[opensuse-security] Re: openSUSE-SU-2014:0856-1: important: kernel: security and bugfix release

2 Jul 2014

      -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Could I get Subscribed from this list, as there is nothing in headers?
or on the bottom? on How to Subscriber Nothing! I keep asking and get no
help in replay's

On 01/07/14 20:04, opensuse-security@opensuse.org wrote:
...
openSUSE Security Update: kernel: security and bugfix release
______________________________________________________________________________
Announcement ID:    openSUSE-SU-2014:0856-1
Rating:             important
References:         #869563 #870173 #870576 #871561 #873374 #876102 
                    #878274 #880892 
Cross-References:   CVE-2013-7339 CVE-2014-0055 CVE-2014-0077
                    CVE-2014-2678 CVE-2014-2851 CVE-2014-3122
                    CVE-2014-3153
Affected Products:
                    openSUSE 12.3
______________________________________________________________________________
An update that solves 7 vulnerabilities and has one errata
   is now available.
Description:
The Linux kernel was updated to fix security issues and bugs:
Security issues fixed: CVE-2014-3153: The futex_requeue function in
   kernel/futex.c in the Linux kernel did not ensure that calls have two
   different futex addresses, which allowed local users to gain privileges
   via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter
   modification.
CVE-2014-0077: drivers/vhost/net.c in the Linux kernel, when mergeable
   buffers are disabled, did not properly validate packet lengths, which
   allowed guest OS users to cause a denial of service (memory corruption and
   host OS crash) or possibly gain privileges on the host OS via crafted
   packets, related to the handle_rx and get_rx_bufs functions.
CVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in the
   vhost-net subsystem in the Linux kernel package did not properly handle
   vhost_get_vq_desc errors, which allowed guest OS users to cause a denial
   of service (host OS crash) via unspecified vectors.
CVE-2014-2678: The rds_iw_laddr_check function in net/rds/iw.c in the
   Linux kernel allowed local users to cause a denial of service (NULL
   pointer dereference and system crash) or possibly have unspecified other
   impact via a bind system call for an RDS socket on a system that lacks RDS
   transports.
CVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in the
   Linux kernel allowed local users to cause a denial of service (NULL
   pointer dereference and system crash) or possibly have unspecified other
   impact via a bind system call for an RDS socket on a system that lacks RDS
   transports.
CVE-2014-2851: Integer overflow in the ping_init_sock function in
   net/ipv4/ping.c in the Linux kernel allowed local users to cause a denial
   of service (use-after-free and system crash) or possibly gain privileges
    via a crafted application that leverages an improperly managed reference
    counter.
CVE-2014-3122: The try_to_unmap_cluster function in mm/rmap.c in the Linux
   kernel did not properly consider which pages must be locked, which allowed
   local users to cause a denial of service (system crash) by triggering a
   memory-usage pattern that requires removal of page-table mappings.
Bugs fixed:
   - memcg: deprecate memory.force_empty knob (bnc#878274).
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:
- openSUSE 12.3:
zypper in -t patch openSUSE-2014-451
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 12.3 (i586 x86_64):
kernel-default-3.7.10-1.36.1
      kernel-default-base-3.7.10-1.36.1
      kernel-default-base-debuginfo-3.7.10-1.36.1
      kernel-default-debuginfo-3.7.10-1.36.1
