SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0616-1 Rating: important References: #611264 #617344 #624072 #652942 #668194 #676204 #688079 #693639 #697920 #700449 #704280 #713148 #714507 #716850 #717994 #719793 #720374 #721366 #727834 #729247 #731809 #733761 #734300 #734900 #737326 #738210 #738503 #738528 #738679 #740180 #740895 #740969 #742210 #742358 #743209 #743619 #744163 #744658 #745422 #745699 #745832 #745929 #746980 #747028 #747430 #747445 #748112 #748279 #748812 #749342 #749569 #749886 #750079 #750171 #751322 #751844 #751880 #752491 #752634 #752972 #755178 #755537 #756448 #756840 #757917 #758532 #758813 #759544 Cross-References: CVE-2011-1083 CVE-2011-4086 CVE-2011-4622 CVE-2012-0045 CVE-2012-0879 CVE-2012-1090 CVE-2012-1097 CVE-2012-2133 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise High Availability Extension 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves 8 vulnerabilities and has 60 fixes is now available. It includes one version update. Description: The SUSE Linux Enterprise 11 SP1 kernel have been updated to the 2.6.32.59 stable release to fix a lot of bugs and security issues. The following security issues have been fixed: * CVE-2012-2133: A use after free bug in hugetlb support could be used by local attackers to crash the system. * CVE-2012-1097: A null pointer dereference bug in the regsets proc file could be used by local attackers to perhaps crash the system. With mmap_min_addr is set and enabled, exploitation is unlikely. * CVE-2012-0879: A reference counting issue in CLONE_IO could be used by local attackers to cause a denial of service (out of memory). * CVE-2012-1090: A file handle leak in CIFS code could be used by local attackers to crash the system. * CVE-2011-1083: Large nested epoll chains could be used by local attackers to cause a denial of service (excessive CPU consumption). * CVE-2011-4622: When using KVM, programming a PIT timer without a irqchip configuration, can be used to crash the kvm guest. This likely can be done only by a privileged guest user. * CVE-2012-0045: A KVM 32bit guest crash in "syscall" opcode handling was fixed that could be caused by local attackers. * CVE-2011-4086: Fixed a oops in jbd/jbd2 that could be caused by specific filesystem access patterns. The following non-security issues have been fixed: X86: * x86: fix the initialization of physnode_map (bnc#748112). * x86: Allow bootmem reserves at greater than 8G node offset within a node (bnc#740895). * x86, tsc: Fix SMI induced variation in quick_pit_calibrate(). (bnc#751322) * x86, efi: Work around broken firmware. (bnc#714507) BONDING: * bonding: update speed/duplex for NETDEV_CHANGE (bnc#752634). * bonding: comparing a u8 with -1 is always false (bnc#752634). * bonding: start slaves with link down for ARP monitor (bnc#752634). * bonding: send gratuitous ARP for all addresses (bnc#752491). XFS: * xfs: Fix excessive inode syncing when project quota is exceeded (bnc#756448). * xfs: Fix oops on IO error during xlog_recover_process_iunlinks() (bnc#716850). SCSI: * scsi/ses: Handle non-unique element descriptors (bnc#749342, bnc#617344). * scsi/sd: mark busy sd majors as allocated (bug#744658). * scsi: Check for invalid sdev in scsi_prep_state_check() (bnc#734300). MD/RAID: * md: fix possible corruption of array metadata on shutdown. * md: ensure changes to write-mostly are reflected in metadata (bnc#755178). * md: do not set md arrays to readonly on shutdown (bnc#740180, bnc#713148, bnc#734900). XEN: * smpboot: adjust ordering of operations. * x86-64: provide a memset() that can deal with 4Gb or above at a time (bnc#738528). * blkfront: properly fail packet requests (bnc#745929). * Update Xen patches to 2.6.32.57. * xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX. * xenbus_dev: add missing error checks to watch handling. * Refresh other Xen patches (bnc#652942, bnc#668194, bnc#688079). * fix Xen-specific kABI issue in Linux 2.6.19. NFS: * NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and MKDIR (bnc#751880). * nfs: Include SYNC flag when comparing mount options with NOAC flag (bnc#745422). * NFS returns EIO for EDQUOT and others (bnc#747028). * lockd: fix arg parsing for grace_period and timeout (bnc#733761). * nfs: allow nfs4leasetime to be set before starting servers (bnc#733761). * nfs: handle d_revalidate of dot correctly (bnc#731809). S/390: * ctcmpc: use correct idal word list for ctcmpc (bnc#750171,LTC#79264). * qeth: synchronize discipline module loading (bnc#747430,LTC#78788). * qdio: avoid race leading to stall when tolerating CQ (bnc#737326,LTC#76599). * kernel: no storage key operations for invalid page table entries (bnc#737326,LTC#77697). OTHER: * tlan: add cast needed for proper 64 bit operation (bnc#756840). * dl2k: Tighten ioctl permissions (bnc#758813). * tg3: Fix RSS ring refill race condition (bnc#757917). * usbhid: fix error handling of not enough bandwidth (bnc#704280). * pagecache limit: Fix the shmem deadlock (bnc#755537). * tty_audit: fix tty_audit_add_data live lock on audit disabled (bnc#721366). * ixgbe: driver sets all WOL flags upon initialization so that machine is powered on as soon at it is switched off (bnc#693639) * PCI: Set device power state to PCI_D0 for device without native PM support (bnc#752972). * dlm: Do not allocate a fd for peeloff (bnc#729247). * sctp: Export sctp_do_peeloff (bnc#729247). * epoll: Do not limit non-nested epoll paths (bnc#676204). * mlx4: Limit MSI-X vector allocation (bnc#624072). * mlx4: Changing interrupt scheme (bnc#624072). * mlx4_en: Assigning TX irq per ring (bnc#624072). * mlx4_en: Restoring RX buffer pointer in case of failure (bnc#624072). * mlx4_en: using new mlx4 interrupt scheme (bnc#624072). * igb: Fix for Alt MAC Address feature on 82580 and later devices (bnc#746980). * igb: Power down link when interface is down (bnc#745699). * igb: use correct bits to identify if managability is enabled (bnc#743209). * intel_agp: Do not oops with zero stolen memory (bnc#738679). * agp: fix scratch page cleanup (bnc#738679). * hugetlb: add generic definition of NUMA_NO_NODE (bnc#751844). * sched: Fix proc_sched_set_task() (bnc#717994). * PM: Print a warning if firmware is requested when tasks are frozen (bnc#749886). * PM / Sleep: Fix freezer failures due to racy usermodehelper_is_disabled() (bnc#749886). * PM / Sleep: Fix read_unlock_usermodehelper() call (bnc#749886). * firmware loader: allow builtin firmware load even if usermodehelper is disabled (bnc#749886). * PM / Hibernate: Enable usermodehelpers in software_resume() error path (bnc#744163). * ipv6: Allow inet6_dump_addr() to handle more than 64 addresses (bnc#748279). * ipv6: fix refcnt problem related to POSTDAD state (bnc#743619). * be2net: change to show correct physical link status (bnc#727834). * be2net: changes to properly provide phy details (bnc#727834). * aio: fix race between io_destroy() and io_submit() (bnc#747445 bnc#611264). * intel-iommu: Check for identity mapping candidate using system dma mask (bnc#700449). * intel-iommu: Dont cache iova above 32bit (bnc#700449). * intel-iommu: Add domain check in domain_remove_one_dev_info (bnc#700449). * intel-iommu: Provide option to enable 64-bit IOMMU pass through mode (bnc#700449). * intel-iommu: Remove Host Bridge devices from identity mapping (bnc#700449). * intel-iommu: