openSUSE Security Update: kernel: security and bugfix update. ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0734-1 Rating: important References: #613835 #614670 #638709 #640338 #640568 #640721 #641479 #642009 #644046 Cross-References: CVE-2010-2962 CVE-2010-3310 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that solves two vulnerabilities and has 7 fixes is now available. It includes one version update. Description: This updated openSUSE 11.3 kernel fixes the following security bugs: CVE-2010-3310: local users could corrupt kernel heap memory via ROSE sockets. CVE-2010-2962: local users could write to any kernel memory location via the i915 GEM ioctl interface. Additionally the update restores the compat_alloc_userspace() inline function and includes several other bug fixes. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch kernel-3315 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64) [New Version: 2.6.34.7]: kernel-debug-2.6.34.7-0.4.1 kernel-debug-base-2.6.34.7-0.4.1 kernel-debug-devel-2.6.34.7-0.4.1 kernel-default-2.6.34.7-0.4.1 kernel-default-base-2.6.34.7-0.4.1 kernel-default-devel-2.6.34.7-0.4.1 kernel-desktop-2.6.34.7-0.4.1 kernel-desktop-base-2.6.34.7-0.4.1 kernel-desktop-devel-2.6.34.7-0.4.1 kernel-ec2-2.6.34.7-0.4.1 kernel-ec2-base-2.6.34.7-0.4.1 kernel-ec2-devel-2.6.34.7-0.4.1 kernel-ec2-extra-2.6.34.7-0.4.1 kernel-syms-2.6.34.7-0.4.1 kernel-trace-2.6.34.7-0.4.1 kernel-trace-base-2.6.34.7-0.4.1 kernel-trace-devel-2.6.34.7-0.4.1 kernel-vanilla-2.6.34.7-0.4.1 kernel-vanilla-base-2.6.34.7-0.4.1 kernel-vanilla-devel-2.6.34.7-0.4.1 kernel-xen-2.6.34.7-0.4.1 kernel-xen-base-2.6.34.7-0.4.1 kernel-xen-devel-2.6.34.7-0.4.1 preload-kmp-default-1.1_k2.6.34.7_0.4-19.1.7 preload-kmp-desktop-1.1_k2.6.34.7_0.4-19.1.7 - openSUSE 11.3 (noarch) [New Version: 2.6.34.7]: kernel-devel-2.6.34.7-0.4.1 kernel-source-2.6.34.7-0.4.1 kernel-source-vanilla-2.6.34.7-0.4.1 - openSUSE 11.3 (i586) [New Version: 2.6.34.7]: kernel-pae-2.6.34.7-0.4.1 kernel-pae-base-2.6.34.7-0.4.1 kernel-pae-devel-2.6.34.7-0.4.1 kernel-vmi-2.6.34.7-0.4.1 kernel-vmi-base-2.6.34.7-0.4.1 kernel-vmi-devel-2.6.34.7-0.4.1 References: http://support.novell.com/security/cve/CVE-2010-2962.html http://support.novell.com/security/cve/CVE-2010-3310.html https://bugzilla.novell.com/613835 https://bugzilla.novell.com/614670 https://bugzilla.novell.com/638709 https://bugzilla.novell.com/640338 https://bugzilla.novell.com/640568 https://bugzilla.novell.com/640721 https://bugzilla.novell.com/641479 https://bugzilla.novell.com/642009 https://bugzilla.novell.com/644046