[security-announce] openSUSE-SU-2012:0236-1: important: kernel: security and bugfix update.

9 Feb 2012

      openSUSE Security Update: kernel: security and bugfix update.
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2012:0236-1
Rating:             important
References:         #676602 #679059 #681180 #681181 #681184 #681185 
                    #691052 #692498 #699709 #700879 #702037 #707288 
                    #709561 #709764 #710235 #713933 #723999 #726788 
                    #736149 
Cross-References:   CVE-2011-1080 CVE-2011-1170 CVE-2011-1171
                    CVE-2011-1172 CVE-2011-1173 CVE-2011-1770
                    CVE-2011-2203 CVE-2011-2213 CVE-2011-2534
                    CVE-2011-2699 CVE-2011-2723 CVE-2011-2898
                    CVE-2011-4081 CVE-2011-4087 CVE-2011-4604

Affected Products:
                    openSUSE 11.4
______________________________________________________________________________

   An update that solves 15 vulnerabilities and has four fixes
   is now available. It includes one version update.

Description:

   The openSUSE 11.4 kernel was updated to fix bugs and
   security issues.

   Following security issues have been fixed: CVE-2011-4604:
   If root does read() on a specific socket, it's possible to
   corrupt (kernel) memory over network, with an ICMP packet,
   if the B.A.T.M.A.N. mesh protocol is used.

   CVE-2011-2699: Fernando Gont discovered that the IPv6 stack
   used predictable fragment identification numbers. A remote
   attacker could exploit this to exhaust network resources,
   leading to a denial of service.

   CVE-2011-1173: A kernel information leak via ip6_tables was
   fixed.

   CVE-2011-1172: A kernel information leak via ip6_tables
   netfilter was fixed.

   CVE-2011-1171: A kernel information leak via ip_tables was
   fixed.

   CVE-2011-1170: A kernel information leak via arp_tables was
   fixed.

   CVE-2011-1080: A kernel information leak via netfilter was
   fixed.

   CVE-2011-2213: The inet_diag_bc_audit function in
   net/ipv4/inet_diag.c in the Linux kernel did not properly
   audit INET_DIAG bytecode, which allowed local users to
   cause a denial of service (kernel infinite loop) via
   crafted INET_DIAG_REQ_BYTECODE instructions in a netlink
   message, as demonstrated by an INET_DIAG_BC_JMP instruction
   with a zero yes value, a different vulnerability than
   CVE-2010-3880.

   CVE-2011-2534: Buffer overflow in the clusterip_proc_write
   function in net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux
   kernel might have allowed local users to cause a denial of
   service or have unspecified other impact via a crafted
   write operation, related to string data that lacks a
   terminating '\0' character.

   CVE-2011-1770: Integer underflow in the dccp_parse_options
   function (net/dccp/options.c) in the Linux kernel allowed
   remote attackers to cause a denial of service via a
   Datagram Congestion Control Protocol (DCCP) packet with an
   invalid feature options length, which triggered a buffer
   over-read.

   CVE-2011-2723: The skb_gro_header_slow function in
   include/linux/netdevice.h in the Linux kernel, when Generic
   Receive Offload (GRO) is enabled, reset certain fields in
   incorrect situations, which allowed remote attackers to
   cause a denial of service (system crash) via crafted
   network traffic.

   CVE-2011-2898: A kernel information leak in the AF_PACKET
   protocol was fixed which might have allowed local attackers
   to read kernel memory.

   CVE-2011-4087: A local denial of service when using bridged
   networking via a flood ping was fixed.

   CVE-2011-2203: A NULL ptr dereference on mounting corrupt
   hfs filesystems was fixed which could be used by local
   attackers to crash the kernel.

   CVE-2011-4081: Using the crypto interface a local user
   could Oops the kernel by writing to a AF_ALG socket.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.4:

      zypper in -t patch kernel-5606

   To bring your system up-to-date, use "zypper patch".

