Mailinglist Archive: opensuse-updates (50 mails)

< Previous Next >
openSUSE-SU-2011:0860-1: moderate: kernel: security and bugfix update.
openSUSE Security Update: kernel: security and bugfix update.
______________________________________________________________________________

Announcement ID: openSUSE-SU-2011:0860-1
Rating: moderate
References: #584493 #595586 #655693 #661979 #666423 #669889
#672008 #674648 #674982 #677827 #679545 #681826
#681840 #687368 #688432 #689583 #689797 #692497
#692502 #693013 #693043 #693374 #693382 #694498
#697859 #698221 #698247 #699123 #701998 #702013
#702285 #702579 #703155 #704788
Cross-References: CVE-2011-1017 CVE-2011-1020 CVE-2011-1479
CVE-2011-1593 CVE-2011-1745 CVE-2011-1927
CVE-2011-2022 CVE-2011-2182 CVE-2011-2484
CVE-2011-2491 CVE-2011-2493 CVE-2011-2495
CVE-2011-2496 CVE-2011-2498
Affected Products:
openSUSE 11.4
______________________________________________________________________________

An update that solves 14 vulnerabilities and has 20 fixes
is now available. It includes one version update.

Description:

The openSUSE 11.4 kernel was updated to 2.6.37.6 fixing
lots of bugs and security issues.

Following security issues have been fixed: CVE-2011-2495:
The /proc/PID/io interface could be used by local attackers
to gain information on other processes like number of
password characters typed or similar.

CVE-2011-2484: The add_del_listener function in
kernel/taskstats.c in the Linux kernel did not prevent
multiple registrations of exit handlers, which allowed
local users to cause a denial of service (memory and CPU
consumption), and bypass the OOM Killer, via a crafted
application.

CVE-2011-2022: The agp_generic_remove_memory function in
drivers/char/agp/generic.c in the Linux kernel before
2.6.38.5 did not validate a certain start parameter, which
allowed local users to gain privileges or cause a denial of
service (system crash) via a crafted AGPIOC_UNBIND
agp_ioctl ioctl call, a different vulnerability than
CVE-2011-1745.

CVE-2011-1745: Integer overflow in the
agp_generic_insert_memory function in
drivers/char/agp/generic.c in the Linux kernel allowed
local users to gain privileges or cause a denial of service
(system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl
call.

CVE-2011-2493: A denial of service on mounting invalid ext4
filesystems was fixed.

CVE-2011-2491: A local unprivileged user able to access a
NFS filesystem could use file locking to deadlock parts of
an nfs server under some circumstance.

CVE-2011-2498: Also account PTE pages when calculating OOM
scoring, which could have lead to a denial of service.

CVE-2011-2496: The normal mmap paths all avoid creating a
mapping where the pgoff inside the mapping could wrap
around due to overflow. However, an expanding mremap() can
take such a non-wrapping mapping and make it bigger and
cause a wrapping condition.

CVE-2011-1017,CVE-2011-2182: The code for evaluating LDM
partitions (in fs/partitions/ldm.c) contained bugs that
could crash the kernel for certain corrupted LDM partitions.

CVE-2011-1479: A regression in inotify fix for a memory
leak could lead to a double free corruption which could
crash the system.

CVE-2011-1927: A missing route validation issue in
ip_expire() could be used by remote attackers to trigger a
NULL ptr dereference, crashing parts of the kernel.

CVE-2011-1593: Multiple integer overflows in the
next_pidmap function in kernel/pid.c in the Linux kernel
allowed local users to cause a denial of service (system
crash) via a crafted (1) getdents or (2) readdir system
call.

CVE-2011-1020: The proc filesystem implementation in the
Linux kernel did not restrict access to the /proc directory
tree of a process after this process performs an exec of a
setuid program, which allowed local users to obtain
sensitive information or cause a denial of service via
open, lseek, read, and write system calls.


Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch kernel-4932

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.4 (i586 x86_64) [New Version: 2.6.37.6]:

kernel-debug-2.6.37.6-0.7.1
kernel-debug-base-2.6.37.6-0.7.1
kernel-debug-devel-2.6.37.6-0.7.1
kernel-default-2.6.37.6-0.7.1
kernel-default-base-2.6.37.6-0.7.1
kernel-default-devel-2.6.37.6-0.7.1
kernel-desktop-2.6.37.6-0.7.1
kernel-desktop-base-2.6.37.6-0.7.1
kernel-desktop-devel-2.6.37.6-0.7.1
kernel-ec2-2.6.37.6-0.7.1
kernel-ec2-base-2.6.37.6-0.7.1
kernel-ec2-devel-2.6.37.6-0.7.1
kernel-ec2-extra-2.6.37.6-0.7.1
kernel-syms-2.6.37.6-0.7.1
kernel-trace-2.6.37.6-0.7.1
kernel-trace-base-2.6.37.6-0.7.1
kernel-trace-devel-2.6.37.6-0.7.1
kernel-vanilla-2.6.37.6-0.7.1
kernel-vanilla-base-2.6.37.6-0.7.1
kernel-vanilla-devel-2.6.37.6-0.7.1
kernel-xen-2.6.37.6-0.7.1
kernel-xen-base-2.6.37.6-0.7.1
kernel-xen-devel-2.6.37.6-0.7.1
preload-kmp-default-1.2_k2.6.37.6_0.7-6.7.12
preload-kmp-desktop-1.2_k2.6.37.6_0.7-6.7.12

- openSUSE 11.4 (noarch) [New Version: 2.6.37.6]:

kernel-devel-2.6.37.6-0.7.1
kernel-docs-2.6.37.6-0.7.1
kernel-source-2.6.37.6-0.7.1
kernel-source-vanilla-2.6.37.6-0.7.1

- openSUSE 11.4 (i586) [New Version: 2.6.37.6]:

kernel-pae-2.6.37.6-0.7.1
kernel-pae-base-2.6.37.6-0.7.1
kernel-pae-devel-2.6.37.6-0.7.1
kernel-vmi-2.6.37.6-0.7.1
kernel-vmi-base-2.6.37.6-0.7.1
kernel-vmi-devel-2.6.37.6-0.7.1


References:

http://support.novell.com/security/cve/CVE-2011-1017.html
http://support.novell.com/security/cve/CVE-2011-1020.html
http://support.novell.com/security/cve/CVE-2011-1479.html
http://support.novell.com/security/cve/CVE-2011-1593.html
http://support.novell.com/security/cve/CVE-2011-1745.html
http://support.novell.com/security/cve/CVE-2011-1927.html
http://support.novell.com/security/cve/CVE-2011-2022.html
http://support.novell.com/security/cve/CVE-2011-2182.html
http://support.novell.com/security/cve/CVE-2011-2484.html
http://support.novell.com/security/cve/CVE-2011-2491.html
http://support.novell.com/security/cve/CVE-2011-2493.html
http://support.novell.com/security/cve/CVE-2011-2495.html
http://support.novell.com/security/cve/CVE-2011-2496.html
http://support.novell.com/security/cve/CVE-2011-2498.html
https://bugzilla.novell.com/584493
https://bugzilla.novell.com/595586
https://bugzilla.novell.com/655693
https://bugzilla.novell.com/661979
https://bugzilla.novell.com/666423
https://bugzilla.novell.com/669889
https://bugzilla.novell.com/672008
https://bugzilla.novell.com/674648
https://bugzilla.novell.com/674982
https://bugzilla.novell.com/677827
https://bugzilla.novell.com/679545
https://bugzilla.novell.com/681826
https://bugzilla.novell.com/681840
https://bugzilla.novell.com/687368
https://bugzilla.novell.com/688432
https://bugzilla.novell.com/689583
https://bugzilla.novell.com/689797
https://bugzilla.novell.com/692497
https://bugzilla.novell.com/692502
https://bugzilla.novell.com/693013
https://bugzilla.novell.com/693043
https://bugzilla.novell.com/693374
https://bugzilla.novell.com/693382
https://bugzilla.novell.com/694498
https://bugzilla.novell.com/697859
https://bugzilla.novell.com/698221
https://bugzilla.novell.com/698247
https://bugzilla.novell.com/699123
https://bugzilla.novell.com/701998
https://bugzilla.novell.com/702013
https://bugzilla.novell.com/702285
https://bugzilla.novell.com/702579
https://bugzilla.novell.com/703155
https://bugzilla.novell.com/704788


< Previous Next >
This Thread
  • No further messages