Mailinglist Archive: opensuse-updates (94 mails)

< Previous Next >
openSUSE-SU-2010:0205-1 (important): Linux Kernel: security and bugfix update
  • From: opensuse-security@xxxxxxxxxxxx
  • Date: Fri, 16 Apr 2010 16:13:07 +0200 (CEST)
  • Message-id: <20100416141307.6543CBE13@xxxxxxxxxxxxxx>
openSUSE Security Update: Linux Kernel: security and bugfix update
______________________________________________________________________________

Announcement ID: openSUSE-SU-2010:0205-1
Rating: important
References: #474773 #492961 #510449 #544760 #555747 #558269
#561078 #565962 #566634 #568319 #570314 #574654
#576927 #577747 #577753 #578064 #578222 #578550
#578708 #579076 #579219 #579439 #579989 #580799
#581271 #581718 #582552 #582907 #584320
Cross-References: CVE-2009-4031 CVE-2010-0410 CVE-2010-0415
CVE-2010-0622 CVE-2010-0623
Affected Products:
openSUSE 11.2
______________________________________________________________________________

An update that solves 5 vulnerabilities and has 24 fixes is
now available. It includes one version update.

Description:

This update of the openSUSE 11.2 kernel contains a lot of
bug and security fixes.

Following security issues were fixed: CVE-2010-0622: The
wake_futex_pi function in kernel/futex.c in the Linux
kernel does not properly handle certain unlock operations
for a Priority Inheritance (PI) futex, which allows local
users to cause a denial of service (OOPS) and possibly have
unspecified other impact via vectors involving modification
of the futex value from user space.

CVE-2010-0623: The futex_lock_pi function in kernel/futex.c
in the Linux kernel does not properly manage a certain
reference count, which allows local users to cause a denial
of service (OOPS) via vectors involving an unmount of an
ext3 filesystem.

CVE-2010-0415: The do_pages_move function in mm/migrate.c
in the Linux kernel does not validate node values, which
allows local users to read arbitrary kernel memory
locations, cause a denial of service (OOPS), and possibly
have unspecified other impact by specifying a node that is
not part of the kernel's node set.

CVE-2010-0410: drivers/connector/connector.c in the Linux
kernel allows local users to cause a denial of service
(memory consumption and system crash) by sending the kernel
many NETLINK_CONNECTOR messages.

CVE-2009-4031: The do_insn_fetch function in
arch/x86/kvm/emulate.c in the x86 emulator in the KVM
subsystem in the Linux kernel tries to interpret
instructions that contain too many bytes to be valid, which
allows guest OS users to cause a denial of service
(increased scheduling latency) on the host OS via
unspecified manipulations related to SMP support.


This update also contains a large rollup of fixes for the
rt2860 and rt3090 wireless drivers from the mainline kernel.


Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.2:

zypper in -t patch -kernel-2146 dbg112-kernel-2146

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.2 (i586 src x86_64) [New Version: 2.6.31.12]:

kernel-syms-2.6.31.12-0.2.1

- openSUSE 11.2 (i586 x86_64) [New Version: 2.6.31.12]:

kernel-debug-2.6.31.12-0.2.1
kernel-debug-base-2.6.31.12-0.2.1
kernel-debug-base-debuginfo-2.6.31.12-0.2.1
kernel-debug-debuginfo-2.6.31.12-0.2.1
kernel-debug-debugsource-2.6.31.12-0.2.1
kernel-debug-devel-2.6.31.12-0.2.1
kernel-debug-devel-debuginfo-2.6.31.12-0.2.1
kernel-default-2.6.31.12-0.2.1
kernel-default-base-2.6.31.12-0.2.1
kernel-default-base-debuginfo-2.6.31.12-0.2.1
kernel-default-debuginfo-2.6.31.12-0.2.1
kernel-default-debugsource-2.6.31.12-0.2.1
kernel-default-devel-2.6.31.12-0.2.1
kernel-default-devel-debuginfo-2.6.31.12-0.2.1
kernel-desktop-2.6.31.12-0.2.1
kernel-desktop-base-2.6.31.12-0.2.1
kernel-desktop-base-debuginfo-2.6.31.12-0.2.1
kernel-desktop-debuginfo-2.6.31.12-0.2.1
kernel-desktop-debugsource-2.6.31.12-0.2.1
kernel-desktop-devel-2.6.31.12-0.2.1
kernel-desktop-devel-debuginfo-2.6.31.12-0.2.1
kernel-trace-2.6.31.12-0.2.1
kernel-trace-base-2.6.31.12-0.2.1
kernel-trace-base-debuginfo-2.6.31.12-0.2.1
kernel-trace-debuginfo-2.6.31.12-0.2.1
kernel-trace-debugsource-2.6.31.12-0.2.1
kernel-trace-devel-2.6.31.12-0.2.1
kernel-trace-devel-debuginfo-2.6.31.12-0.2.1
kernel-vanilla-2.6.31.12-0.2.1
kernel-vanilla-base-2.6.31.12-0.2.1
kernel-vanilla-base-debuginfo-2.6.31.12-0.2.1
kernel-vanilla-debuginfo-2.6.31.12-0.2.1
kernel-vanilla-debugsource-2.6.31.12-0.2.1
kernel-vanilla-devel-2.6.31.12-0.2.1
kernel-vanilla-devel-debuginfo-2.6.31.12-0.2.1
kernel-xen-2.6.31.12-0.2.1
kernel-xen-base-2.6.31.12-0.2.1
kernel-xen-base-debuginfo-2.6.31.12-0.2.1
kernel-xen-debuginfo-2.6.31.12-0.2.1
kernel-xen-debugsource-2.6.31.12-0.2.1
kernel-xen-devel-2.6.31.12-0.2.1
kernel-xen-devel-debuginfo-2.6.31.12-0.2.1
preload-kmp-default-1.1_2.6.31.12_0.2-6.9.15
preload-kmp-default-debuginfo-1.1_2.6.31.12_0.2-6.9.15
preload-kmp-desktop-1.1_2.6.31.12_0.2-6.9.15
preload-kmp-desktop-debuginfo-1.1_2.6.31.12_0.2-6.9.15

- openSUSE 11.2 (noarch src) [New Version: 2.6.31.12]:

kernel-source-2.6.31.12-0.2.1

- openSUSE 11.2 (noarch) [New Version: 2.6.31.12]:

kernel-source-vanilla-2.6.31.12-0.2.1

- openSUSE 11.2 (i586) [New Version: 2.6.31.12]:

kernel-pae-2.6.31.12-0.2.1
kernel-pae-base-2.6.31.12-0.2.1
kernel-pae-base-debuginfo-2.6.31.12-0.2.1
kernel-pae-debuginfo-2.6.31.12-0.2.1
kernel-pae-debugsource-2.6.31.12-0.2.1
kernel-pae-devel-2.6.31.12-0.2.1
kernel-pae-devel-debuginfo-2.6.31.12-0.2.1

- openSUSE 11.2 (src):

preload-1.1-6.9.15


References:

http://support.novell.com/security/cve/CVE-2009-4031.html
http://support.novell.com/security/cve/CVE-2010-0410.html
http://support.novell.com/security/cve/CVE-2010-0415.html
http://support.novell.com/security/cve/CVE-2010-0622.html
http://support.novell.com/security/cve/CVE-2010-0623.html
https://bugzilla.novell.com/474773
https://bugzilla.novell.com/492961
https://bugzilla.novell.com/510449
https://bugzilla.novell.com/544760
https://bugzilla.novell.com/555747
https://bugzilla.novell.com/558269
https://bugzilla.novell.com/561078
https://bugzilla.novell.com/565962
https://bugzilla.novell.com/566634
https://bugzilla.novell.com/568319
https://bugzilla.novell.com/570314
https://bugzilla.novell.com/574654
https://bugzilla.novell.com/576927
https://bugzilla.novell.com/577747
https://bugzilla.novell.com/577753
https://bugzilla.novell.com/578064
https://bugzilla.novell.com/578222
https://bugzilla.novell.com/578550
https://bugzilla.novell.com/578708
https://bugzilla.novell.com/579076
https://bugzilla.novell.com/579219
https://bugzilla.novell.com/579439
https://bugzilla.novell.com/579989
https://bugzilla.novell.com/580799
https://bugzilla.novell.com/581271
https://bugzilla.novell.com/581718
https://bugzilla.novell.com/582552
https://bugzilla.novell.com/582907
https://bugzilla.novell.com/584320


< Previous Next >
This Thread
  • No further messages