openSUSE Security Update: Linux Kernel: Security/Bugfix update to 2.6.34.4 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0592-1 Rating: moderate References: #529535 #584720 #586643 #594362 #599671 #608300 #610362 #610828 #615656 #617530 #617912 #618678 #619021 #619416 #619440 #619727 #621598 #623005 #623472 #624118 #624587 #624606 #624814 #625339 #627212 #627310 #627386 #627447 #629908 #631066 #631185 #631319 Cross-References: CVE-2010-2524 CVE-2010-2537 CVE-2010-2538 CVE-2010-2798 CVE-2010-3110 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has 27 fixes is now available. It includes one version update. Description: This update of the openSUSE 11.3 kernel brings the kernel to version 2.6.34.4 and contains a lot of bug and security fixes CVE-2010-3110: Missing bounds checks in several ioctls of the Novell Client novfs /proc interface allowed unprivileged local users to crash the kernel or even execute code in kernel context. CVE-2010-2524: a malicious local user could fill the cache used by CIFS do perform dns lookups with chosen data, therefore tricking the kernel into mounting a wrong CIFS server. CVE-2010-2798: a local user could trigger a NULL derefence on a gfs2 file system CVE-2010-2537: a local user could overwrite append-only files on a btrfs file system CVE-2010-2538: a local user could read kernel memory of a btrfs file system Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch Kernel-3038 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64) [New Version: 2.6.34.4]: kernel-debug-2.6.34.4-0.1.1 kernel-debug-base-2.6.34.4-0.1.1 kernel-debug-devel-2.6.34.4-0.1.1 kernel-default-2.6.34.4-0.1.1 kernel-default-base-2.6.34.4-0.1.1 kernel-default-devel-2.6.34.4-0.1.1 kernel-desktop-2.6.34.4-0.1.1 kernel-desktop-base-2.6.34.4-0.1.1 kernel-desktop-devel-2.6.34.4-0.1.1 kernel-ec2-devel-2.6.34.4-0.1.1 kernel-syms-2.6.34.4-0.1.1 kernel-trace-2.6.34.4-0.1.1 kernel-trace-base-2.6.34.4-0.1.1 kernel-trace-devel-2.6.34.4-0.1.1 kernel-vanilla-2.6.34.4-0.1.1 kernel-vanilla-base-2.6.34.4-0.1.1 kernel-vanilla-devel-2.6.34.4-0.1.1 kernel-xen-2.6.34.4-0.1.1 kernel-xen-base-2.6.34.4-0.1.1 kernel-xen-devel-2.6.34.4-0.1.1 preload-kmp-default-1.1_k2.6.34.4_0.1-19.1.1 preload-kmp-desktop-1.1_k2.6.34.4_0.1-19.1.1 - openSUSE 11.3 (noarch) [New Version: 2.6.34.4]: kernel-devel-2.6.34.4-0.1.1 kernel-source-2.6.34.4-0.1.1 kernel-source-vanilla-2.6.34.4-0.1.1 - openSUSE 11.3 (i586) [New Version: 2.6.34.4]: kernel-pae-2.6.34.4-0.1.1 kernel-pae-base-2.6.34.4-0.1.1 kernel-pae-devel-2.6.34.4-0.1.1 kernel-vmi-devel-2.6.34.4-0.1.1 References: http://support.novell.com/security/cve/CVE-2010-2524.html http://support.novell.com/security/cve/CVE-2010-2537.html http://support.novell.com/security/cve/CVE-2010-2538.html http://support.novell.com/security/cve/CVE-2010-2798.html http://support.novell.com/security/cve/CVE-2010-3110.html https://bugzilla.novell.com/529535 https://bugzilla.novell.com/584720 https://bugzilla.novell.com/586643 https://bugzilla.novell.com/594362 https://bugzilla.novell.com/599671 https://bugzilla.novell.com/608300 https://bugzilla.novell.com/610362 https://bugzilla.novell.com/610828 https://bugzilla.novell.com/615656 https://bugzilla.novell.com/617530 https://bugzilla.novell.com/617912 https://bugzilla.novell.com/618678 https://bugzilla.novell.com/619021 https://bugzilla.novell.com/619416 https://bugzilla.novell.com/619440 https://bugzilla.novell.com/619727 https://bugzilla.novell.com/621598 https://bugzilla.novell.com/623005 https://bugzilla.novell.com/623472 https://bugzilla.novell.com/624118 https://bugzilla.novell.com/624587 https://bugzilla.novell.com/624606 https://bugzilla.novell.com/624814 https://bugzilla.novell.com/625339 https://bugzilla.novell.com/627212 https://bugzilla.novell.com/627310 https://bugzilla.novell.com/627386 https://bugzilla.novell.com/627447 https://bugzilla.novell.com/629908 https://bugzilla.novell.com/631066 https://bugzilla.novell.com/631185 https://bugzilla.novell.com/631319