Mailinglist Archive: opensuse-updates (59 mails)

< Previous Next >
openSUSE-SU-2010:0655-1 (critical): kernel: security and bugfix update.
  • From: opensuse-security@xxxxxxxxxxxx
  • Date: Thu, 23 Sep 2010 01:08:27 +0200 (CEST)
  • Message-id: <20100922230827.197C0BE38@xxxxxxxxxxxxxx>
openSUSE Security Update: kernel: security and bugfix update.
______________________________________________________________________________

Announcement ID: openSUSE-SU-2010:0655-1
Rating: critical
References: #634637 #635413 #635425 #637502 #638274 #638277
#639481 #639482 #639483 #639708 #639709 #639728

Affected Products:
openSUSE 11.3
______________________________________________________________________________

An update that contains security fixes can now be
installed. It includes one version update.

Description:

This update of the openSUSE 11.3 kernel fixes two local
root exploits, various other security issues and some bugs.

Following security issues are fixed by this update:
CVE-2010-3301: Mismatch between 32bit and 64bit register
usage in the system call entry path could be used by local
attackers to gain root privileges. This problem only
affects x86_64 kernels.

CVE-2010-3081: Incorrect buffer handling in the
biarch-compat buffer handling could be used by local
attackers to gain root privileges. This problem affects
foremost x86_64, or potentially other biarch platforms,
like PowerPC and S390x.

CVE-2010-3084: A buffer overflow in the ETHTOOL_GRXCLSRLALL
code could be used to crash the kernel or potentially
execute code.

CVE-2010-2955: A kernel information leak via the WEXT ioctl
was fixed.

CVE-2010-2960: The keyctl_session_to_parent function in
security/keys/keyctl.c in the Linux kernel expects that a
certain parent session keyring exists, which allows local
users to cause a denial of service (NULL pointer
dereference and system crash) or possibly have unspecified
other impact via a KEYCTL_SESSION_TO_PARENT argument to the
keyctl function.

CVE-2010-3080: A double free in an alsa error path was
fixed, which could lead to kernel crashes.

CVE-2010-3079: Fixed a ftrace NULL pointer dereference
problem which could lead to kernel crashes.

CVE-2010-3298: Fixed a kernel information leak in the
net/usb/hso driver.

CVE-2010-3296: Fixed a kernel information leak in the cxgb3
driver.

CVE-2010-3297: Fixed a kernel information leak in the
net/eql driver.


Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.3:

zypper in -t patch kernel-3173

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.3 (i586 x86_64) [New Version: 2.6.34.7]:

kernel-debug-2.6.34.7-0.3.1
kernel-debug-base-2.6.34.7-0.3.1
kernel-debug-devel-2.6.34.7-0.3.1
kernel-default-2.6.34.7-0.3.1
kernel-default-base-2.6.34.7-0.3.1
kernel-default-devel-2.6.34.7-0.3.1
kernel-desktop-2.6.34.7-0.3.1
kernel-desktop-base-2.6.34.7-0.3.1
kernel-desktop-devel-2.6.34.7-0.3.1
kernel-ec2-2.6.34.7-0.3.1
kernel-ec2-base-2.6.34.7-0.3.1
kernel-ec2-devel-2.6.34.7-0.3.1
kernel-ec2-extra-2.6.34.7-0.3.1
kernel-syms-2.6.34.7-0.3.1
kernel-trace-2.6.34.7-0.3.1
kernel-trace-base-2.6.34.7-0.3.1
kernel-trace-devel-2.6.34.7-0.3.1
kernel-vanilla-2.6.34.7-0.3.1
kernel-vanilla-base-2.6.34.7-0.3.1
kernel-vanilla-devel-2.6.34.7-0.3.1
kernel-xen-2.6.34.7-0.3.1
kernel-xen-base-2.6.34.7-0.3.1
kernel-xen-devel-2.6.34.7-0.3.1
preload-kmp-default-1.1_k2.6.34.7_0.3-19.1.3
preload-kmp-desktop-1.1_k2.6.34.7_0.3-19.1.3

- openSUSE 11.3 (noarch) [New Version: 2.6.34.7]:

kernel-devel-2.6.34.7-0.3.1
kernel-source-2.6.34.7-0.3.1
kernel-source-vanilla-2.6.34.7-0.3.1

- openSUSE 11.3 (i586) [New Version: 2.6.34.7]:

kernel-pae-2.6.34.7-0.3.1
kernel-pae-base-2.6.34.7-0.3.1
kernel-pae-devel-2.6.34.7-0.3.1
kernel-vmi-2.6.34.7-0.3.1
kernel-vmi-base-2.6.34.7-0.3.1
kernel-vmi-devel-2.6.34.7-0.3.1


References:

https://bugzilla.novell.com/634637
https://bugzilla.novell.com/635413
https://bugzilla.novell.com/635425
https://bugzilla.novell.com/637502
https://bugzilla.novell.com/638274
https://bugzilla.novell.com/638277
https://bugzilla.novell.com/639481
https://bugzilla.novell.com/639482
https://bugzilla.novell.com/639483
https://bugzilla.novell.com/639708
https://bugzilla.novell.com/639709
https://bugzilla.novell.com/639728


< Previous Next >
This Thread
  • No further messages