Mailinglist Archive: opensuse-updates (48 mails)

< Previous Next >
openSUSE-SU-2010:0720-1 (important): SLE11 SP1
  • From: opensuse-security@xxxxxxxxxxxx
  • Date: Wed, 13 Oct 2010 18:08:19 +0200 (CEST)
  • Message-id: <20101013160819.BA8B3BE44@xxxxxxxxxxxxxx>
openSUSE Security Update: SLE11 SP1
______________________________________________________________________________

Announcement ID: openSUSE-SU-2010:0720-1
Rating: important
References: #582730 #596646 #600043 #601520 #613330 #614226
#616080 #618059 #618072 #618379 #620443 #620654
#624020 #624814 #625674 #626880 #629170 #632568
#633268 #633543 #633593 #633733 #634637 #635425
#636112 #636461 #636561 #636850 #637436 #637502
#637639 #637944 #638277 #638400 #638613 #638618
#638807 #638860 #639161 #639197 #639481 #639482
#639483 #639709 #639728 #639944 #640276 #640721
#641247 #642009 #642449 #643909 #643914 #643922

Cross-References: CVE-2010-2954 CVE-2010-2960 CVE-2010-2962
CVE-2010-3078 CVE-2010-3079 CVE-2010-3080
CVE-2010-3081 CVE-2010-3296 CVE-2010-3297
CVE-2010-3298 CVE-2010-3310
Affected Products:
SLE 11 SERVER Unsupported Extras
______________________________________________________________________________

An update that solves 11 vulnerabilities and has 43 fixes
is now available.

Description:

This SUSE Linux Enterprise 11 Service Pack 1 kernel
contains various security fixes and lots of other bugfixes.

Following security issues were fixed:

CVE-2010-2960: local users could crash the system by
causing a NULL deref in the keyctl_session_to_parent()
function

CVE-2010-2954: local users could crash the system by
causing a NULL deref via IRDA sockets

CVE-2010-3079: local users could crash the system by
causing a NULL deref in ftrace

CVE-2010-3078, CVE-2010-3297, CVE-2010-3298, CVE-2010-3081,
CVE-2010-3296: several kernel functions could leak kernel
stack memory contents

CVE-2010-3080: local users could cause dereference of an
uninitialized pointer via /dev/sequencer

CVE-2010-3310: local users could corrupt kernel heap memory
via ROSE sockets

CVE-2010-2962: local users could write to any kernel memory
location via the i915 GEM ioctl interface

Additionally this update restores the
compat_alloc_userspace() inline function.


Special Instructions and Notes:

Please reboot the system after installing this update.


Package List:

- SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):

kernel-default-extra-2.6.32.23-0.3.1

- SLE 11 SERVER Unsupported Extras (i586 x86_64):

kernel-xen-extra-2.6.32.23-0.3.1

- SLE 11 SERVER Unsupported Extras (ppc64):

kernel-ppc64-extra-2.6.32.23-0.3.1

- SLE 11 SERVER Unsupported Extras (i586):

kernel-pae-extra-2.6.32.23-0.3.1


References:

http://support.novell.com/security/cve/CVE-2010-2954.html
http://support.novell.com/security/cve/CVE-2010-2960.html
http://support.novell.com/security/cve/CVE-2010-2962.html
http://support.novell.com/security/cve/CVE-2010-3078.html
http://support.novell.com/security/cve/CVE-2010-3079.html
http://support.novell.com/security/cve/CVE-2010-3080.html
http://support.novell.com/security/cve/CVE-2010-3081.html
http://support.novell.com/security/cve/CVE-2010-3296.html
http://support.novell.com/security/cve/CVE-2010-3297.html
http://support.novell.com/security/cve/CVE-2010-3298.html
http://support.novell.com/security/cve/CVE-2010-3310.html
https://bugzilla.novell.com/582730
https://bugzilla.novell.com/596646
https://bugzilla.novell.com/600043
https://bugzilla.novell.com/601520
https://bugzilla.novell.com/613330
https://bugzilla.novell.com/614226
https://bugzilla.novell.com/616080
https://bugzilla.novell.com/618059
https://bugzilla.novell.com/618072
https://bugzilla.novell.com/618379
https://bugzilla.novell.com/620443
https://bugzilla.novell.com/620654
https://bugzilla.novell.com/624020
https://bugzilla.novell.com/624814
https://bugzilla.novell.com/625674
https://bugzilla.novell.com/626880
https://bugzilla.novell.com/629170
https://bugzilla.novell.com/632568
https://bugzilla.novell.com/633268
https://bugzilla.novell.com/633543
https://bugzilla.novell.com/633593
https://bugzilla.novell.com/633733
https://bugzilla.novell.com/634637
https://bugzilla.novell.com/635425
https://bugzilla.novell.com/636112
https://bugzilla.novell.com/636461
https://bugzilla.novell.com/636561
https://bugzilla.novell.com/636850
https://bugzilla.novell.com/637436
https://bugzilla.novell.com/637502
https://bugzilla.novell.com/637639
https://bugzilla.novell.com/637944
https://bugzilla.novell.com/638277
https://bugzilla.novell.com/638400
https://bugzilla.novell.com/638613
https://bugzilla.novell.com/638618
https://bugzilla.novell.com/638807
https://bugzilla.novell.com/638860
https://bugzilla.novell.com/639161
https://bugzilla.novell.com/639197
https://bugzilla.novell.com/639481
https://bugzilla.novell.com/639482
https://bugzilla.novell.com/639483
https://bugzilla.novell.com/639709
https://bugzilla.novell.com/639728
https://bugzilla.novell.com/639944
https://bugzilla.novell.com/640276
https://bugzilla.novell.com/640721
https://bugzilla.novell.com/641247
https://bugzilla.novell.com/642009
https://bugzilla.novell.com/642449
https://bugzilla.novell.com/643909
https://bugzilla.novell.com/643914
https://bugzilla.novell.com/643922


< Previous Next >
This Thread
  • No further messages