[security-announce] openSUSE-SU-2014:0677-1: important: kernel: security and bugfix update

19 May 2014

      openSUSE Security Update: kernel: security and bugfix update
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2014:0677-1
Rating:             important
References:         #733022 #811746 #833968 #837111 #851426 #852652 
                    #852967 #858233 #858638 #858869 #858870 #858872 
                    #860835 #862145 #863335 #864025 #866102 #868653 
                    #869414 #869898 #871148 #871252 #871325 #873717 
                    #875690 #875798 
Cross-References:   CVE-2013-4254 CVE-2013-4579 CVE-2013-6885
                    CVE-2014-0101 CVE-2014-0196 CVE-2014-0069
                    CVE-2014-1438 CVE-2014-1444 CVE-2014-1445
                    CVE-2014-1446 CVE-2014-1690 CVE-2014-1737
                    CVE-2014-1738 CVE-2014-1874 CVE-2014-2523
                    CVE-2014-2672
Affected Products:
                    openSUSE 12.3
______________________________________________________________________________

   An update that solves 16 vulnerabilities and has 10 fixes
   is now available.

Description:

   The Linux Kernel was updated to fix various security issues and bugs.

   Main security issues fixed:

   A security issue in the tty layer that was fixed that could be used by
   local attackers for code execution (CVE-2014-0196).

   Two security issues in the floppy driver were fixed that could be used by
   local attackers on machines with the floppy to crash the kernel or
   potentially execute code in the kernel (CVE-2014-1737 CVE-2014-1738).

   Other security issues and bugs that were fixed:
   - netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper
   (bnc#860835 CVE-2014-1690).

   - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH
   (bnc#866102, CVE-2014-0101).

   - n_tty: Fix a n_tty_write crash and code execution when echoing in raw
   mode (bnc#871252 bnc#875690 CVE-2014-0196).

   - netfilter: nf_ct_sip: support Cisco 7941/7945 IP phones (bnc#873717).

   - Update config files: re-enable twofish crypto support Software twofish
   crypto support was disabled in several architectures since openSUSE
   10.3. For i386 and x86_64 it was on purpose, because
   hardware-accelerated alternatives exist. However for all other
   architectures it was by accident. Re-enable software twofish crypto
   support in arm, ia64 and ppc configuration files, to guarantee that at
   least one implementation is always available (bnc#871325).

   - Update config files: disable CONFIG_TOUCHSCREEN_W90X900 The w90p910_ts
   driver only makes sense on the W90x900 architecture, which we do not
   support.

   - ath9k: protect tid->sched check (bnc#871148,CVE-2014-2672).

   - Fix dst_neigh_lookup/dst_neigh_lookup_skb return value handling bug
   (bnc#869898).

   - SELinux:  Fix kernel BUG on empty security contexts
   (bnc#863335,CVE-2014-1874).

   - hamradio/yam: fix info leak in ioctl (bnc#858872, CVE-2014-1446).

   - wanxl: fix info leak in ioctl (bnc#858870, CVE-2014-1445).

   - farsync: fix info leak in ioctl (bnc#858869, CVE-2014-1444).

   - ARM: 7809/1: perf: fix event validation for software group leaders
   (CVE-2013-4254, bnc#837111).

   - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages
   (bnc#868653, CVE-2014-2523).

   - ath9k_htc: properly set MAC address and BSSID mask (bnc#851426,
   CVE-2013-4579).

   - drm/ttm: don't oops if no invalidate_caches() (bnc#869414).

   - Apply missing patches.fixes/drm-nouveau-hwmon-rename-fan0-to-fan1.patch

   - xfs: growfs: use uncached buffers for new headers (bnc#858233).

   - xfs: use btree block initialisation functions in growfs (bnc#858233).

   - Revert "Delete
   patches.fixes/xfs-fix-xfs_buf_find-oops-on-blocks-beyond-the-filesystem-end
   ." (bnc#858233) Put back again the patch
   patches.fixes/xfs-fix-xfs_buf_find-oops-on-blocks-beyond-the-filesystem-end
   back as there is a better fix than reverting the affecting patch.

   - Delete
   patches.fixes/xfs-fix-xfs_buf_find-oops-on-blocks-beyond-the-filesystem-end
   . It turned out that this patch causes regressions (bnc#858233) The
   upstream 3.7.x also reverted it in the end (commit c3793e0d94af2).

   - tcp: syncookies: reduce cookie lifetime to 128 seconds (bnc#833968).
   - tcp: syncookies: reduce mss table to four values (bnc#833968).

   - x86, cpu, amd: Add workaround for family 16h, erratum 793 (bnc#852967
   CVE-2013-6885).

   - cifs: ensure that uncached writes handle unmapped areas correctly
   (bnc#864025 CVE-2014-0069).

   - x86, fpu, amd: Clear exceptions in AMD FXSAVE workaround (bnc#858638
   CVE-2014-1438).

   - xencons: generalize use of add_preferred_console() (bnc#733022,
   bnc#852652).
   - balloon: don't crash in HVM-with-PoD guests.
   - hwmon: (coretemp) Fix truncated name of alarm attributes.

   - NFS: Avoid PUTROOTFH when managing leases (bnc#811746).

   - cifs: delay super block destruction until all cifsFileInfo objects are
   gone (bnc#862145).

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 12.3:

      zypper in -t patch openSUSE-2014-376

   To bring your system up-to-date, use "zypper patch".

