SUSE Security Update: Security update for the Linux Kernel (x86) ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0819-1 Rating: critical References: #819789 Cross-References: CVE-2013-2094 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise High Availability Extension 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: This update to the SUSE Linux Enterprise 11 SP2 kernel fixes the following critical security issue: * A bounds checking problem in the perf systemcall could be used by local attackers to crash the kernel or execute code in kernel context. (CVE-2013-2094 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2094
)
Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kernel-7723 slessp2-kernel-7727 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kernel-7723 slessp2-kernel-7724 slessp2-kernel-7725 slessp2-kernel-7726 slessp2-kernel-7727 - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-kernel-7723 sleshasp2-kernel-7724 sleshasp2-kernel-7725 sleshasp2-kernel-7726 sleshasp2-kernel-7727 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kernel-7723 sledsp2-kernel-7727 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.74]: kernel-default-3.0.74-0.6.8.1 kernel-default-base-3.0.74-0.6.8.1 kernel-default-devel-3.0.74-0.6.8.1 kernel-source-3.0.74-0.6.8.1 kernel-syms-3.0.74-0.6.8.1 kernel-trace-3.0.74-0.6.8.1 kernel-trace-base-3.0.74-0.6.8.1 kernel-trace-devel-3.0.74-0.6.8.1 kernel-xen-devel-3.0.74-0.6.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): xen-kmp-trace-4.1.4_02_3.0.74_0.6.8-0.5.26 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.74]: kernel-pae-3.0.74-0.6.8.1 kernel-pae-base-3.0.74-0.6.8.1 kernel-pae-devel-3.0.74-0.6.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.74]: kernel-default-3.0.74-0.6.8.1 kernel-default-base-3.0.74-0.6.8.1 kernel-default-devel-3.0.74-0.6.8.1 kernel-source-3.0.74-0.6.8.1 kernel-syms-3.0.74-0.6.8.1 kernel-trace-3.0.74-0.6.8.1 kernel-trace-base-3.0.74-0.6.8.1 kernel-trace-devel-3.0.74-0.6.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.74]: kernel-ec2-3.0.74-0.6.8.1 kernel-ec2-base-3.0.74-0.6.8.1 kernel-ec2-devel-3.0.74-0.6.8.1 kernel-xen-3.0.74-0.6.8.1 kernel-xen-base-3.0.74-0.6.8.1 kernel-xen-devel-3.0.74-0.6.8.1 - SUSE Linux Enterprise Server 11 SP2 (x86_64): xen-kmp-default-4.1.4_02_3.0.74_0.6.8-0.5.26 xen-kmp-trace-4.1.4_02_3.0.74_0.6.8-0.5.26 - SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.74]: kernel-default-man-3.0.74-0.6.8.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.74]: kernel-ppc64-3.0.74-0.6.8.1 kernel-ppc64-base-3.0.74-0.6.8.1 kernel-ppc64-devel-3.0.74-0.6.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.74]: kernel-pae-3.0.74-0.6.8.1 kernel-pae-base-3.0.74-0.6.8.1 kernel-pae-devel-3.0.74-0.6.8.1 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): cluster-network-kmp-default-1.4_3.0.74_0.6.8-2.18.38 cluster-network-kmp-trace-1.4_3.0.74_0.6.8-2.18.38 gfs2-kmp-default-2_3.0.74_0.6.8-0.7.70 gfs2-kmp-trace-2_3.0.74_0.6.8-0.7.70 ocfs2-kmp-default-1.6_3.0.74_0.6.8-0.11.37 ocfs2-kmp-trace-1.6_3.0.74_0.6.8-0.11.37 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64): cluster-network-kmp-xen-1.4_3.0.74_0.6.8-2.18.38 gfs2-kmp-xen-2_3.0.74_0.6.8-0.7.70 ocfs2-kmp-xen-1.6_3.0.74_0.6.8-0.11.37 - SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64): cluster-network-kmp-ppc64-1.4_3.0.74_0.6.8-2.18.38 gfs2-kmp-ppc64-2_3.0.74_0.6.8-0.7.70 ocfs2-kmp-ppc64-1.6_3.0.74_0.6.8-0.11.37 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586): cluster-network-kmp-pae-1.4_3.0.74_0.6.8-2.18.38 gfs2-kmp-pae-2_3.0.74_0.6.8-0.7.70 ocfs2-kmp-pae-1.6_3.0.74_0.6.8-0.11.37 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.74]: kernel-default-3.0.74-0.6.8.1 kernel-default-base-3.0.74-0.6.8.1 kernel-default-devel-3.0.74-0.6.8.1 kernel-default-extra-3.0.74-0.6.8.1 kernel-source-3.0.74-0.6.8.1 kernel-syms-3.0.74-0.6.8.1 kernel-trace-3.0.74-0.6.8.1 kernel-trace-base-3.0.74-0.6.8.1 kernel-trace-devel-3.0.74-0.6.8.1 kernel-trace-extra-3.0.74-0.6.8.1 kernel-xen-3.0.74-0.6.8.1 kernel-xen-base-3.0.74-0.6.8.1 kernel-xen-devel-3.0.74-0.6.8.1 kernel-xen-extra-3.0.74-0.6.8.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): xen-kmp-default-4.1.4_02_3.0.74_0.6.8-0.5.26 xen-kmp-trace-4.1.4_02_3.0.74_0.6.8-0.5.26 - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.74]: kernel-pae-3.0.74-0.6.8.1 kernel-pae-base-3.0.74-0.6.8.1 kernel-pae-devel-3.0.74-0.6.8.1 kernel-pae-extra-3.0.74-0.6.8.1 - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): ext4-writeable-kmp-default-0_3.0.74_0.6.8-0.14.51 ext4-writeable-kmp-trace-0_3.0.74_0.6.8-0.14.51 kernel-default-extra-3.0.74-0.6.8.1 - SLE 11 SERVER Unsupported Extras (i586 x86_64): ext4-writeable-kmp-xen-0_3.0.74_0.6.8-0.14.51 kernel-xen-extra-3.0.74-0.6.8.1 - SLE 11 SERVER Unsupported Extras (ppc64): ext4-writeable-kmp-ppc64-0_3.0.74_0.6.8-0.14.51 kernel-ppc64-extra-3.0.74-0.6.8.1 - SLE 11 SERVER Unsupported Extras (i586): ext4-writeable-kmp-pae-0_3.0.74_0.6.8-0.14.51 kernel-pae-extra-3.0.74-0.6.8.1 References: http://support.novell.com/security/cve/CVE-2013-2094.html https://bugzilla.novell.com/819789 http://download.novell.com/patch/finder/?keywords=14a50f8cb46dab3dcc863fb222... http://download.novell.com/patch/finder/?keywords=3401ecfc2b691af4d127d798ed... http://download.novell.com/patch/finder/?keywords=375aa081f1ff6a10e2d949b471... http://download.novell.com/patch/finder/?keywords=5d9fe2f45b3a2f877f16259945... http://download.novell.com/patch/finder/?keywords=6008a20122ec04696e8c8834aa... http://download.novell.com/patch/finder/?keywords=8efbc0da700aac91059fee01a3... http://download.novell.com/patch/finder/?keywords=a1782fe8f690b0431b636c08c9... http://download.novell.com/patch/finder/?keywords=ca9f79d0269c0838370ad982d3... http://download.novell.com/patch/finder/?keywords=e44165d6ef20693eeefcafe1aa... http://download.novell.com/patch/finder/?keywords=ea355152cf44a3491af093b94e... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org