SUSE Security Update: Security update for Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2011:1195-1 Rating: important References: #616256 #628343 #635880 #683101 #692784 #694315 #699354 #699355 #701355 #701550 #706375 #707439 #709213 #709369 #712009 #713876 #714001 #717126 #717421 #717585 #718028 #721830 #724947 Cross-References: CVE-2009-4067 CVE-2011-1776 CVE-2011-3191 CVE-2011-3363 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that solves four vulnerabilities and has 19 fixes is now available. Description: This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed: * CVE-2009-4067: A USB string descriptor overflow in the auerwald USB driver was fixed, which could be used by physically proximate attackers to cause a kernel crash. * CVE-2011-3363: Always check the path in CIFS mounts to avoid interesting filesystem path interaction issues and potential crashes. * CVE-2011-3191: A malicious CIFS server could cause a integer overflow on the local machine on directory index operations, in turn causing memory corruption. * CVE-2011-1776: The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel did not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allowed physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. The following non-security issues have been fixed: * md: fix deadlock in md/raid1 and md/raid10 when handling a read error (bnc#628343). * md: fix possible raid1/raid10 deadlock on read error during resync (bnc#628343). * Add timeo parameter to /proc/mounts for nfs filesystems (bnc#616256). * virtio: indirect ring entries (VIRTIO_RING_F_INDIRECT_DESC) (bnc#713876). * virtio: teach virtio_has_feature() about transport features (bnc#713876). * nf_nat: do not add NAT extension for confirmed conntracks (bnc#709213). * 8250: Oxford Semiconductor Devices (bnc#717126). * 8250_pci: Add support for the Digi/IBM PCIe 2-port Adapter (bnc#717126). * 8250: Fix capabilities when changing the port type (bnc#717126). * 8250: Add EEH support (bnc#717126). * xfs: fix memory reclaim recursion deadlock on locked inode buffer (bnc#699355 bnc#699354 bnc#721830). * ipmi: do not grab locks in run-to-completion mode (bnc#717421). * cifs: add fallback in is_path_accessible for old servers (bnc#718028). * cciss: do not attempt to read from a write-only register (bnc#683101). * s390: kernel: System hang if hangcheck timer expires (bnc#712009,LTC#74157). * s390: kernel: NSS creation with initrd fails (bnc#712009,LTC#74207). * s390: kernel: remove code to handle topology interrupts (bnc#712009,LTC#74440). * xen: Added 1083-kbdfront-absolute-coordinates.patch (bnc#717585). * acpi: Use a spinlock instead of mutex to guard gbl_lock access (bnc#707439). * Allow balance_dirty_pages to help other filesystems (bnc#709369). * nfs: fix congestion control (bnc#709369). * NFS: Separate metadata and page cache revalidation mechanisms (bnc#709369). * jbd: Fix oops in journal_remove_journal_head() (bnc#694315). * xen/blkfront: avoid NULL de-reference in CDROM ioctl handling (bnc#701355). * xen/x86: replace order-based range checking of M2P table by linear one. * xen/x86: use dynamically adjusted upper bound for contiguous regions (bnc#635880). * Fix type in patches.fixes/libiscsi-dont-run-scsi-eh-if-iscsi-task-is-mak ing-progress. * s390: cio: Add timeouts for internal IO (bnc#701550,LTC#72691). * s390: kernel: first time swap use results in heavy swapping (bnc#701550,LTC#73132). * s390: qeth: wrong number of output queues for HiperSockets (bnc#701550,LTC#73814). Security Issue references: * CVE-2009-4067 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4067
* CVE-2011-3363 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3363
* CVE-2011-3191 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3191
* CVE-2011-1776 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776
Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): kernel-default-2.6.16.60-0.91.1 kernel-source-2.6.16.60-0.91.1 kernel-syms-2.6.16.60-0.91.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 x86_64): kernel-debug-2.6.16.60-0.91.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64): kernel-kdump-2.6.16.60-0.91.1 - SUSE Linux Enterprise Server 10 SP4 (i586 x86_64): kernel-smp-2.6.16.60-0.91.1 kernel-xen-2.6.16.60-0.91.1 - SUSE Linux Enterprise Server 10 SP4 (i586): kernel-bigsmp-2.6.16.60-0.91.1 kernel-kdumppae-2.6.16.60-0.91.1 kernel-vmi-2.6.16.60-0.91.1 kernel-vmipae-2.6.16.60-0.91.1 kernel-xenpae-2.6.16.60-0.91.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): kernel-iseries64-2.6.16.60-0.91.1 kernel-ppc64-2.6.16.60-0.91.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): kernel-default-2.6.16.60-0.91.1 kernel-smp-2.6.16.60-0.91.1 kernel-source-2.6.16.60-0.91.1 kernel-syms-2.6.16.60-0.91.1 kernel-xen-2.6.16.60-0.91.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586): kernel-bigsmp-2.6.16.60-0.91.1 kernel-xenpae-2.6.16.60-0.91.1 - SLE SDK 10 SP4 (i586 ia64 x86_64): kernel-debug-2.6.16.60-0.91.1 - SLE SDK 10 SP4 (i586 ppc x86_64): kernel-kdump-2.6.16.60-0.91.1 - SLE SDK 10 SP4 (i586 x86_64): kernel-xen-2.6.16.60-0.91.1 - SLE SDK 10 SP4 (i586): kernel-xenpae-2.6.16.60-0.91.1 References: http://support.novell.com/security/cve/CVE-2009-4067.html http://support.novell.com/security/cve/CVE-2011-1776.html http://support.novell.com/security/cve/CVE-2011-3191.html http://support.novell.com/security/cve/CVE-2011-3363.html https://bugzilla.novell.com/616256 https://bugzilla.novell.com/628343 https://bugzilla.novell.com/635880 https://bugzilla.novell.com/683101 https://bugzilla.novell.com/692784 https://bugzilla.novell.com/694315 https://bugzilla.novell.com/699354 https://bugzilla.novell.com/699355 https://bugzilla.novell.com/701355 https://bugzilla.novell.com/701550 https://bugzilla.novell.com/706375 https://bugzilla.novell.com/707439 https://bugzilla.novell.com/709213 https://bugzilla.novell.com/709369 https://bugzilla.novell.com/712009 https://bugzilla.novell.com/713876 https://bugzilla.novell.com/714001 https://bugzilla.novell.com/717126 https://bugzilla.novell.com/717421 https://bugzilla.novell.com/717585 https://bugzilla.novell.com/718028 https://bugzilla.novell.com/721830 https://bugzilla.novell.com/724947 http://download.novell.com/patch/finder/?keywords=169bd714365eb7c38e38540921... http://download.novell.com/patch/finder/?keywords=6253a90635c740c154fb5e3cc6... http://download.novell.com/patch/finder/?keywords=b1201574824e860419470a1e97... http://download.novell.com/patch/finder/?keywords=be6b41cc85222e68513448b61b... http://download.novell.com/patch/finder/?keywords=c4377326fa8f6c8c833ef411e5... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org