SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0736-1 Rating: important References: #671124 #671479 #683270 #693639 #713430 #718343 #721869 #722400 #723294 #724692 #724734 #726600 #729685 #730118 #730200 #731673 #732613 #733155 #734707 #737325 #737899 #740131 #742148 #742881 #744592 #745640 #745732 #745760 #745929 #746397 #746980 #747381 #749168 #750168 #750928 #751880 #752486 #754964 #758813 #760902 #761389 #762111 #764128 Cross-References: CVE-2011-2928 CVE-2011-4077 CVE-2011-4324 CVE-2011-4330 CVE-2012-2313 CVE-2012-2319 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves 6 vulnerabilities and has 37 fixes is now available. Description: This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed: * CVE-2012-2319: A memory corruption when mounting a hfsplus filesystem was fixed that could be used by local attackers able to mount filesystem to crash the system. * CVE-2012-2313: The dl2k network card driver lacked permission handling for some ethtool ioctls, which could allow local attackers to start/stop the network card. * CVE-2011-2928: The befs_follow_linkl function in fs/befs/linuxvfs.c in the Linux kernel did not validate the lenght attribute of long symlinsk, which allowed local users to cause a denial of service (incorrect pointer dereference and Ooops) by accessing a long symlink on a malformed Be filesystem. * CVE-2011-4077: Fixed a memory corruption possibility in xfs readlink, which could be used by local attackers to crash the system or potentially execute code by mounting a prepared xfs filesystem image. * CVE-2011-4324: A BUG() error report in the nfs4xdr routines on a NFSv4 mount was fixed that could happen during mknod. * CVE-2011-4330: Mounting a corrupted hfs filesystem could lead to a buffer overflow. The following non-security issues have been fixed: * kernel: pfault task state race (bnc#764128,LTC#81724). * ap: Toleration for ap bus devices with device type 10 (bnc#761389). * hugetlb, numa: fix interleave mpol reference count (bnc#762111). * cciss: fixup kdump (bnc#730200). * kdump: Avoid allocating bootmem map over crash reserved region (bnc#749168, bnc#722400, bnc#742881). * qeth: Improve OSA Express 4 blkt defaults (bnc#754964,LTC#80325). * zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (bnc#754964,LTC#80378). * virtio: add names to virtqueue struct, mapping from devices to queues (bnc#742148). * virtio: find_vqs/del_vqs virtio operations (bnc#742148). * virtio_pci: optional MSI-X support (bnc#742148). * virtio_pci: split up vp_interrupt (bnc#742148). * knfsd: nfsd4: fix laundromat shutdown race (752556). * driver core: Check for valid device in bus_find_device() (bnc#729685). * VMware detection backport from mainline (bnc#671124, bnc#747381). * net: adding memory barrier to the poll and receive callbacks (bnc#746397 bnc#750928). * qla2xxx: drop reference before wait for completion (bnc#744592). * qla2xxx: drop reference before wait for completion (bnc#744592). * ixgbe driver sets all WOL flags upon initialization so that machine is powered on as soon at it is switched off (bnc#693639) * Properly release MSI(X) vector(s) when MSI(X) gets disabled (bnc#723294, bnc#721869). * scsi: Always retry internal target error (bnc#745640). * cxgb4: fix parent device access in netdev_printk (bnc#733155). * lcs: lcs offline failure (bnc#752486,LTC#79788). * qeth: add missing wake_up call (bnc#752486,LTC#79899). * NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and MKDIR (bnc#751880). * xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX. * xenbus_dev: add missing error checks to watch handling. * blkfront: properly fail packet requests (bnc#745929). * blkback: failure to write "feature-barrier" node is non-fatal. * igb: Free MSI and MSIX interrupt vectors on driver remove or shutdown (bnc#723294). * igb: Fix for Alt MAC Address feature on 82580 and later devices (bnc#746980). * igb: Free MSI and MSIX interrupt vectors on driver remove or shutdown (bnc#723294). * cfq: Fix infinite loop in cfq_preempt_queue() (bnc#724692). * dasd: fix fixpoint divide exception in define_extent (bnc#750168,LTC#79125). * ctcmpc: use correct idal word list for ctcmpc (bnc#750168,LTC#79264). * patches.fixes/ext3-fix-reuse-of-freed-blocks.diff: Delete. Patch should not really be needed and apparently causes a performance regression (bnc#683270) * tcp: fix race condition leading to premature termination of sockets in FIN_WAIT2 state and connection being reset (bnc#745760) * kernel: console interrupts vs. panic (bnc#737325,LTC#77272). * af_iucv: remove IUCV-pathes completely (bnc#737325,LTC#78292). * qdio: wrong buffers-used counter for ERROR buffers (bnc#737325,LTC#78758). * ext3: Fix credit estimate for DIO allocation (bnc#745732). * jbd: validate sb->s_first in journal_get_superblock() (bnc#730118). * ocfs2: serialize unaligned aio (bnc#671479). * cifs: eliminate usage of kthread_stop for cifsd (bnc#718343). * virtio: fix wrong type used, resulting in truncated addresses in bigsmp kernel. (bnc#737899) * cciss: Adds simple mode functionality (bnc#730200). * blktap: fix locking (again) (bnc#724734). * block: Initial support for data-less (or empty) barrier support (bnc#734707 FATE#313126). * xen: Do not allow empty barriers to be passed down to queues that do not grok them (bnc#734707 FATE#313126). * linkwatch: Handle jiffies wrap-around (bnc#740131). Security Issue references: * CVE-2011-2928 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2928

