openSUSE Security Update: kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2013:1005-1 Rating: critical References: #790920 #821560 #822722 Cross-References: CVE-2013-2850 Affected Products: openSUSE 12.1 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: The openSUSE 12.1 kernel was updated to fix a critical security issue and also some reiserfs bugs. CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi target running on the machine and the attacker able to make a network connection to it (aka not filtered by firewalls). Bugs: - reiserfs: fix spurious multiple-fill in reiserfs_readdir_dentry (bnc#822722). - reiserfs: fix problems with chowning setuid file w/ xattrs (bnc#790920). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.1: zypper in -t patch openSUSE-2013-483 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 12.1 (i586 x86_64): kernel-debug-3.1.10-1.29.1 kernel-debug-base-3.1.10-1.29.1 kernel-debug-base-debuginfo-3.1.10-1.29.1 kernel-debug-debuginfo-3.1.10-1.29.1 kernel-debug-debugsource-3.1.10-1.29.1 kernel-debug-devel-3.1.10-1.29.1 kernel-debug-devel-debuginfo-3.1.10-1.29.1 kernel-default-3.1.10-1.29.1 kernel-default-base-3.1.10-1.29.1 kernel-default-base-debuginfo-3.1.10-1.29.1 kernel-default-debuginfo-3.1.10-1.29.1 kernel-default-debugsource-3.1.10-1.29.1 kernel-default-devel-3.1.10-1.29.1 kernel-default-devel-debuginfo-3.1.10-1.29.1 kernel-desktop-3.1.10-1.29.1 kernel-desktop-base-3.1.10-1.29.1 kernel-desktop-base-debuginfo-3.1.10-1.29.1 kernel-desktop-debuginfo-3.1.10-1.29.1 kernel-desktop-debugsource-3.1.10-1.29.1 kernel-desktop-devel-3.1.10-1.29.1 kernel-desktop-devel-debuginfo-3.1.10-1.29.1 kernel-ec2-3.1.10-1.29.1 kernel-ec2-base-3.1.10-1.29.1 kernel-ec2-base-debuginfo-3.1.10-1.29.1 kernel-ec2-debuginfo-3.1.10-1.29.1 kernel-ec2-debugsource-3.1.10-1.29.1 kernel-ec2-devel-3.1.10-1.29.1 kernel-ec2-devel-debuginfo-3.1.10-1.29.1 kernel-ec2-extra-3.1.10-1.29.1 kernel-ec2-extra-debuginfo-3.1.10-1.29.1 kernel-syms-3.1.10-1.29.1 kernel-trace-3.1.10-1.29.1 kernel-trace-base-3.1.10-1.29.1 kernel-trace-base-debuginfo-3.1.10-1.29.1 kernel-trace-debuginfo-3.1.10-1.29.1 kernel-trace-debugsource-3.1.10-1.29.1 kernel-trace-devel-3.1.10-1.29.1 kernel-trace-devel-debuginfo-3.1.10-1.29.1 kernel-vanilla-3.1.10-1.29.1 kernel-vanilla-base-3.1.10-1.29.1 kernel-vanilla-base-debuginfo-3.1.10-1.29.1 kernel-vanilla-debuginfo-3.1.10-1.29.1 kernel-vanilla-debugsource-3.1.10-1.29.1 kernel-vanilla-devel-3.1.10-1.29.1 kernel-vanilla-devel-debuginfo-3.1.10-1.29.1 kernel-xen-3.1.10-1.29.1 kernel-xen-base-3.1.10-1.29.1 kernel-xen-base-debuginfo-3.1.10-1.29.1 kernel-xen-debuginfo-3.1.10-1.29.1 kernel-xen-debugsource-3.1.10-1.29.1 kernel-xen-devel-3.1.10-1.29.1 kernel-xen-devel-debuginfo-3.1.10-1.29.1 - openSUSE 12.1 (noarch): kernel-devel-3.1.10-1.29.1 kernel-docs-3.1.10-1.29.2 kernel-source-3.1.10-1.29.1 kernel-source-vanilla-3.1.10-1.29.1 - openSUSE 12.1 (i586): kernel-pae-3.1.10-1.29.1 kernel-pae-base-3.1.10-1.29.1 kernel-pae-base-debuginfo-3.1.10-1.29.1 kernel-pae-debuginfo-3.1.10-1.29.1 kernel-pae-debugsource-3.1.10-1.29.1 kernel-pae-devel-3.1.10-1.29.1 kernel-pae-devel-debuginfo-3.1.10-1.29.1 References: http://support.novell.com/security/cve/CVE-2013-2850.html https://bugzilla.novell.com/790920 https://bugzilla.novell.com/821560 https://bugzilla.novell.com/822722