openSUSE-SU-2010:0720-1 (important): SLE11 SP1
openSUSE Security Update: SLE11 SP1 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0720-1 Rating: important References: #582730 #596646 #600043 #601520 #613330 #614226 #616080 #618059 #618072 #618379 #620443 #620654 #624020 #624814 #625674 #626880 #629170 #632568 #633268 #633543 #633593 #633733 #634637 #635425 #636112 #636461 #636561 #636850 #637436 #637502 #637639 #637944 #638277 #638400 #638613 #638618 #638807 #638860 #639161 #639197 #639481 #639482 #639483 #639709 #639728 #639944 #640276 #640721 #641247 #642009 #642449 #643909 #643914 #643922 Cross-References: CVE-2010-2954 CVE-2010-2960 CVE-2010-2962 CVE-2010-3078 CVE-2010-3079 CVE-2010-3080 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3310 Affected Products: SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves 11 vulnerabilities and has 43 fixes is now available. Description: This SUSE Linux Enterprise 11 Service Pack 1 kernel contains various security fixes and lots of other bugfixes. Following security issues were fixed: CVE-2010-2960: local users could crash the system by causing a NULL deref in the keyctl_session_to_parent() function CVE-2010-2954: local users could crash the system by causing a NULL deref via IRDA sockets CVE-2010-3079: local users could crash the system by causing a NULL deref in ftrace CVE-2010-3078, CVE-2010-3297, CVE-2010-3298, CVE-2010-3081, CVE-2010-3296: several kernel functions could leak kernel stack memory contents CVE-2010-3080: local users could cause dereference of an uninitialized pointer via /dev/sequencer CVE-2010-3310: local users could corrupt kernel heap memory via ROSE sockets CVE-2010-2962: local users could write to any kernel memory location via the i915 GEM ioctl interface Additionally this update restores the compat_alloc_userspace() inline function. Special Instructions and Notes: Please reboot the system after installing this update. Package List: - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-2.6.32.23-0.3.1 - SLE 11 SERVER Unsupported Extras (i586 x86_64): kernel-xen-extra-2.6.32.23-0.3.1 - SLE 11 SERVER Unsupported Extras (ppc64): kernel-ppc64-extra-2.6.32.23-0.3.1 - SLE 11 SERVER Unsupported Extras (i586): kernel-pae-extra-2.6.32.23-0.3.1 References: http://support.novell.com/security/cve/CVE-2010-2954.html http://support.novell.com/security/cve/CVE-2010-2960.html http://support.novell.com/security/cve/CVE-2010-2962.html http://support.novell.com/security/cve/CVE-2010-3078.html http://support.novell.com/security/cve/CVE-2010-3079.html http://support.novell.com/security/cve/CVE-2010-3080.html http://support.novell.com/security/cve/CVE-2010-3081.html http://support.novell.com/security/cve/CVE-2010-3296.html http://support.novell.com/security/cve/CVE-2010-3297.html http://support.novell.com/security/cve/CVE-2010-3298.html http://support.novell.com/security/cve/CVE-2010-3310.html https://bugzilla.novell.com/582730 https://bugzilla.novell.com/596646 https://bugzilla.novell.com/600043 https://bugzilla.novell.com/601520 https://bugzilla.novell.com/613330 https://bugzilla.novell.com/614226 https://bugzilla.novell.com/616080 https://bugzilla.novell.com/618059 https://bugzilla.novell.com/618072 https://bugzilla.novell.com/618379 https://bugzilla.novell.com/620443 https://bugzilla.novell.com/620654 https://bugzilla.novell.com/624020 https://bugzilla.novell.com/624814 https://bugzilla.novell.com/625674 https://bugzilla.novell.com/626880 https://bugzilla.novell.com/629170 https://bugzilla.novell.com/632568 https://bugzilla.novell.com/633268 https://bugzilla.novell.com/633543 https://bugzilla.novell.com/633593 https://bugzilla.novell.com/633733 https://bugzilla.novell.com/634637 https://bugzilla.novell.com/635425 https://bugzilla.novell.com/636112 https://bugzilla.novell.com/636461 https://bugzilla.novell.com/636561 https://bugzilla.novell.com/636850 https://bugzilla.novell.com/637436 https://bugzilla.novell.com/637502 https://bugzilla.novell.com/637639 https://bugzilla.novell.com/637944 https://bugzilla.novell.com/638277 https://bugzilla.novell.com/638400 https://bugzilla.novell.com/638613 https://bugzilla.novell.com/638618 https://bugzilla.novell.com/638807 https://bugzilla.novell.com/638860 https://bugzilla.novell.com/639161 https://bugzilla.novell.com/639197 https://bugzilla.novell.com/639481 https://bugzilla.novell.com/639482 https://bugzilla.novell.com/639483 https://bugzilla.novell.com/639709 https://bugzilla.novell.com/639728 https://bugzilla.novell.com/639944 https://bugzilla.novell.com/640276 https://bugzilla.novell.com/640721 https://bugzilla.novell.com/641247 https://bugzilla.novell.com/642009 https://bugzilla.novell.com/642449 https://bugzilla.novell.com/643909 https://bugzilla.novell.com/643914 https://bugzilla.novell.com/643922
participants (1)
-
opensuse-security@opensuse.org