      kernel-default-debugsource-3.7.10-1.36.1
      kernel-default-devel-3.7.10-1.36.1
      kernel-default-devel-debuginfo-3.7.10-1.36.1
      kernel-syms-3.7.10-1.36.1
- openSUSE 12.3 (i686 x86_64):
kernel-debug-3.7.10-1.36.1
      kernel-debug-base-3.7.10-1.36.1
      kernel-debug-base-debuginfo-3.7.10-1.36.1
      kernel-debug-debuginfo-3.7.10-1.36.1
      kernel-debug-debugsource-3.7.10-1.36.1
      kernel-debug-devel-3.7.10-1.36.1
      kernel-debug-devel-debuginfo-3.7.10-1.36.1
      kernel-desktop-3.7.10-1.36.1
      kernel-desktop-base-3.7.10-1.36.1
      kernel-desktop-base-debuginfo-3.7.10-1.36.1
      kernel-desktop-debuginfo-3.7.10-1.36.1
      kernel-desktop-debugsource-3.7.10-1.36.1
      kernel-desktop-devel-3.7.10-1.36.1
      kernel-desktop-devel-debuginfo-3.7.10-1.36.1
      kernel-ec2-3.7.10-1.36.1
      kernel-ec2-base-3.7.10-1.36.1
      kernel-ec2-base-debuginfo-3.7.10-1.36.1
      kernel-ec2-debuginfo-3.7.10-1.36.1
      kernel-ec2-debugsource-3.7.10-1.36.1
      kernel-ec2-devel-3.7.10-1.36.1
      kernel-ec2-devel-debuginfo-3.7.10-1.36.1
      kernel-trace-3.7.10-1.36.1
      kernel-trace-base-3.7.10-1.36.1
      kernel-trace-base-debuginfo-3.7.10-1.36.1
      kernel-trace-debuginfo-3.7.10-1.36.1
      kernel-trace-debugsource-3.7.10-1.36.1
      kernel-trace-devel-3.7.10-1.36.1
      kernel-trace-devel-debuginfo-3.7.10-1.36.1
      kernel-vanilla-3.7.10-1.36.1
      kernel-vanilla-debuginfo-3.7.10-1.36.1
      kernel-vanilla-debugsource-3.7.10-1.36.1
      kernel-vanilla-devel-3.7.10-1.36.1
      kernel-vanilla-devel-debuginfo-3.7.10-1.36.1
      kernel-xen-3.7.10-1.36.1
      kernel-xen-base-3.7.10-1.36.1
      kernel-xen-base-debuginfo-3.7.10-1.36.1
      kernel-xen-debuginfo-3.7.10-1.36.1
      kernel-xen-debugsource-3.7.10-1.36.1
      kernel-xen-devel-3.7.10-1.36.1
      kernel-xen-devel-debuginfo-3.7.10-1.36.1
- openSUSE 12.3 (noarch):
kernel-devel-3.7.10-1.36.1
      kernel-docs-3.7.10-1.36.2
      kernel-source-3.7.10-1.36.1
      kernel-source-vanilla-3.7.10-1.36.1
- openSUSE 12.3 (i686):
kernel-pae-3.7.10-1.36.1
      kernel-pae-base-3.7.10-1.36.1
      kernel-pae-base-debuginfo-3.7.10-1.36.1
      kernel-pae-debuginfo-3.7.10-1.36.1
      kernel-pae-debugsource-3.7.10-1.36.1
      kernel-pae-devel-3.7.10-1.36.1
      kernel-pae-devel-debuginfo-3.7.10-1.36.1
References:
http://support.novell.com/security/cve/CVE-2013-7339.html
   http://support.novell.com/security/cve/CVE-2014-0055.html
   http://support.novell.com/security/cve/CVE-2014-0077.html
   http://support.novell.com/security/cve/CVE-2014-2678.html
   http://support.novell.com/security/cve/CVE-2014-2851.html
   http://support.novell.com/security/cve/CVE-2014-3122.html
   http://support.novell.com/security/cve/CVE-2014-3153.html
   https://bugzilla.novell.com/869563
   https://bugzilla.novell.com/870173
   https://bugzilla.novell.com/870576
   https://bugzilla.novell.com/871561
   https://bugzilla.novell.com/873374
   https://bugzilla.novell.com/876102
   https://bugzilla.novell.com/878274
   https://bugzilla.novell.com/880892
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTs3wRAAoJEAIlXR9XEAejjGUH/A72RMaOle/KkZ+JSGDeCesC
MwpLDLz5LSxdj4nKp/Y2j2eZgzxwMyxhtEyjiSLzP6jmZe6LBqslqsq5dS1j7ynY
uUvGeInRX7+zJ1beAtFZQfTwhacHist2kxE3b0BaYcsaJFJoeXkwckDnM+4Of7yy
srfcy5Q8kppiS2F00yiDC62PxOGl32UoNx5civoAzwiAlH65OB1dJphc8dLxOxzd
7rrJWfDiw3CFs74Y7EbieY2H7rJBWc6khjCXUn6KCbfiMpaRaMV+kwVIxgao/dk3
eM851+otzxUdL8WzTTBqwMrFFz4WHEdhiPnTGS+SMksfnbRCWSlr4LIdK6Bm10Y=
=LwlR
-----END PGP SIGNATURE-----
-- 
To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse-security+owner@opensuse.org

[opensuse-security] Re: openSUSE-SU-2014:0856-1: important: kernel: security and bugfix release

splatflys