* CVE-2011-4077 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4077

* CVE-2011-4324 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4324

* CVE-2011-4330 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4330

* CVE-2012-2319 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2319

* CVE-2012-2313 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2313

Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): kernel-default-2.6.16.60-0.97.1 kernel-source-2.6.16.60-0.97.1 kernel-syms-2.6.16.60-0.97.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 x86_64): kernel-debug-2.6.16.60-0.97.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64): kernel-kdump-2.6.16.60-0.97.1 - SUSE Linux Enterprise Server 10 SP4 (i586 x86_64): kernel-smp-2.6.16.60-0.97.1 kernel-xen-2.6.16.60-0.97.1 - SUSE Linux Enterprise Server 10 SP4 (i586): kernel-bigsmp-2.6.16.60-0.97.1 kernel-kdumppae-2.6.16.60-0.97.1 kernel-vmi-2.6.16.60-0.97.1 kernel-vmipae-2.6.16.60-0.97.1 kernel-xenpae-2.6.16.60-0.97.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): kernel-iseries64-2.6.16.60-0.97.1 kernel-ppc64-2.6.16.60-0.97.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): kernel-default-2.6.16.60-0.97.1 kernel-smp-2.6.16.60-0.97.1 kernel-source-2.6.16.60-0.97.1 kernel-syms-2.6.16.60-0.97.1 kernel-xen-2.6.16.60-0.97.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): kernel-bigsmp-2.6.16.60-0.97.1 kernel-xenpae-2.6.16.60-0.97.1 - SLE SDK 10 SP4 (i586 ia64 x86_64): kernel-debug-2.6.16.60-0.97.1 - SLE SDK 10 SP4 (i586 ppc x86_64): kernel-kdump-2.6.16.60-0.97.1 - SLE SDK 10 SP4 (i586 x86_64): kernel-xen-2.6.16.60-0.97.1 - SLE SDK 10 SP4 (i586): kernel-xenpae-2.6.16.60-0.97.1 References: http://support.novell.com/security/cve/CVE-2011-2928.html http://support.novell.com/security/cve/CVE-2011-4077.html http://support.novell.com/security/cve/CVE-2011-4324.html http://support.novell.com/security/cve/CVE-2011-4330.html http://support.novell.com/security/cve/CVE-2012-2313.html http://support.novell.com/security/cve/CVE-2012-2319.html https://bugzilla.novell.com/671124 https://bugzilla.novell.com/671479 https://bugzilla.novell.com/683270 https://bugzilla.novell.com/693639 https://bugzilla.novell.com/713430 https://bugzilla.novell.com/718343 https://bugzilla.novell.com/721869 https://bugzilla.novell.com/722400 https://bugzilla.novell.com/723294 https://bugzilla.novell.com/724692 https://bugzilla.novell.com/724734 https://bugzilla.novell.com/726600 https://bugzilla.novell.com/729685 https://bugzilla.novell.com/730118 https://bugzilla.novell.com/730200 https://bugzilla.novell.com/731673 https://bugzilla.novell.com/732613 https://bugzilla.novell.com/733155 https://bugzilla.novell.com/734707 https://bugzilla.novell.com/737325 https://bugzilla.novell.com/737899 https://bugzilla.novell.com/740131 https://bugzilla.novell.com/742148 https://bugzilla.novell.com/742881 https://bugzilla.novell.com/744592 https://bugzilla.novell.com/745640 https://bugzilla.novell.com/745732 https://bugzilla.novell.com/745760 https://bugzilla.novell.com/745929 https://bugzilla.novell.com/746397 https://bugzilla.novell.com/746980 https://bugzilla.novell.com/747381 https://bugzilla.novell.com/749168 https://bugzilla.novell.com/750168 https://bugzilla.novell.com/750928 https://bugzilla.novell.com/751880 https://bugzilla.novell.com/752486 https://bugzilla.novell.com/754964 https://bugzilla.novell.com/758813 https://bugzilla.novell.com/760902 https://bugzilla.novell.com/761389 https://bugzilla.novell.com/762111 https://bugzilla.novell.com/764128 http://download.novell.com/patch/finder/?keywords=3395803e5857d3e0f44b39331d... http://download.novell.com/patch/finder/?keywords=74169532cbeb6a34c2168ce4ce... http://download.novell.com/patch/finder/?keywords=96d47125b6fb737bee4bf3f761... http://download.novell.com/patch/finder/?keywords=9fe1c1f891de7bb8b0abad7354... http://download.novell.com/patch/finder/?keywords=d66830daf8e6d37d2c64dfa779... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org