SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:0856-1
Rating:             important
References:         #760753 #789831 #790236 #810628 #812317 #813735 
                    #815745 #817666 #818337 #819403 
Cross-References:   CVE-2012-4444 CVE-2013-1928
Affected Products:
                    SUSE Linux Enterprise Server 10 SP4
                    SUSE Linux Enterprise Desktop 10 SP4
                    SLE SDK 10 SP4
______________________________________________________________________________

   An update that solves two vulnerabilities and has 8 fixes
   is now available.

Description:


   The SUSE Linux Enterprise 10 SP4 kernel has been updated to
   fix various  bugs and security issues.

   Security issues fixed:

   *

   CVE-2012-4444: The ip6_frag_queue function in
   net/ipv6/reassembly.c in the Linux kernel allowed remote
   attackers to bypass intended network restrictions via
   overlapping IPv6 fragments.

   *

   CVE-2013-1928: The do_video_set_spu_palette function
   in fs/compat_ioctl.c in the Linux kernel lacked a certain
   error check, which might have allowed local users to obtain
   sensitive information from kernel stack memory via a
   crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb
   device.

   Also the following bugs have been fixed:

   * hugetlb: Fix regression introduced by the original
   patch (bnc#790236, bnc#819403).
   * NFSv3/v2: Fix data corruption with NFS short reads
   (bnc#818337).
   * Fix package descriptions in specfiles (bnc#817666).
   * TTY: fix atime/mtime regression (bnc#815745).
   * virtio_net: ensure big packets are 64k (bnc#760753).
   * virtio_net: refill rx buffers when oom occurs   (bnc#760753).
   * qeth: fix qeth_wait_for_threads() deadlock for OSN
   devices (bnc#812317, LTC#90910).
   * nfsd: remove unnecessary NULL checks from
   nfsd_cross_mnt (bnc#810628).
   * knfsd: Fixed problem with NFS exporting directories
   which are mounted on (bnc#810628).

   Security Issue references:

   * CVE-2012-4444
   
   * CVE-2013-1928
   

Indications:

   Everyone using the Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.


Package List:

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

      kernel-default-2.6.16.60-0.103.1
      kernel-source-2.6.16.60-0.103.1
      kernel-syms-2.6.16.60-0.103.1

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 x86_64):

      kernel-debug-2.6.16.60-0.103.1

   - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64):

      kernel-kdump-2.6.16.60-0.103.1

   - SUSE Linux Enterprise Server 10 SP4 (i586 x86_64):

      kernel-smp-2.6.16.60-0.103.1
      kernel-xen-2.6.16.60-0.103.1

   - SUSE Linux Enterprise Server 10 SP4 (i586):

      kernel-bigsmp-2.6.16.60-0.103.1
      kernel-kdumppae-2.6.16.60-0.103.1
      kernel-vmi-2.6.16.60-0.103.1
      kernel-vmipae-2.6.16.60-0.103.1
      kernel-xenpae-2.6.16.60-0.103.1

   - SUSE Linux Enterprise Server 10 SP4 (ppc):

      kernel-iseries64-2.6.16.60-0.103.1
      kernel-ppc64-2.6.16.60-0.103.1

   - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

      kernel-default-2.6.16.60-0.103.1
      kernel-smp-2.6.16.60-0.103.1
      kernel-source-2.6.16.60-0.103.1
      kernel-syms-2.6.16.60-0.103.1
      kernel-xen-2.6.16.60-0.103.1

   - SUSE Linux Enterprise Desktop 10 SP4 (i586):

      kernel-bigsmp-2.6.16.60-0.103.1
      kernel-xenpae-2.6.16.60-0.103.1

   - SLE SDK 10 SP4 (i586 ia64 x86_64):

      kernel-debug-2.6.16.60-0.103.1

   - SLE SDK 10 SP4 (i586 ppc x86_64):

      kernel-kdump-2.6.16.60-0.103.1

   - SLE SDK 10 SP4 (i586 x86_64):

      kernel-xen-2.6.16.60-0.103.1

   - SLE SDK 10 SP4 (i586):

      kernel-xenpae-2.6.16.60-0.103.1


References:

   https://www.suse.com/security/cve/CVE-2012-4444.html
   https://www.suse.com/security/cve/CVE-2013-1928.html
   https://bugzilla.novell.com/760753
   https://bugzilla.novell.com/789831
   https://bugzilla.novell.com/790236
   https://bugzilla.novell.com/810628
   https://bugzilla.novell.com/812317
   https://bugzilla.novell.com/813735
   https://bugzilla.novell.com/815745
   https://bugzilla.novell.com/817666
   https://bugzilla.novell.com/818337
   https://bugzilla.novell.com/819403
   https://login.microfocus.com/nidp/app/login
   https://login.microfocus.com/nidp/app/login
   https://login.microfocus.com/nidp/app/login
   https://login.microfocus.com/nidp/app/login
   https://login.microfocus.com/nidp/app/login

SuSE: 2013:0856-1: important: Linux kernel

June 4, 2013
An update that solves two vulnerabilities and has 8 fixes An update that solves two vulnerabilities and has 8 fixes An update that solves two vulnerabilities and has 8 fixes is now...

Summary

The SUSE Linux Enterprise 10 SP4 kernel has been updated to fix various bugs and security issues. Security issues fixed: * CVE-2012-4444: The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel allowed remote attackers to bypass intended network restrictions via overlapping IPv6 fragments. * CVE-2013-1928: The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel lacked a certain error check, which might have allowed local users to obtain sensitive information from kernel stack memory via a crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb device. Also the following bugs have been fixed: * hugetlb: Fix regression introduced by the original patch (bnc#790236, bnc#819403). * NFSv3/v2: Fix data corruption with NFS short reads (bnc#818337). * Fix package descriptions in specfiles (bnc#817666). * TTY: fix atime/mtime regression (bnc#815745). * virtio_net: ensure big ...

Read the Full Advisory

References

#760753 #789831 #790236 #810628 #812317 #813735

#815745 #817666 #818337 #819403

Cross- CVE-2012-4444 CVE-2013-1928

Affected Products:

SUSE Linux Enterprise Server 10 SP4

SUSE Linux Enterprise Desktop 10 SP4

SLE SDK 10 SP4

https://www.suse.com/security/cve/CVE-2012-4444.html

https://www.suse.com/security/cve/CVE-2013-1928.html

https://bugzilla.novell.com/760753

https://bugzilla.novell.com/789831

https://bugzilla.novell.com/790236

https://bugzilla.novell.com/810628

https://bugzilla.novell.com/812317

https://bugzilla.novell.com/813735

https://bugzilla.novell.com/815745

https://bugzilla.novell.com/817666

https://bugzilla.novell.com/818337

https://bugzilla.novell.com/819403

https://login.microfocus.com/nidp/app/login

https://login.microfocus.com/nidp/app/login

https://login.microfocus.com/nidp/app/login

https://login.microfocus.com/nidp/app/login

https://login.microfoc...

Read the Full Advisory

Severity
Announcement ID: SUSE-SU-2013:0856-1
Rating: important

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved