fresh_unlocked (bnc#767766).
   * sunrpc/cache: recheck cache validity after
   cache_defer_req (bnc#767766).
   * sunrpc/cache: use list_del_init for the list_head
   entries in cache_deferred_req (bnc#767766).
   * sunrpc/cache: avoid variable over-loading in
   cache_defer_req (bnc#767766).
   * sunrpc/cache: allow thread to block while waiting for
   cache update (bnc#767766).
   * sunrpc/cache: Fix race in sunrpc/cache introduced by
   patch to allow thread to block while waiting for cache
   update (bnc#767766).
   * sunrpc/cache: Another fix for race problem with
   sunrpc cache deferal (bnc#767766).
   * knfsd: nfsd: make all exp_finding functions return
   -errnos on err (bnc#767766).
   * Fix kabi breakage in previous nfsd patch series
   (bnc#767766).
   * nfsd: Work around incorrect return type for
   wait_for_completion_interruptible_timeout (bnc#767766).
   * nfs: Fix a potential file corruption issue when
   writing (bnc#773272).
   * nfs: Allow sync writes to be multiple pages
   (bnc#763526).
   * nfs: fix reference counting for NFSv4 callback thread
   (bnc#767504).
   * nfs: flush signals before taking down callback thread
   (bnc#767504).
   * nfsv4: Ensure nfs_callback_down() calls svc_destroy()
   (bnc#767504).

   SCSI:

   * SCSI/ch: Check NULL for kmalloc() return (bnc#783058).
   *

   drivers/scsi/aic94xx/aic94xx_init.c: correct the size
   argument to kmalloc (bnc#783058).

   *

   block: fail SCSI passthrough ioctls on partition
   devices (bnc#738400).

   *

   dm: do not forward ioctls from logical volumes to the
   underlying device (bnc#738400).

   *

   vmware: Fix VMware hypervisor detection (bnc#777575,
   bnc#770507).

   S/390:

   * lgr: Make lgr_page static (bnc#772409,LTC#83520).
   * zfcp: Fix oops in _blk_add_trace()
   (bnc#772409,LTC#83510).
   *

   kernel: Add z/VM LGR detection
   (bnc#767277,LTC#RAS1203).

   *

   be2net: Fix EEH error reset before a flash dump
   completes (bnc#755546).

   * mptfusion: fix msgContext in mptctl_hp_hostinfo
   (bnc#767939).
   * PCI: Fix bus resource assignment on 32 bits with 64b
   resources. (bnc#762581)
   * PCI: fix up setup-bus.c #ifdef. (bnc#762581)
   *

   x86: powernow-k8: Fix indexing issue (bnc#758985).

   *

   net: Fix race condition about network device name
   allocation (bnc#747576).

   XEN:

   * smpboot: adjust ordering of operations.
   * xen/x86-64: provide a memset() that can deal with 4Gb
   or above at a time (bnc#738528).
   * xen: fix VM_FOREIGN users after c/s 878:eba6fe6d8d53
   (bnc#760974).
   * xen/gntdev: fix multi-page slot allocation
   (bnc#760974).

   Security Issues:

   * CVE-2011-1044
   
   * CVE-2011-4110
   
   * CVE-2012-2136
   
   * CVE-2012-2663
   
   * CVE-2012-2744
   
   * CVE-2012-3510
   

Indications:

   Everyone using the Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.


Package List:

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

      kernel-default-2.6.16.60-0.99.1
      kernel-source-2.6.16.60-0.99.1
      kernel-syms-2.6.16.60-0.99.1

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 x86_64):

      kernel-debug-2.6.16.60-0.99.1

   - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64):

      kernel-kdump-2.6.16.60-0.99.1

   - SUSE Linux Enterprise Server 10 SP4 (i586 x86_64):

      kernel-smp-2.6.16.60-0.99.1
      kernel-xen-2.6.16.60-0.99.1

   - SUSE Linux Enterprise Server 10 SP4 (i586):

      kernel-bigsmp-2.6.16.60-0.99.1
      kernel-kdumppae-2.6.16.60-0.99.1
      kernel-vmi-2.6.16.60-0.99.1
      kernel-vmipae-2.6.16.60-0.99.1
      kernel-xenpae-2.6.16.60-0.99.1

   - SUSE Linux Enterprise Server 10 SP4 (ppc):

      kernel-iseries64-2.6.16.60-0.99.1
      kernel-ppc64-2.6.16.60-0.99.1

   - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

      kernel-default-2.6.16.60-0.99.1
      kernel-smp-2.6.16.60-0.99.1
      kernel-source-2.6.16.60-0.99.1
      kernel-syms-2.6.16.60-0.99.1
      kernel-xen-2.6.16.60-0.99.1

   - SUSE Linux Enterprise Desktop 10 SP4 (i586):

      kernel-bigsmp-2.6.16.60-0.99.1
      kernel-xenpae-2.6.16.60-0.99.1

   - SLE SDK 10 SP4 (i586 ia64 x86_64):

      kernel-debug-2.6.16.60-0.99.1

   - SLE SDK 10 SP4 (i586 ppc x86_64):

      kernel-kdump-2.6.16.60-0.99.1

   - SLE SDK 10 SP4 (i586 x86_64):

      kernel-xen-2.6.16.60-0.99.1

   - SLE SDK 10 SP4 (i586):

      kernel-xenpae-2.6.16.60-0.99.1


References:

   https://www.suse.com/security/cve/CVE-2011-1044.html
   https://www.suse.com/security/cve/CVE-2011-4110.html
   https://www.suse.com/security/cve/CVE-2012-2136.html
   https://www.suse.com/security/cve/CVE-2012-2663.html
   https://www.suse.com/security/cve/CVE-2012-2744.html
   https://www.suse.com/security/cve/CVE-2012-3510.html
   https://bugzilla.novell.com/674284
   https://bugzilla.novell.com/703156
   https://bugzilla.novell.com/734056
   https://bugzilla.novell.com/738400
   https://bugzilla.novell.com/738528
   https://bugzilla.novell.com/747576
   https://bugzilla.novell.com/755546
   https://bugzilla.novell.com/758985
   https://bugzilla.novell.com/760974
   https://bugzilla.novell.com/762581
   https://bugzilla.novell.com/763526
   https://bugzilla.novell.com/765102
   https://bugzilla.novell.com/765320
   https://bugzilla.novell.com/767277
   https://bugzilla.novell.com/767504
   https://bugzilla.novell.com/767766
   https://bugzilla.novell.com/767939
   https://bugzilla.novell.com/769784
   https://bugzilla.novell.com/770507
   https://bugzilla.novell.com/770697
   https://bugzilla.novell.com/772409
   https://bugzilla.novell.com/773272
   https://bugzilla.novell.com/773831
   https://bugzilla.novell.com/776888
   https://bugzilla.novell.com/777575
   https://bugzilla.novell.com/783058
   https://login.microfocus.com/nidp/app/login
   https://login.microfocus.com/nidp/app/login
   https://login.microfocus.com/nidp/app/login
   https://login.microfocus.com/nidp/app/login
   https://login.microfocus.com/nidp/app/login

SuSE: 2012:1391-1: important: Linux kernel

October 24, 2012
An update that solves 6 vulnerabilities and has 20 fixes is An update that solves 6 vulnerabilities and has 20 fixes is An update that solves 6 vulnerabilities and has 20 fixes is ...

Summary

This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed: * CVE-2011-2494: kernel/taskstats.c in the Linux kernel allowed local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another users password (a side channel attack). * CVE-2012-2744: net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel, when the nf_conntrack_ipv6 module is enabled, allowed remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets. * CVE-2012-3510: Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel allowed local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) v...

Read the Full Advisory

References

#674284 #703156 #734056 #738400 #738528 #747576

#755546 #758985 #760974 #762581 #763526 #765102

#765320 #767277 #767504 #767766 #767939 #769784

#770507 #770697 #772409 #773272 #773831 #776888

#777575 #783058

Cross- CVE-2011-1044 CVE-2011-4110 CVE-2012-2136

CVE-2012-2663 CVE-2012-2744 CVE-2012-3510

Affected Products:

SUSE Linux Enterprise Server 10 SP4

SUSE Linux Enterprise Desktop 10 SP4

SLE SDK 10 SP4

https://www.suse.com/security/cve/CVE-2011-1044.html

https://www.suse.com/security/cve/CVE-2011-4110.html

https://www.suse.com/security/cve/CVE-2012-2136.html

https://www.suse.com/security/cve/CVE-2012-2663.html

https://www.suse.com/security/cve/CVE-2012-2744.html

https://www.suse.com/security/cve/CVE-2012-3510.html

https://bugzilla.novell.com/674284

https://bugzilla.novell.com/703156

...

Read the Full Advisory

Severity
Announcement ID: SUSE-SU-2012:1391-1
Rating: important

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved