SUSE Security Update: kernel update for SLE11 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2011:1101-1 Rating: important References: #588458 #603804 #632870 #642896 #649625 #667386 #669378 #688859 #694670 #699354 #699357 #701443 #701686 #704347 #706557 #707096 #707125 #707737 #708675 #708877 #709412 #711203 #711969 #712456 #712929 #713138 #713430 #714001 #714966 #715235 #715763 #716901 #719117 Cross-References: CVE-2011-2928 CVE-2011-3191 CVE-2011-3353 Affected Products: SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves three vulnerabilities and has 30 fixes is now available. Description: The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.46 and fixes various bugs and security issues. Following security issues were fixed: CVE-2011-3191: A signedness issue in CIFS could possibly have lead to to memory corruption, if a malicious server could send crafted replies to the host. CVE-2011-3353: In the fuse filesystem, FUSE_NOTIFY_INVAL_ENTRY did not check the length of the write so the message processing could overrun and result in a BUG_ON() in fuse_copy_fill(). This flaw could be used by local users able to mount FUSE filesystems to crash the system. CVE-2011-2928: The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel did not validate the length attribute of long symlinks, which allowed local users to cause a denial of service (incorrect pointer dereference and OOPS) by accessing a long symlink on a malformed Be filesystem. Also the following non security bugs were fixed: - Added a missing reset for ioc_reset_in_progress in SoftReset in the mtpsas driver (bnc#711969). - Add support for the Digi/IBM PCIe 2-port Adapter (bnc#708675). - Always enable MSI-X on 5709 (bnc#707737). - sched: fix broken SCHED_RESET_ON_FORK handling (bnc#708877). - sched: Fix rt_rq runtime leakage bug (bnc#707096). - ACPI: allow passing down C1 information if no other C-states exist. - KDB: turn off kdb usb support by default (bnc#694670 bnc#603804). - xfs: Added event tracing support. - xfs: fix xfs_fsblock_t tracing. - igb: extend maximum frame size to receive VLAN tagged frames (bnc#688859). - cfq: Do not allow queue merges for queues that have no process references (bnc#712929). - cfq: break apart merged cfqqs if they stop cooperating (bnc#712929). - cfq: calculate the seek_mean per cfq_queue not per cfq_io_context (bnc#712929). - cfq: change the meaning of the cfqq_coop flag (bnc#712929). - cfq-iosched: get rid of the coop_preempt flag (bnc#712929). - cfq: merge cooperating cfq_queues (bnc#712929). - Fix FDDI and TR config checks in ipv4 arp and LLC (bnc#715235). - writeback: do uninterruptible sleep in balance_dirty_pages() (bnc#699354 bnc#699357). - xfs: fix memory reclaim recursion deadlock on locked inode buffer (bnc#699355 bnc#699354). - xfs: use GFP_NOFS for page cache allocation (bnc#699355 bnc#699354). - virtio-net: init link state correctly (bnc#714966). - cpufreq: pcc-cpufreq: sanity check to prevent a NULL pointer dereference (bnc#709412). - x86: ucode-amd: Do not warn when no ucode is available for a CPU - patches.arch/x86_64-unwind-annotations: Refresh (bnc#588458). - patches.suse/stack-unwind: Refresh (bnc#588458). - splice: direct_splice_actor() should not use pos in sd (bnc#715763). - qdio: 2nd stage retry on SIGA-W busy conditions (bnc#713138,LTC#74402). - TTY: pty, fix pty counting (bnc#711203). - Avoid deadlock in GFP_IO/GFP_FS allocation (bnc#632870). - novfs: fix some DirCache locking issues (bnc#669378). - novfs: fix some kmalloc/kfree issues (bnc#669378). - novfs: fix off-by-one allocation error (bnc#669378). - novfs: unlink directory after unmap (bnc#649625). - novfs: last modification time not reliable (bnc#642896). - x86 / IO APIC: Reset IRR in clear_IO_APIC_pin() (bnc#701686, bnc#667386). - mptfusion : Added check for SILI bit in READ_6 CDB for DATA UNDERRUN ERRATA (bnc #712456). - xfs: serialise unaligned direct IOs (bnc#707125). - NFS: Ensure that we handle NFS4ERR_STALE_STATEID correctly (bnc#701443). - NFSv4: Do not call nfs4_state_mark_reclaim_reboot() from error handlers (bnc#701443). - NFSv4: Fix open recovery (bnc#701443). - NFSv4.1: Do not call nfs4_schedule_state_recovery() unnecessarily (bnc#701443). Special Instructions and Notes: Please reboot the system after installing this update. Package List: - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-2.6.32.46-0.3.1 - SLE 11 SERVER Unsupported Extras (i586 x86_64): kernel-xen-extra-2.6.32.46-0.3.1 - SLE 11 SERVER Unsupported Extras (ppc64): kernel-ppc64-extra-2.6.32.46-0.3.1 - SLE 11 SERVER Unsupported Extras (i586): kernel-pae-extra-2.6.32.46-0.3.1 References: http://support.novell.com/security/cve/CVE-2011-2928.html http://support.novell.com/security/cve/CVE-2011-3191.html http://support.novell.com/security/cve/CVE-2011-3353.html https://bugzilla.novell.com/588458 https://bugzilla.novell.com/603804 https://bugzilla.novell.com/632870 https://bugzilla.novell.com/642896 https://bugzilla.novell.com/649625 https://bugzilla.novell.com/667386 https://bugzilla.novell.com/669378 https://bugzilla.novell.com/688859 https://bugzilla.novell.com/694670 https://bugzilla.novell.com/699354 https://bugzilla.novell.com/699357 https://bugzilla.novell.com/701443 https://bugzilla.novell.com/701686 https://bugzilla.novell.com/704347 https://bugzilla.novell.com/706557 https://bugzilla.novell.com/707096 https://bugzilla.novell.com/707125 https://bugzilla.novell.com/707737 https://bugzilla.novell.com/708675 https://bugzilla.novell.com/708877 https://bugzilla.novell.com/709412 https://bugzilla.novell.com/711203 https://bugzilla.novell.com/711969 https://bugzilla.novell.com/712456 https://bugzilla.novell.com/712929 https://bugzilla.novell.com/713138 https://bugzilla.novell.com/713430 https://bugzilla.novell.com/714001 https://bugzilla.novell.com/714966 https://bugzilla.novell.com/715235 https://bugzilla.novell.com/715763 https://bugzilla.novell.com/716901 https://bugzilla.novell.com/719117 http://download.novell.com/patch/finder/?keywords=0077a9d97a9220061e5c5383b6... http://download.novell.com/patch/finder/?keywords=17c299ec5c72561013e394661e... http://download.novell.com/patch/finder/?keywords=ae7e4cdc32d427f458768606f0... http://download.novell.com/patch/finder/?keywords=e18fc5d18fa6afec4316bbd22c... http://download.novell.com/patch/finder/?keywords=fe7c633311f0a14664b71dab2a... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org