Package List:

   - openSUSE 11.4 (i586 x86_64) [New Version: 2.6.37.6]:

      kernel-debug-2.6.37.6-0.11.1
      kernel-debug-base-2.6.37.6-0.11.1
      kernel-debug-devel-2.6.37.6-0.11.1
      kernel-default-2.6.37.6-0.11.1
      kernel-default-base-2.6.37.6-0.11.1
      kernel-default-devel-2.6.37.6-0.11.1
      kernel-desktop-2.6.37.6-0.11.1
      kernel-desktop-base-2.6.37.6-0.11.1
      kernel-desktop-devel-2.6.37.6-0.11.1
      kernel-ec2-2.6.37.6-0.11.1
      kernel-ec2-base-2.6.37.6-0.11.1
      kernel-ec2-devel-2.6.37.6-0.11.1
      kernel-ec2-extra-2.6.37.6-0.11.1
      kernel-syms-2.6.37.6-0.11.1
      kernel-trace-2.6.37.6-0.11.1
      kernel-trace-base-2.6.37.6-0.11.1
      kernel-trace-devel-2.6.37.6-0.11.1
      kernel-vanilla-2.6.37.6-0.11.1
      kernel-vanilla-base-2.6.37.6-0.11.1
      kernel-vanilla-devel-2.6.37.6-0.11.1
      kernel-xen-2.6.37.6-0.11.1
      kernel-xen-base-2.6.37.6-0.11.1
      kernel-xen-devel-2.6.37.6-0.11.1
      preload-kmp-default-1.2_k2.6.37.6_0.11-6.7.28
      preload-kmp-desktop-1.2_k2.6.37.6_0.11-6.7.28

   - openSUSE 11.4 (noarch) [New Version: 2.6.37.6]:

      kernel-devel-2.6.37.6-0.11.1
      kernel-docs-2.6.37.6-0.11.1
      kernel-source-2.6.37.6-0.11.1
      kernel-source-vanilla-2.6.37.6-0.11.1

   - openSUSE 11.4 (i586) [New Version: 2.6.37.6]:

      kernel-pae-2.6.37.6-0.11.1
      kernel-pae-base-2.6.37.6-0.11.1
      kernel-pae-devel-2.6.37.6-0.11.1
      kernel-vmi-2.6.37.6-0.11.1
      kernel-vmi-base-2.6.37.6-0.11.1
      kernel-vmi-devel-2.6.37.6-0.11.1

References:

   http://support.novell.com/security/cve/CVE-2011-1080.html
   http://support.novell.com/security/cve/CVE-2011-1170.html
   http://support.novell.com/security/cve/CVE-2011-1171.html
   http://support.novell.com/security/cve/CVE-2011-1172.html
   http://support.novell.com/security/cve/CVE-2011-1173.html
   http://support.novell.com/security/cve/CVE-2011-1770.html
   http://support.novell.com/security/cve/CVE-2011-2203.html
   http://support.novell.com/security/cve/CVE-2011-2213.html
   http://support.novell.com/security/cve/CVE-2011-2534.html
   http://support.novell.com/security/cve/CVE-2011-2699.html
   http://support.novell.com/security/cve/CVE-2011-2723.html
   http://support.novell.com/security/cve/CVE-2011-2898.html
   http://support.novell.com/security/cve/CVE-2011-4081.html
   http://support.novell.com/security/cve/CVE-2011-4087.html
   http://support.novell.com/security/cve/CVE-2011-4604.html
   https://bugzilla.novell.com/676602
   https://bugzilla.novell.com/679059
   https://bugzilla.novell.com/681180
   https://bugzilla.novell.com/681181
   https://bugzilla.novell.com/681184
   https://bugzilla.novell.com/681185
   https://bugzilla.novell.com/691052
   https://bugzilla.novell.com/692498
   https://bugzilla.novell.com/699709
   https://bugzilla.novell.com/700879
   https://bugzilla.novell.com/702037
   https://bugzilla.novell.com/707288
   https://bugzilla.novell.com/709561
   https://bugzilla.novell.com/709764
   https://bugzilla.novell.com/710235
   https://bugzilla.novell.com/713933
   https://bugzilla.novell.com/723999
   https://bugzilla.novell.com/726788
   https://bugzilla.novell.com/736149

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

[security-announce] openSUSE-SU-2012:0236-1: important: kernel: security and bugfix update.

opensuse-security＠opensuse.org