SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2015:0652-1
Rating:             important
References:         #771619 #833820 #846404 #857643 #875051 #885077 
                    #891211 #892235 #896390 #896391 #896779 #899338 
                    #902346 #902349 #902351 #904700 #905100 #905312 
                    #907822 #908870 #911325 #912654 #912705 #912916 
                    #913059 #915335 #915826 
Cross-References:   CVE-2010-5313 CVE-2012-6657 CVE-2013-4299
                    CVE-2013-7263 CVE-2014-0181 CVE-2014-3184
                    CVE-2014-3185 CVE-2014-3673 CVE-2014-3687
                    CVE-2014-3688 CVE-2014-7841 CVE-2014-7842
                    CVE-2014-8160 CVE-2014-8709 CVE-2014-9420
                    CVE-2014-9584 CVE-2014-9585
Affected Products:
                    SUSE Linux Enterprise Server 11 SP1 LTSS
                    SLE 11 SERVER Unsupported Extras
______________________________________________________________________________

   An update that solves 17 vulnerabilities and has 10 fixes
   is now available. It includes one version update.

Description:


   The SUSE Linux Enterprise 11 Service Pack 1 LTSS kernel was updated to fix
   security issues on kernels on the x86_64 architecture.

   The following security bugs have been fixed:

       * CVE-2013-4299: Interpretation conflict in
         drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6
         allowed remote authenticated users to obtain sensitive information
         or modify data via a crafted mapping to a snapshot block device
         (bnc#846404).
       * CVE-2014-8160: SCTP firewalling failed until the SCTP module was
         loaded (bnc#913059).
       * CVE-2014-9584: The parse_rock_ridge_inode_internal function in
         fs/isofs/rock.c in the Linux kernel before 3.18.2 did not validate a
         length value in the Extensions Reference (ER) System Use Field,
         which allowed local users to obtain sensitive information from
         kernel memory via a crafted iso9660 image (bnc#912654).
       * CVE-2014-9585: The vdso_addr function in arch/x86/vdso/vma.c in the
         Linux kernel through 3.18.2 did not properly choose memory locations
         for the vDSO area, which made it easier for local users to bypass
         the ASLR protection mechanism by guessing a location at the end of a
         PMD (bnc#912705).
       * CVE-2014-9420: The rock_continue function in fs/isofs/rock.c in the
         Linux kernel through 3.18.1 did not restrict the number of Rock
         Ridge continuation entries, which allowed local users to cause a
         denial of service (infinite loop, and system crash or hang) via a
         crafted iso9660 image (bnc#911325).
       * CVE-2014-0181: The Netlink implementation in the Linux kernel
         through 3.14.1 did not provide a mechanism for authorizing socket
         operations based on the opener of a socket, which allowed local
         users to bypass intended access restrictions and modify network
         configurations by using a Netlink socket for the (1) stdout or (2)
         stderr of a setuid program (bnc#875051).
       * CVE-2010-5313: Race condition in arch/x86/kvm/x86.c in the Linux
         kernel before 2.6.38 allowed L2 guest OS users to cause a denial of
         service (L1 guest OS crash) via a crafted instruction that triggers         an L2 emulation failure report, a similar issue to CVE-2014-7842
         (bnc#907822).
       * CVE-2014-7842: Race condition in arch/x86/kvm/x86.c in the Linux
         kernel before 3.17.4 allowed guest OS users to cause a denial of
         service (guest OS crash) via a crafted application that performs an
         MMIO transaction or a PIO transaction to trigger a guest userspace
         emulation error report, a similar issue to CVE-2010-5313
         (bnc#905312).
       * CVE-2014-3688: The SCTP implementation in the Linux kernel before
         3.17.4 allowed remote attackers to cause a denial of service (memory
         consumption) by triggering a large number of chunks in an
         associations output queue, as demonstrated by ASCONF probes, related
         to net/sctp/inqueue.c and net/sctp/sm_statefuns.c (bnc#902351).
       * CVE-2014-3687: The sctp_assoc_lookup_asconf_ack function in
         net/sctp/associola.c in the SCTP implementation in the Linux kernel
         through 3.17.2 allowed remote attackers to cause a denial of service
         (panic) via duplicate ASCONF chunks that trigger an incorrect uncork
         within the side-effect interpreter (bnc#902349).
       * CVE-2014-3673: The SCTP implementation in the Linux kernel through
         3.17.2 allowed remote attackers to cause a denial of service (system
         crash) via a malformed ASCONF chunk, related to
         net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c (bnc#902346).
       * CVE-2014-7841: The sctp_process_param function in
         net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux
         kernel before 3.17.4, when ASCONF is used, allowed remote attackers         to cause a denial of service (NULL pointer dereference and system
         crash) via a malformed INIT chunk (bnc#905100).
       * CVE-2014-8709: The ieee80211_fragment function in net/mac80211/tx.c
         in the Linux kernel before 3.13.5 did not properly maintain a
         certain tail pointer, which allowed remote attackers to obtain
         sensitive cleartext information by reading packets (bnc#904700).
       * CVE-2013-7263: The Linux kernel before 3.12.4 updated certain length
         values before ensuring that associated data structures have been
         initialized, which allowed local users to obtain sensitive
         information from kernel stack memory via a (1) recvfrom, (2)
         recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c,
         net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c
         (bnc#857643).
       * CVE-2012-6657: The sock_setsockopt function in net/core/sock.c in
         the Linux kernel before 3.5.7 did not ensure that a keepalive action
         is associated with a stream socket, which allowed local users to
         cause a denial of service (system crash) by leveraging the ability
         to create a raw socket (bnc#896779).
       * CVE-2014-3185: Multiple buffer overflows in the
         command_port_read_callback function in
         drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in
         the Linux kernel before 3.16.2 allowed physically proximate
         attackers to execute arbitrary code or cause a denial of service
         (memory corruption and system crash) via a crafted device that
         provides a large amount of (1) EHCI or (2) XHCI data associated with
         a bulk response (bnc#896391).
       * CVE-2014-3184: The report_fixup functions in the HID subsystem in
         the Linux kernel before 3.16.2 might allow physically proximate
         attackers to cause a denial of service (out-of-bounds write) via a
         crafted device that provides a small report descriptor, related to
         (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3)
         drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5)
         drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c
         (bnc#896390).

