openSUSE-SU-2010:0720-1 (important): SLE11 SP1

13 Oct 2010

      openSUSE Security Update: SLE11 SP1
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2010:0720-1
Rating:             important
References:         #582730 #596646 #600043 #601520 #613330 #614226 
                    #616080 #618059 #618072 #618379 #620443 #620654 
                    #624020 #624814 #625674 #626880 #629170 #632568 
                    #633268 #633543 #633593 #633733 #634637 #635425 
                    #636112 #636461 #636561 #636850 #637436 #637502 
                    #637639 #637944 #638277 #638400 #638613 #638618 
                    #638807 #638860 #639161 #639197 #639481 #639482 
                    #639483 #639709 #639728 #639944 #640276 #640721 
                    #641247 #642009 #642449 #643909 #643914 #643922 

Cross-References:   CVE-2010-2954 CVE-2010-2960 CVE-2010-2962
                    CVE-2010-3078 CVE-2010-3079 CVE-2010-3080
                    CVE-2010-3081 CVE-2010-3296 CVE-2010-3297
                    CVE-2010-3298 CVE-2010-3310
Affected Products:
                    SLE 11 SERVER Unsupported Extras
______________________________________________________________________________

   An update that solves 11 vulnerabilities and has 43 fixes
   is now available.

Description:

   This SUSE Linux Enterprise 11 Service Pack 1 kernel
   contains various security fixes and lots of other bugfixes.

   Following security issues were fixed:

   CVE-2010-2960: local users could crash the system by
   causing a NULL deref in the keyctl_session_to_parent()
   function

   CVE-2010-2954: local users could crash the system by
   causing a NULL deref via IRDA sockets

   CVE-2010-3079: local users could crash the system by
   causing a NULL deref in ftrace

   CVE-2010-3078, CVE-2010-3297, CVE-2010-3298, CVE-2010-3081,
   CVE-2010-3296: several kernel functions could leak kernel
   stack memory contents

   CVE-2010-3080: local users could cause dereference of an
   uninitialized pointer via /dev/sequencer

   CVE-2010-3310: local users could corrupt kernel heap memory
   via ROSE sockets

   CVE-2010-2962: local users could write to any kernel memory
   location via the i915 GEM ioctl interface

   Additionally this update restores the
   compat_alloc_userspace() inline function.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Package List:

   - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):

      kernel-default-extra-2.6.32.23-0.3.1

   - SLE 11 SERVER Unsupported Extras (i586 x86_64):

      kernel-xen-extra-2.6.32.23-0.3.1

   - SLE 11 SERVER Unsupported Extras (ppc64):

      kernel-ppc64-extra-2.6.32.23-0.3.1

   - SLE 11 SERVER Unsupported Extras (i586):

      kernel-pae-extra-2.6.32.23-0.3.1

References:

   http://support.novell.com/security/cve/CVE-2010-2954.html
   http://support.novell.com/security/cve/CVE-2010-2960.html
   http://support.novell.com/security/cve/CVE-2010-2962.html
   http://support.novell.com/security/cve/CVE-2010-3078.html
   http://support.novell.com/security/cve/CVE-2010-3079.html
   http://support.novell.com/security/cve/CVE-2010-3080.html
   http://support.novell.com/security/cve/CVE-2010-3081.html
   http://support.novell.com/security/cve/CVE-2010-3296.html
   http://support.novell.com/security/cve/CVE-2010-3297.html
   http://support.novell.com/security/cve/CVE-2010-3298.html
   http://support.novell.com/security/cve/CVE-2010-3310.html
   https://bugzilla.novell.com/582730
   https://bugzilla.novell.com/596646
   https://bugzilla.novell.com/600043
   https://bugzilla.novell.com/601520
   https://bugzilla.novell.com/613330
   https://bugzilla.novell.com/614226
   https://bugzilla.novell.com/616080
   https://bugzilla.novell.com/618059
   https://bugzilla.novell.com/618072
   https://bugzilla.novell.com/618379
   https://bugzilla.novell.com/620443
   https://bugzilla.novell.com/620654
   https://bugzilla.novell.com/624020
   https://bugzilla.novell.com/624814
   https://bugzilla.novell.com/625674
   https://bugzilla.novell.com/626880
   https://bugzilla.novell.com/629170
   https://bugzilla.novell.com/632568
   https://bugzilla.novell.com/633268
   https://bugzilla.novell.com/633543
   https://bugzilla.novell.com/633593
   https://bugzilla.novell.com/633733
   https://bugzilla.novell.com/634637
   https://bugzilla.novell.com/635425
   https://bugzilla.novell.com/636112
   https://bugzilla.novell.com/636461
   https://bugzilla.novell.com/636561
   https://bugzilla.novell.com/636850
   https://bugzilla.novell.com/637436
   https://bugzilla.novell.com/637502
   https://bugzilla.novell.com/637639
   https://bugzilla.novell.com/637944
   https://bugzilla.novell.com/638277
   https://bugzilla.novell.com/638400
   https://bugzilla.novell.com/638613
   https://bugzilla.novell.com/638618
   https://bugzilla.novell.com/638807
   https://bugzilla.novell.com/638860
   https://bugzilla.novell.com/639161
   https://bugzilla.novell.com/639197
   https://bugzilla.novell.com/639481
   https://bugzilla.novell.com/639482
   https://bugzilla.novell.com/639483
   https://bugzilla.novell.com/639709
   https://bugzilla.novell.com/639728
   https://bugzilla.novell.com/639944
   https://bugzilla.novell.com/640276
   https://bugzilla.novell.com/640721
   https://bugzilla.novell.com/641247
   https://bugzilla.novell.com/642009
   https://bugzilla.novell.com/642449
   https://bugzilla.novell.com/643909
   https://bugzilla.novell.com/643914
   https://bugzilla.novell.com/643922

openSUSE-SU-2010:0720-1 (important): SLE11 SP1

opensuse-security＠opensuse.org