Speed up processing of the identity_mapping function (bnc#700449). * intel-iommu: Use coherent DMA mask when requested (bnc#700449). * 1: Fix accounting of softirq time when idle (bnc#719793). * driver-core: fix race between device_register and driver_register (bnc#742358). * dcache: patches.fixes/large-hash-dcache_init-fix.patch: Fix oops when initializing large hash on > 16TB machine (bnc#742210). * kdump: Save PG_compound or PG_head value in VMCOREINFO (bnc#738503). * Update config files: disable NET_9P_RDMA (bnc#720374). * cdc-wdm: fix race leading leading to memory corruption (bnc#759544). Security Issue references: * CVE-2011-1083 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1083
* CVE-2011-4086 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4086
* CVE-2011-4622 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4622
* CVE-2012-0045 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0045
* CVE-2012-0879 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0879
* CVE-2012-1090 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1090
* CVE-2012-1097 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1097
* CVE-2012-2133 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2133
Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-kernel-6227 slessp1-kernel-6228 slessp1-kernel-6229 slessp1-kernel-6238 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-kernel-6227 slessp1-kernel-6230 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-kernel-6227 slessp1-kernel-6228 slessp1-kernel-6229 slessp1-kernel-6230 slessp1-kernel-6238 - SUSE Linux Enterprise High Availability Extension 11 SP1: zypper in -t patch sleshasp1-kernel-6227 sleshasp1-kernel-6228 sleshasp1-kernel-6229 sleshasp1-kernel-6230 sleshasp1-kernel-6238 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-kernel-6227 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-kernel-6227 sledsp1-kernel-6230 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x): btrfs-kmp-default-0_2.6.32.59_0.3-0.3.92 ext4dev-kmp-default-0_2.6.32.59_0.3-7.9.59 ext4dev-kmp-trace-0_2.6.32.59_0.3-7.9.59 - SUSE Linux Enterprise Server 11 SP2 (ppc64): ext4dev-kmp-ppc64-0_2.6.32.59_0.3-7.9.59 - SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 2.6.32.59]: btrfs-kmp-pae-0_2.6.32.59_0.3-0.3.92 btrfs-kmp-xen-0_2.6.32.59_0.3-0.3.92 ext4dev-kmp-pae-0_2.6.32.59_0.3-7.9.59 ext4dev-kmp-xen-0_2.6.32.59_0.3-7.9.59 hyper-v-kmp-default-0_2.6.32.59_0.3-0.18.16 hyper-v-kmp-pae-0_2.6.32.59_0.3-0.18.16 hyper-v-kmp-trace-0_2.6.32.59_0.3-0.18.16 kernel-ec2-2.6.32.59-0.3.1 kernel-ec2-base-2.6.32.59-0.3.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 2.6.32.59]: btrfs-kmp-default-0_2.6.32.59_0.3-0.3.92 ext4dev-kmp-default-0_2.6.32.59_0.3-7.9.59 ext4dev-kmp-trace-0_2.6.32.59_0.3-7.9.59 hyper-v-kmp-default-0_2.6.32.59_0.3-0.18.16 hyper-v-kmp-trace-0_2.6.32.59_0.3-0.18.16 kernel-default-2.6.32.59-0.3.1 kernel-default-base-2.6.32.59-0.3.1 kernel-default-devel-2.6.32.59-0.3.1 kernel-source-2.6.32.59-0.3.1 kernel-syms-2.6.32.59-0.3.1 kernel-trace-2.6.32.59-0.3.1 kernel-trace-base-2.6.32.59-0.3.1 kernel-trace-devel-2.6.32.59-0.3.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586) [New Version: 2.6.32.59]: btrfs-kmp-pae-0_2.6.32.59_0.3-0.3.92 ext4dev-kmp-pae-0_2.6.32.59_0.3-7.9.59 hyper-v-kmp-pae-0_2.6.32.59_0.3-0.18.16 kernel-pae-2.6.32.59-0.3.1 kernel-pae-base-2.6.32.59-0.3.1 kernel-pae-devel-2.6.32.59-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.32.59]: btrfs-kmp-default-0_2.6.32.59_0.3-0.3.92 ext4dev-kmp-default-0_2.6.32.59_0.3-7.9.59 ext4dev-kmp-trace-0_2.6.32.59_0.3-7.9.59 kernel-default-2.6.32.59-0.3.1 kernel-default-base-2.6.32.59-0.3.1 kernel-default-devel-2.6.32.59-0.3.1 kernel-source-2.6.32.59-0.3.1 kernel-syms-2.6.32.59-0.3.1 kernel-trace-2.6.32.59-0.3.1 kernel-trace-base-2.6.32.59-0.3.1 kernel-trace-devel-2.6.32.59-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (i586 x86_64) [New Version: 2.6.32.59]: btrfs-kmp-xen-0_2.6.32.59_0.3-0.3.92 ext4dev-kmp-xen-0_2.6.32.59_0.3-7.9.59 hyper-v-kmp-default-0_2.6.32.59_0.3-0.18.16 hyper-v-kmp-trace-0_2.6.32.59_0.3-0.18.16 kernel-ec2-2.6.32.59-0.3.1 kernel-ec2-base-2.6.32.59-0.3.1 kernel-ec2-devel-2.6.32.59-0.3.1 kernel-xen-2.6.32.59-0.3.1 kernel-xen-base-2.6.32.59-0.3.1 kernel-xen-devel-2.6.32.59-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (s390x) [New Version: 2.6.32.59]: kernel-default-man-2.6.32.59-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64) [New Version: 2.6.32.59]: ext4dev-kmp-ppc64-0_2.6.32.59_0.3-7.9.59 kernel-ppc64-2.6.32.59-0.3.1 kernel-ppc64-base-2.6.32.59-0.3.1 kernel-ppc64-devel-2.6.32.59-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (i586) [New Version: 2.6.32.59]: btrfs-kmp-pae-0_2.6.32.59_0.3-0.3.92 ext4dev-kmp-pae-0_2.6.32.59_0.3-7.9.59 hyper-v-kmp-pae-0_2.6.32.59_0.3-0.18.16 kernel-pae-2.6.32.59-0.3.1 kernel-pae-base-2.6.32.59-0.3.1 kernel-pae-devel-2.6.32.59-0.3.1 - SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_2.6.32.59_0.3-2.5.45 cluster-network-kmp-trace-1.4_2.6.32.59_0.3-2.5.45 gfs2-kmp-default-2_2.6.32.59_0.3-0.2.91 gfs2-kmp-trace-2_2.6.32.59_0.3-0.2.91 ocfs2-kmp-default-1.6_2.6.32.59_0.3-0.4.2.45 ocfs2-kmp-trace-1.6_2.6.32.59_0.3-0.4.2.45 - SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 x86_64): cluster-network-kmp-xen-1.4_2.6.32.59_0.3-2.5.45 gfs2-kmp-xen-2_2.6.32.59_0.3-0.2.91 ocfs2-kmp-xen-1.6_2.6.32.59_0.3-0.4.2.45 - SUSE Linux Enterprise High Availability Extension 11 SP1 (ppc64): cluster-network-kmp-ppc64-1.4_2.6.32.59_0.3-2.5.45 gfs2-kmp-ppc64-2_2.6.32.59_0.3-0.2.91 ocfs2-kmp-ppc64-1.6_2.6.32.59_0.3-0.4.2.45 - SUSE Linux Enterprise High Availability Extension 11 SP1 (i586): cluster-network-kmp-pae-1.4_2.6.32.59_0.3-2.5.45 gfs2-kmp-pae-2_2.6.32.59_0.3-0.2.91 ocfs2-kmp-pae-1.6_2.6.32.59_0.3-0.4.2.45 - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 2.6.32.59]: btrfs-kmp-default-0_2.6.32.59_0.3-0.3.92 btrfs-kmp-pae-0_2.6.32.59_0.3-0.3.92 btrfs-kmp-xen-0_2.6.32.59_0.3-0.3.92 hyper-v-kmp-default-0_2.6.32.59_0.3-0.18.16 hyper-v-kmp-pae-0_2.6.32.59_0.3-0.18.16 kernel-desktop-devel-2.6.32.59-0.3.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 2.6.32.59]: btrfs-kmp-default-0_2.6.32.59_0.3-0.3.92 btrfs-kmp-xen-0_2.6.32.59_0.3-0.3.92 hyper-v-kmp-default-0_2.6.32.59_0.3-0.18.16 kernel-default-2.6.32.59-0.3.1 kernel-default-base-2.6.32.59-0.3.1 kernel-default-devel-2.6.32.59-0.3.1 kernel-default-extra-2.6.32.59-0.3.1 kernel-desktop-devel-2.6.32.59-0.3.1 kernel-source-2.6.32.59-0.3.1 kernel-syms-2.6.32.59-0.3.1 kernel-trace-devel-2.6.32.59-0.3.1 kernel-xen-2.6.32.59-0.3.1 kernel-xen-base-2.6.32.59-0.3.1 kernel-xen-devel-2.6.32.59-0.3.1 kernel-xen-extra-2.6.32.59-0.3.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586) [New Version: 2.6.32.59]: btrfs-kmp-pae-0_2.6.32.59_0.3-0.3.92 hyper-v-kmp-pae-0_2.6.32.59_0.3-0.18.16 kernel-pae-2.6.32.59-0.3.1 kernel-pae-base-2.6.32.59-0.3.1 kernel-pae-devel-2.6.32.59-0.3.1 kernel-pae-extra-2.6.32.59-0.3.1 - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-2.6.32.59-0.3.1 - SLE 11 SERVER Unsupported Extras (i586 x86_64): kernel-xen-extra-2.6.32.59-0.3.1 - SLE 11 SERVER Unsupported Extras (ppc64): kernel-ppc64-extra-2.6.32.59-0.3.1 - SLE 11 SERVER Unsupported Extras (i586): kernel-pae-extra-2.6.32.59-0.3.1 References: http://support.novell.com/security/cve/CVE-2011-1083.html