SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2013:0674-1 Rating: important References: #742111 #765687 #769093 #770980 #776370 #781485 #785101 #786013 #787272 #789012 #790236 #792697 #795075 #795335 #797175 #799611 #800280 #801178 #802642 #804154 #809692 Cross-References: CVE-2012-4530 CVE-2013-0160 CVE-2013-0216 CVE-2013-0231 CVE-2013-0268 CVE-2013-0871 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves 6 vulnerabilities and has 15 fixes is now available. Description: This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed: * CVE-2013-0871: A race condition in ptrace(2) could be used by local attackers to crash the kernel and/or execute code in kernel context. * CVE-2013-0160: Avoid side channel information leaks from the ptys via ptmx, which allowed local attackers to guess keypresses. * CVE-2012-4530: Avoid leaving bprm->interp on the stack which might have leaked information from the kernel to userland attackers. * CVE-2013-0268: The msr_open function in arch/x86/kernel/msr.c in the Linux kernel allowed local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c. * CVE-2013-0216: The Xen netback functionality in the Linux kernel allowed guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. * CVE-2013-0231: The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel allowed guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information. Also the following non-security bugs have been fixed: S/390: * s390x: tty struct used after free (bnc#809692, LTC#90216). * s390x/kernel: sched_clock() overflow (bnc#799611, LTC#87978). * qeth: set new mac even if old mac is gone (bnc#789012,LTC#86643). * qeth: set new mac even if old mac is gone (2) (bnc#792697,LTC#87138). * qeth: fix deadlock between recovery and bonding driver (bnc#785101,LTC#85905). * dasd: check count address during online setting (bnc#781485,LTC#85346). * hugetlbfs: add missing TLB invalidation (bnc#781485,LTC#85463). * s390/kernel: make user-access pagetable walk code huge page aware (bnc#781485,LTC#85455). XEN: * xen/netback: fix netbk_count_requests(). * xen: properly bound buffer access when parsing cpu/availability. * xen/scsiback/usbback: move cond_resched() invocations to proper place. * xen/pciback: properly clean up after calling pcistub_device_find(). * xen: add further backward-compatibility configure options. * xen/PCI: suppress bogus warning on old hypervisors. * xenbus: fix overflow check in xenbus_dev_write(). * xen/x86: do not corrupt %eip when returning from a signal handler. Other: * kernel: Restrict clearing TIF_SIGPENDING (bnc#742111). * kernel: recalc_sigpending_tsk fixes (bnc#742111). * xfs: Do not reclaim new inodes in xfs_sync_inodes() (bnc#770980). * jbd: Avoid BUG_ON when checkpoint stalls (bnc#795335). * reiserfs: Fix int overflow while calculating free space (bnc#795075). * cifs: clarify the meaning of tcpStatus == CifsGood (bnc#769093). * cifs: do not allow cifs_reconnect to exit with NULL socket pointer (bnc#769093). * cifs: switch to seq_files (bnc#776370). * scsi: fix check of PQ and PDT bits for WLUNs (bnc#765687). * hugetlb: preserve hugetlb pte dirty state (bnc#790236). * poll: enforce RLIMIT_NOFILE in poll() (bnc#787272). * proc: fix ->open less usage due to ->proc_fops flip (bnc#776370). * rpm/kernel-binary.spec.in: Ignore kabi errors if %%ignore_kabi_badness is defined. This is used in the Kernel:* projects in the OBS. Security Issue references: * CVE-2012-4530 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4530

* CVE-2013-0160 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0160

* CVE-2013-0216 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0216

* CVE-2013-0231 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0231

* CVE-2013-0268 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0268

* CVE-2013-0871 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0871

Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): kernel-default-2.6.16.60-0.101.1 kernel-source-2.6.16.60-0.101.1 kernel-syms-2.6.16.60-0.101.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 x86_64): kernel-debug-2.6.16.60-0.101.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64): kernel-kdump-2.6.16.60-0.101.1 - SUSE Linux Enterprise Server 10 SP4 (i586 x86_64): kernel-smp-2.6.16.60-0.101.1 kernel-xen-2.6.16.60-0.101.1 - SUSE Linux Enterprise Server 10 SP4 (i586): kernel-bigsmp-2.6.16.60-0.101.1 kernel-kdumppae-2.6.16.60-0.101.1 kernel-vmi-2.6.16.60-0.101.1 kernel-vmipae-2.6.16.60-0.101.1 kernel-xenpae-2.6.16.60-0.101.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): kernel-iseries64-2.6.16.60-0.101.1 kernel-ppc64-2.6.16.60-0.101.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): kernel-default-2.6.16.60-0.101.1 kernel-smp-2.6.16.60-0.101.1 kernel-source-2.6.16.60-0.101.1 kernel-syms-2.6.16.60-0.101.1 kernel-xen-2.6.16.60-0.101.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): kernel-bigsmp-2.6.16.60-0.101.1 kernel-xenpae-2.6.16.60-0.101.1 - SLE SDK 10 SP4 (i586 ia64 x86_64): kernel-debug-2.6.16.60-0.101.1 - SLE SDK 10 SP4 (i586 ppc x86_64): kernel-kdump-2.6.16.60-0.101.1 - SLE SDK 10 SP4 (i586 x86_64): kernel-xen-2.6.16.60-0.101.1 - SLE SDK 10 SP4 (i586): kernel-xenpae-2.6.16.60-0.101.1 References: http://support.novell.com/security/cve/CVE-2012-4530.html http://support.novell.com/security/cve/CVE-2013-0160.html http://support.novell.com/security/cve/CVE-2013-0216.html http://support.novell.com/security/cve/CVE-2013-0231.html http://support.novell.com/security/cve/CVE-2013-0268.html http://support.novell.com/security/cve/CVE-2013-0871.html https://bugzilla.novell.com/742111 https://bugzilla.novell.com/765687 https://bugzilla.novell.com/769093 https://bugzilla.novell.com/770980 https://bugzilla.novell.com/776370 https://bugzilla.novell.com/781485 https://bugzilla.novell.com/785101 https://bugzilla.novell.com/786013 https://bugzilla.novell.com/787272 https://bugzilla.novell.com/789012 https://bugzilla.novell.com/790236 https://bugzilla.novell.com/792697 https://bugzilla.novell.com/795075 https://bugzilla.novell.com/795335 https://bugzilla.novell.com/797175 https://bugzilla.novell.com/799611 https://bugzilla.novell.com/800280 https://bugzilla.novell.com/801178 https://bugzilla.novell.com/802642 https://bugzilla.novell.com/804154 https://bugzilla.novell.com/809692 http://download.novell.com/patch/finder/?keywords=2b51bf3e02179f8f70c7b2ada2... http://download.novell.com/patch/finder/?keywords=7cf4de409b28c5f187bc1e9f71... http://download.novell.com/patch/finder/?keywords=ac5626f6e7f483c6dac1cc5fe2... http://download.novell.com/patch/finder/?keywords=ba0e542087a9075aed8c17a29d... http://download.novell.com/patch/finder/?keywords=dba6fc0fdae22199ec260695a6... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org