Package List:

   - openSUSE 12.3 (i586 x86_64):

      kernel-default-3.7.10-1.32.1
      kernel-default-base-3.7.10-1.32.1
      kernel-default-base-debuginfo-3.7.10-1.32.1
      kernel-default-debuginfo-3.7.10-1.32.1
      kernel-default-debugsource-3.7.10-1.32.1
      kernel-default-devel-3.7.10-1.32.1
      kernel-default-devel-debuginfo-3.7.10-1.32.1
      kernel-syms-3.7.10-1.32.1

   - openSUSE 12.3 (i686 x86_64):

      kernel-debug-3.7.10-1.32.1
      kernel-debug-base-3.7.10-1.32.1
      kernel-debug-base-debuginfo-3.7.10-1.32.1
      kernel-debug-debuginfo-3.7.10-1.32.1
      kernel-debug-debugsource-3.7.10-1.32.1
      kernel-debug-devel-3.7.10-1.32.1
      kernel-debug-devel-debuginfo-3.7.10-1.32.1
      kernel-desktop-3.7.10-1.32.1
      kernel-desktop-base-3.7.10-1.32.1
      kernel-desktop-base-debuginfo-3.7.10-1.32.1
      kernel-desktop-debuginfo-3.7.10-1.32.1
      kernel-desktop-debugsource-3.7.10-1.32.1
      kernel-desktop-devel-3.7.10-1.32.1
      kernel-desktop-devel-debuginfo-3.7.10-1.32.1
      kernel-ec2-3.7.10-1.32.1
      kernel-ec2-base-3.7.10-1.32.1
      kernel-ec2-base-debuginfo-3.7.10-1.32.1
      kernel-ec2-debuginfo-3.7.10-1.32.1
      kernel-ec2-debugsource-3.7.10-1.32.1
      kernel-ec2-devel-3.7.10-1.32.1
      kernel-ec2-devel-debuginfo-3.7.10-1.32.1
      kernel-trace-3.7.10-1.32.1
      kernel-trace-base-3.7.10-1.32.1
      kernel-trace-base-debuginfo-3.7.10-1.32.1
      kernel-trace-debuginfo-3.7.10-1.32.1
      kernel-trace-debugsource-3.7.10-1.32.1
      kernel-trace-devel-3.7.10-1.32.1
      kernel-trace-devel-debuginfo-3.7.10-1.32.1
      kernel-vanilla-3.7.10-1.32.1
      kernel-vanilla-debuginfo-3.7.10-1.32.1
      kernel-vanilla-debugsource-3.7.10-1.32.1
      kernel-vanilla-devel-3.7.10-1.32.1
      kernel-vanilla-devel-debuginfo-3.7.10-1.32.1
      kernel-xen-3.7.10-1.32.1
      kernel-xen-base-3.7.10-1.32.1
      kernel-xen-base-debuginfo-3.7.10-1.32.1
      kernel-xen-debuginfo-3.7.10-1.32.1
      kernel-xen-debugsource-3.7.10-1.32.1
      kernel-xen-devel-3.7.10-1.32.1
      kernel-xen-devel-debuginfo-3.7.10-1.32.1

   - openSUSE 12.3 (noarch):

      kernel-devel-3.7.10-1.32.1
      kernel-docs-3.7.10-1.32.2
      kernel-source-3.7.10-1.32.1
      kernel-source-vanilla-3.7.10-1.32.1

   - openSUSE 12.3 (i686):

      kernel-pae-3.7.10-1.32.1
      kernel-pae-base-3.7.10-1.32.1
      kernel-pae-base-debuginfo-3.7.10-1.32.1
      kernel-pae-debuginfo-3.7.10-1.32.1
      kernel-pae-debugsource-3.7.10-1.32.1
      kernel-pae-devel-3.7.10-1.32.1
      kernel-pae-devel-debuginfo-3.7.10-1.32.1

References:

   http://support.novell.com/security/cve/CVE-2013-4254.html
   http://support.novell.com/security/cve/CVE-2013-4579.html
   http://support.novell.com/security/cve/CVE-2013-6885.html
   http://support.novell.com/security/cve/CVE-2014-0101.html
   http://support.novell.com/security/cve/CVE-2014-0196.html
   http://support.novell.com/security/cve/CVE-2014-0069.html
   http://support.novell.com/security/cve/CVE-2014-1438.html
   http://support.novell.com/security/cve/CVE-2014-1444.html
   http://support.novell.com/security/cve/CVE-2014-1445.html
   http://support.novell.com/security/cve/CVE-2014-1446.html
   http://support.novell.com/security/cve/CVE-2014-1690.html
   http://support.novell.com/security/cve/CVE-2014-1737.html
   http://support.novell.com/security/cve/CVE-2014-1738.html
   http://support.novell.com/security/cve/CVE-2014-1874.html
   http://support.novell.com/security/cve/CVE-2014-2523.html
   http://support.novell.com/security/cve/CVE-2014-2672.html
   https://bugzilla.novell.com/733022
   https://bugzilla.novell.com/811746
   https://bugzilla.novell.com/833968
   https://bugzilla.novell.com/837111
   https://bugzilla.novell.com/851426
   https://bugzilla.novell.com/852652
   https://bugzilla.novell.com/852967
   https://bugzilla.novell.com/858233
   https://bugzilla.novell.com/858638
   https://bugzilla.novell.com/858869
   https://bugzilla.novell.com/858870
   https://bugzilla.novell.com/858872
   https://bugzilla.novell.com/860835
   https://bugzilla.novell.com/862145
   https://bugzilla.novell.com/863335
   https://bugzilla.novell.com/864025
   https://bugzilla.novell.com/866102
   https://bugzilla.novell.com/868653
   https://bugzilla.novell.com/869414
   https://bugzilla.novell.com/869898
   https://bugzilla.novell.com/871148
   https://bugzilla.novell.com/871252
   https://bugzilla.novell.com/871325
   https://bugzilla.novell.com/873717
   https://bugzilla.novell.com/875690
   https://bugzilla.novell.com/875798

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

opensuse-security＠opensuse.org

tags

participants (1)