http://support.novell.com/security/cve/CVE-2011-4086.html http://support.novell.com/security/cve/CVE-2011-4622.html http://support.novell.com/security/cve/CVE-2012-0045.html http://support.novell.com/security/cve/CVE-2012-0879.html http://support.novell.com/security/cve/CVE-2012-1090.html http://support.novell.com/security/cve/CVE-2012-1097.html http://support.novell.com/security/cve/CVE-2012-2133.html https://bugzilla.novell.com/611264 https://bugzilla.novell.com/617344 https://bugzilla.novell.com/624072 https://bugzilla.novell.com/652942 https://bugzilla.novell.com/668194 https://bugzilla.novell.com/676204 https://bugzilla.novell.com/688079 https://bugzilla.novell.com/693639 https://bugzilla.novell.com/697920 https://bugzilla.novell.com/700449 https://bugzilla.novell.com/704280 https://bugzilla.novell.com/713148 https://bugzilla.novell.com/714507 https://bugzilla.novell.com/716850 https://bugzilla.novell.com/717994 https://bugzilla.novell.com/719793 https://bugzilla.novell.com/720374 https://bugzilla.novell.com/721366 https://bugzilla.novell.com/727834 https://bugzilla.novell.com/729247 https://bugzilla.novell.com/731809 https://bugzilla.novell.com/733761 https://bugzilla.novell.com/734300 https://bugzilla.novell.com/734900 https://bugzilla.novell.com/737326 https://bugzilla.novell.com/738210 https://bugzilla.novell.com/738503 https://bugzilla.novell.com/738528 https://bugzilla.novell.com/738679 https://bugzilla.novell.com/740180 https://bugzilla.novell.com/740895 https://bugzilla.novell.com/740969 https://bugzilla.novell.com/742210 https://bugzilla.novell.com/742358 https://bugzilla.novell.com/743209 https://bugzilla.novell.com/743619 https://bugzilla.novell.com/744163 https://bugzilla.novell.com/744658 https://bugzilla.novell.com/745422 https://bugzilla.novell.com/745699 https://bugzilla.novell.com/745832 https://bugzilla.novell.com/745929 https://bugzilla.novell.com/746980 https://bugzilla.novell.com/747028 https://bugzilla.novell.com/747430 https://bugzilla.novell.com/747445 https://bugzilla.novell.com/748112 https://bugzilla.novell.com/748279 https://bugzilla.novell.com/748812 https://bugzilla.novell.com/749342 https://bugzilla.novell.com/749569 https://bugzilla.novell.com/749886 https://bugzilla.novell.com/750079 https://bugzilla.novell.com/750171 https://bugzilla.novell.com/751322 https://bugzilla.novell.com/751844 https://bugzilla.novell.com/751880 https://bugzilla.novell.com/752491 https://bugzilla.novell.com/752634 https://bugzilla.novell.com/752972 https://bugzilla.novell.com/755178 https://bugzilla.novell.com/755537 https://bugzilla.novell.com/756448 https://bugzilla.novell.com/756840 https://bugzilla.novell.com/757917 https://bugzilla.novell.com/758532 https://bugzilla.novell.com/758813 https://bugzilla.novell.com/759544 http://download.novell.com/patch/finder/?keywords=1e4adcc13979f6e0edae89a1f8... http://download.novell.com/patch/finder/?keywords=53329dfb9cc84e6d2bc6d1f418... http://download.novell.com/patch/finder/?keywords=58369efceea971820d4fcd4d5a... http://download.novell.com/patch/finder/?keywords=59f23e0836e0df248ae14c769e... http://download.novell.com/patch/finder/?keywords=763d59c2691aa9de51f489118d... http://download.novell.com/patch/finder/?keywords=a1f901b5aa53a2ebe1c8ee72b5... http://download.novell.com/patch/finder/?keywords=aec0b832ae76838da3b2076f7d... http://download.novell.com/patch/finder/?keywords=c9182ab9f8793390d728336608... http://download.novell.com/patch/finder/?keywords=eb828a35b91422d320f8c3f2f8... http://download.novell.com/patch/finder/?keywords=efd514eca66da8be4a95dffed7... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org