openSUSE Security Update: Linux Kernel: security and bugfix update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0738-1 Rating: important References: #614670 #640721 #642009 #644046 Cross-References: CVE-2010-2962 CVE-2010-3310 Affected Products: openSUSE 11.2 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. It includes one version update. Description: The updated openSUSE 11.2 kernel fixes the following security bugs: CVE-2010-3310: Local users could corrupt kernel heap memory via ROSE sockets. CVE-2010-2962: Local users could write to any kernel memory location via the i915 GEM ioctl interface. Additionally the update restores the compat_alloc_userspace() inline function and includes several other bug fixes. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch kernel-3323 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 x86_64) [New Version: 2.6.31.14]: kernel-debug-2.6.31.14-0.2.1 kernel-debug-base-2.6.31.14-0.2.1 kernel-debug-devel-2.6.31.14-0.2.1 kernel-default-2.6.31.14-0.2.1 kernel-default-base-2.6.31.14-0.2.1 kernel-default-devel-2.6.31.14-0.2.1 kernel-desktop-2.6.31.14-0.2.1 kernel-desktop-base-2.6.31.14-0.2.1 kernel-desktop-devel-2.6.31.14-0.2.1 kernel-syms-2.6.31.14-0.2.1 kernel-trace-2.6.31.14-0.2.1 kernel-trace-base-2.6.31.14-0.2.1 kernel-trace-devel-2.6.31.14-0.2.1 kernel-vanilla-2.6.31.14-0.2.1 kernel-vanilla-base-2.6.31.14-0.2.1 kernel-vanilla-devel-2.6.31.14-0.2.1 kernel-xen-2.6.31.14-0.2.1 kernel-xen-base-2.6.31.14-0.2.1 kernel-xen-devel-2.6.31.14-0.2.1 preload-kmp-default-1.1_2.6.31.14_0.2-6.9.31 preload-kmp-desktop-1.1_2.6.31.14_0.2-6.9.31 - openSUSE 11.2 (noarch) [New Version: 2.6.31.14]: kernel-source-2.6.31.14-0.2.1 kernel-source-vanilla-2.6.31.14-0.2.1 - openSUSE 11.2 (i586) [New Version: 2.6.31.14]: kernel-pae-2.6.31.14-0.2.1 kernel-pae-base-2.6.31.14-0.2.1 kernel-pae-devel-2.6.31.14-0.2.1 References: http://support.novell.com/security/cve/CVE-2010-2962.html http://support.novell.com/security/cve/CVE-2010-3310.html https://bugzilla.novell.com/614670 https://bugzilla.novell.com/640721 https://bugzilla.novell.com/642009 https://bugzilla.novell.com/644046