   The following non-security bugs have been fixed:

       * KVM: SVM: Make Use of the generic guest-mode functions (bnc#907822).
       * KVM: inject #UD if instruction emulation fails and exit to userspace
         (bnc#907822).
       * block: Fix bogus partition statistics reports (bnc#885077
         bnc#891211).
       * block: skip request queue cleanup if no elevator is assigned
         (bnc#899338).
       * isofs: Fix unchecked printing of ER records.
       * Re-enable nested-spinlocks-backport patch for xen (bnc#908870).
       * time, ntp: Do not update time_state in middle of leap second
         (bnc#912916).
       * timekeeping: Avoid possible deadlock from clock_was_set_delayed
         (bnc#771619, bnc#915335).
       * udf: Check component length before reading it.
       * udf: Check path length when reading symlink.
       * udf: Verify i_size when loading inode.
       * udf: Verify symlink size before loading it.
       * vt: prevent race between modifying and reading unicode map
         (bnc#915826).
       * writeback: Do not sync data dirtied after sync start (bnc#833820).
       * xfs: Avoid blocking on inode flush in background inode reclaim
         (bnc#892235).

   Security Issues:

       * CVE-2010-5313
         
       * CVE-2012-6657
         
       * CVE-2013-4299
         
       * CVE-2013-7263
         
       * CVE-2014-0181
         
       * CVE-2014-3184
         
       * CVE-2014-3185
         
       * CVE-2014-3673
         
       * CVE-2014-3687
         
       * CVE-2014-3688
         
       * CVE-2014-7841
         
       * CVE-2014-7842
         
       * CVE-2014-8160
         
       * CVE-2014-8709
         
       * CVE-2014-9420
         
       * CVE-2014-9584
         
       * CVE-2014-9585
         

Indications:

   Everyone using the Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11 SP1 LTSS:

      zypper in -t patch slessp1-kernel=10315 slessp1-kernel=10316 slessp1-kernel=10317

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64) [New Version: 2.6.32.59]:

      kernel-default-2.6.32.59-0.19.1
      kernel-default-base-2.6.32.59-0.19.1
      kernel-default-devel-2.6.32.59-0.19.1
      kernel-source-2.6.32.59-0.19.1
      kernel-syms-2.6.32.59-0.19.1
      kernel-trace-2.6.32.59-0.19.1
      kernel-trace-base-2.6.32.59-0.19.1
      kernel-trace-devel-2.6.32.59-0.19.1

   - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 x86_64) [New Version: 2.6.32.59]:

      kernel-ec2-2.6.32.59-0.19.1
      kernel-ec2-base-2.6.32.59-0.19.1
      kernel-ec2-devel-2.6.32.59-0.19.1
      kernel-xen-2.6.32.59-0.19.1
      kernel-xen-base-2.6.32.59-0.19.1
      kernel-xen-devel-2.6.32.59-0.19.1
      xen-kmp-default-4.0.3_21548_18_2.6.32.59_0.19-0.9.17
      xen-kmp-trace-4.0.3_21548_18_2.6.32.59_0.19-0.9.17

   - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x) [New Version: 2.6.32.59]:

      kernel-default-man-2.6.32.59-0.19.1

   - SUSE Linux Enterprise Server 11 SP1 LTSS (i586) [New Version: 2.6.32.59]:

      kernel-pae-2.6.32.59-0.19.1
      kernel-pae-base-2.6.32.59-0.19.1
      kernel-pae-devel-2.6.32.59-0.19.1
      xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.19-0.9.17

   - SLE 11 SERVER Unsupported Extras (i586 s390x x86_64):

      kernel-default-extra-2.6.32.59-0.19.1

   - SLE 11 SERVER Unsupported Extras (i586 x86_64):

      kernel-xen-extra-2.6.32.59-0.19.1

   - SLE 11 SERVER Unsupported Extras (i586):

      kernel-pae-extra-2.6.32.59-0.19.1


References:

   https://www.suse.com/security/cve/CVE-2010-5313.html
   https://www.suse.com/security/cve/CVE-2012-6657.html
   https://www.suse.com/security/cve/CVE-2013-4299.html
   https://www.suse.com/security/cve/CVE-2013-7263.html
   https://www.suse.com/security/cve/CVE-2014-0181.html
   https://www.suse.com/security/cve/CVE-2014-3184.html
   https://www.suse.com/security/cve/CVE-2014-3185.html
   https://www.suse.com/security/cve/CVE-2014-3673.html
   https://www.suse.com/security/cve/CVE-2014-3687.html
   https://www.suse.com/security/cve/CVE-2014-3688.html
   https://www.suse.com/security/cve/CVE-2014-7841.html
   https://www.suse.com/security/cve/CVE-2014-7842.html
   https://www.suse.com/security/cve/CVE-2014-8160.html
   https://www.suse.com/security/cve/CVE-2014-8709.html
   https://www.suse.com/security/cve/CVE-2014-9420.html
   https://www.suse.com/security/cve/CVE-2014-9584.html
   https://www.suse.com/security/cve/CVE-2014-9585.html
   https://bugzilla.suse.com/771619
   https://bugzilla.suse.com/833820
   https://bugzilla.suse.com/846404
   https://bugzilla.suse.com/857643
   https://bugzilla.suse.com/875051
   https://bugzilla.suse.com/885077
   https://bugzilla.suse.com/891211
   https://bugzilla.suse.com/892235
   https://bugzilla.suse.com/896390
   https://bugzilla.suse.com/896391
   https://bugzilla.suse.com/896779
   https://bugzilla.suse.com/899338
   https://bugzilla.suse.com/902346
   https://bugzilla.suse.com/902349
   https://bugzilla.suse.com/902351
   https://bugzilla.suse.com/904700
   https://bugzilla.suse.com/905100
   https://bugzilla.suse.com/905312
   https://bugzilla.suse.com/907822
   https://bugzilla.suse.com/908870
   https://bugzilla.suse.com/911325
   https://bugzilla.suse.com/912654
   https://bugzilla.suse.com/912705
   https://bugzilla.suse.com/912916
   https://bugzilla.suse.com/913059
   https://bugzilla.suse.com/915335
   https://bugzilla.suse.com/915826
   https://scc.suse.com:443/patches/
   https://scc.suse.com:443/patches/
   https://scc.suse.com:443/patches/
   https://scc.suse.com:443/patches/
   https://scc.suse.com:443/patches/
   https://scc.suse.com:443/patches/

SuSE: 2015:0652-1: important: Linux kernel

April 2, 2015
An update that solves 17 vulnerabilities and has 10 fixes An update that solves 17 vulnerabilities and has 10 fixes An update that solves 17 vulnerabilities and has 10 fixes is now...

Summary

The SUSE Linux Enterprise 11 Service Pack 1 LTSS kernel was updated to fix security issues on kernels on the x86_64 architecture. The following security bugs have been fixed: * CVE-2013-4299: Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allowed remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device (bnc#846404). * CVE-2014-8160: SCTP firewalling failed until the SCTP module was loaded (bnc#913059). * CVE-2014-9584: The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 did not validate a length value in the Extensions Reference (ER) System Use Field, which allowed local users to obtain sensitive information from kernel memory via a crafted iso9660 image (bnc#912654). * CVE-2014-9585: The vdso_addr functio...

Read the Full Advisory

References

#771619 #833820 #846404 #857643 #875051 #885077

#891211 #892235 #896390 #896391 #896779 #899338

#902346 #902349 #902351 #904700 #905100 #905312

#907822 #908870 #911325 #912654 #912705 #912916

#913059 #915335 #915826

Cross- CVE-2010-5313 CVE-2012-6657 CVE-2013-4299

CVE-2013-7263 CVE-2014-0181 CVE-2014-3184

CVE-2014-3185 CVE-2014-3673 CVE-2014-3687

CVE-2014-3688 CVE-2014-7841 CVE-2014-7842

CVE-2014-8160 CVE-2014-8709 CVE-2014-9420

CVE-2014-9584 CVE-2014-9585

Affected Products:

SUSE Linux Enterprise Server 11 SP1 LTSS

SLE 11 SERVER Unsupported Extras

https://www.suse.com/security/cve/CVE-2010-5313.html

https://www.suse.com/security/cve/CVE-2012-6657.html

https://www.suse.com/security/cve/CVE-2013-4299.html

https://www.suse.com/security/cve/CVE-2013-7263.html

...

Read the Full Advisory

Severity
Announcement ID: SUSE-SU-2015:0652-1
Rating: important

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved