Articles / SuSE: New Linux kernel pack...

SuSE: New Linux kernel packages fix security vulnerabilities

This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. A memory corruption when mounting a hfsplus filesystem was fixed that could be used by local attackers able to mount filesystem to crash the system. The dl2k network card driver lacked permission handling for some ethtool ioctls, which could allow local attackers to start/stop the network card. The befs_follow_linkl function did not validate the lenght attribute of long symlinsk, which allowed local users to cause a denial of service (incorrect pointer dereference and Ooops) by accessing a long symlink on a malformed Be filesystem.

A memory corruption possibility was fixed in xfs readlink, which could be used by local attackers to crash the system or potentially execute code by mounting a prepared xfs filesystem image. A BUG() error report in the nfs4xdr routines on a NFSv4 mount was fixed that could happen during mknod. Also, mounting a corrupted hfs filesystem could lead to a buffer overflow.

Updated packages are available from download.opensuse.org.

  SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:0736-1
Rating:             important
References:         #671124 #671479 #683270 #693639 #713430 #718343 
                   #721869 #722400 #723294 #724692 #724734 #726600 
                   #729685 #730118 #730200 #731673 #732613 #733155 
                   #734707 #737325 #737899 #740131 #742148 #742881 
                   #744592 #745640 #745732 #745760 #745929 #746397 
                   #746980 #747381 #749168 #750168 #750928 #751880 
                   #752486 #754964 #758813 #760902 #761389 #762111 
                   #764128 
Cross-References:   CVE-2011-2928 CVE-2011-4077 CVE-2011-4324
                   CVE-2011-4330 CVE-2012-2313 CVE-2012-2319

Affected Products:
                   SUSE Linux Enterprise Server 10 SP4
                   SUSE Linux Enterprise Desktop 10 SP4
                   SLE SDK 10 SP4
______________________________________________________________________________

  An update that solves 6 vulnerabilities and has 37 fixes is
  now available.

Description:


  This Linux kernel update fixes various security issues and
  bugs in the SUSE  Linux Enterprise 10 SP4 kernel.

  The following security issues have been fixed:

  *

  CVE-2012-2319: A memory corruption when mounting a
  hfsplus filesystem was fixed that could be used by local
  attackers able to mount filesystem to crash the system.

  *

  CVE-2012-2313: The dl2k network card driver lacked
  permission handling for some ethtool ioctls, which could
  allow local attackers to start/stop the network card.

  *

  CVE-2011-2928: The befs_follow_linkl function in
  fs/befs/linuxvfs.c in the Linux kernel did not validate the
  lenght attribute of long symlinsk, which allowed local
  users to cause a denial of service (incorrect pointer
  dereference and Ooops) by accessing a long symlink on a
  malformed Be filesystem.

  *

  CVE-2011-4077: Fixed a memory corruption possibility
  in xfs readlink, which could be used by local attackers to
  crash the system or potentially execute code by mounting a
  prepared xfs filesystem image.

  *

  CVE-2011-4324: A BUG() error report in the nfs4xdr
  routines on a NFSv4 mount was fixed that could happen
  during mknod.

  *

  CVE-2011-4330: Mounting a corrupted hfs filesystem
  could lead to a buffer overflow.

  The following non-security issues have been fixed:

  * kernel: pfault task state race (bnc#764128,LTC#81724).
  * ap: Toleration for ap bus devices with device type 10
  (bnc#761389).
  * hugetlb, numa: fix interleave mpol reference count
  (bnc#762111).
  * cciss: fixup kdump (bnc#730200).
  * kdump: Avoid allocating bootmem map over crash
  reserved region (bnc#749168, bnc#722400, bnc#742881).
  * qeth: Improve OSA Express 4 blkt defaults
  (bnc#754964,LTC#80325).
  * zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl
  (bnc#754964,LTC#80378).
  * virtio: add names to virtqueue struct, mapping from
  devices to queues (bnc#742148).
  * virtio: find_vqs/del_vqs virtio operations
  (bnc#742148).
  * virtio_pci: optional MSI-X support (bnc#742148).
  * virtio_pci: split up vp_interrupt (bnc#742148).
  * knfsd: nfsd4: fix laundromat shutdown race (752556).
  * driver core: Check for valid device in
  bus_find_device() (bnc#729685).
  * VMware detection backport from mainline (bnc#671124,
  bnc#747381).
  * net: adding memory barrier to the poll and receive
  callbacks (bnc#746397 bnc#750928).
  * qla2xxx: drop reference before wait for completion
  (bnc#744592).
  * qla2xxx: drop reference before wait for completion
  (bnc#744592).
  * ixgbe driver sets all WOL flags upon initialization
  so that machine is powered on as soon at it is switched off
  (bnc#693639)
  * Properly release MSI(X) vector(s) when MSI(X) gets
  disabled (bnc#723294, bnc#721869).
  * scsi: Always retry internal target error (bnc#745640).
  * cxgb4: fix parent device access in netdev_printk
  (bnc#733155).
  * lcs: lcs offline failure (bnc#752486,LTC#79788).
  * qeth: add missing wake_up call (bnc#752486,LTC#79899).
  * NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and
  MKDIR (bnc#751880).
  * xenbus: Reject replies with payload >
  XENSTORE_PAYLOAD_MAX.
  * xenbus_dev: add missing error checks to watch
  handling.
  * blkfront: properly fail packet requests (bnc#745929).
  * blkback: failure to write "feature-barrier" node is
  non-fatal.
  * igb: Free MSI and MSIX interrupt vectors on driver
  remove or shutdown (bnc#723294).
  * igb: Fix for Alt MAC Address feature on 82580 and
  later devices (bnc#746980).
  * igb: Free MSI and MSIX interrupt vectors on driver
  remove or shutdown (bnc#723294).
  * cfq: Fix infinite loop in cfq_preempt_queue()
  (bnc#724692).
  * dasd: fix fixpoint divide exception in define_extent
  (bnc#750168,LTC#79125).
  * ctcmpc: use correct idal word list for ctcmpc
  (bnc#750168,LTC#79264).
  * patches.fixes/ext3-fix-reuse-of-freed-blocks.diff:
  Delete. Patch should not really be needed and apparently
  causes a performance regression (bnc#683270)
  * tcp: fix race condition leading to premature
  termination of sockets in FIN_WAIT2 state and connection
  being reset (bnc#745760)
  * kernel: console interrupts vs. panic
  (bnc#737325,LTC#77272).
  * af_iucv: remove IUCV-pathes completely
  (bnc#737325,LTC#78292).
  * qdio: wrong buffers-used counter for ERROR buffers
  (bnc#737325,LTC#78758).
  * ext3: Fix credit estimate for DIO allocation
  (bnc#745732).
  * jbd: validate sb->s_first in journal_get_superblock()
  (bnc#730118).
  * ocfs2: serialize unaligned aio (bnc#671479).
  * cifs: eliminate usage of kthread_stop for cifsd
  (bnc#718343).
  * virtio: fix wrong type used, resulting in truncated
  addresses in bigsmp kernel. (bnc#737899)
  * cciss: Adds simple mode functionality (bnc#730200).
  * blktap: fix locking (again) (bnc#724734).
  * block: Initial support for data-less (or empty)
  barrier support (bnc#734707 FATE#313126).
  * xen: Do not allow empty barriers to be passed down to
  queues that do not grok them (bnc#734707 FATE#313126).
  * linkwatch: Handle jiffies wrap-around (bnc#740131).

  Security Issue references:

  * CVE-2011-2928
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2928

  * CVE-2011-4077
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4077

  * CVE-2011-4324
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4324

  * CVE-2011-4330
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4330

  * CVE-2012-2319
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2319

  * CVE-2012-2313
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2313


Indications:

  Everyone using the Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

  Please reboot the system after installing this update.


Package List:

  - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

     kernel-default-2.6.16.60-0.97.1
     kernel-source-2.6.16.60-0.97.1
     kernel-syms-2.6.16.60-0.97.1

  - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 x86_64):

     kernel-debug-2.6.16.60-0.97.1

  - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64):

     kernel-kdump-2.6.16.60-0.97.1

  - SUSE Linux Enterprise Server 10 SP4 (i586 x86_64):

     kernel-smp-2.6.16.60-0.97.1
     kernel-xen-2.6.16.60-0.97.1

  - SUSE Linux Enterprise Server 10 SP4 (i586):

     kernel-bigsmp-2.6.16.60-0.97.1
     kernel-kdumppae-2.6.16.60-0.97.1
     kernel-vmi-2.6.16.60-0.97.1
     kernel-vmipae-2.6.16.60-0.97.1
     kernel-xenpae-2.6.16.60-0.97.1

  - SUSE Linux Enterprise Server 10 SP4 (ppc):

     kernel-iseries64-2.6.16.60-0.97.1
     kernel-ppc64-2.6.16.60-0.97.1

  - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

     kernel-default-2.6.16.60-0.97.1
     kernel-smp-2.6.16.60-0.97.1
     kernel-source-2.6.16.60-0.97.1
     kernel-syms-2.6.16.60-0.97.1
     kernel-xen-2.6.16.60-0.97.1

  - SUSE Linux Enterprise Desktop 10 SP4 (i586):

     kernel-bigsmp-2.6.16.60-0.97.1
     kernel-xenpae-2.6.16.60-0.97.1

  - SLE SDK 10 SP4 (i586 ia64 x86_64):

     kernel-debug-2.6.16.60-0.97.1

  - SLE SDK 10 SP4 (i586 ppc x86_64):

     kernel-kdump-2.6.16.60-0.97.1

  - SLE SDK 10 SP4 (i586 x86_64):

     kernel-xen-2.6.16.60-0.97.1

  - SLE SDK 10 SP4 (i586):

     kernel-xenpae-2.6.16.60-0.97.1


References:

  http://support.novell.com/security/cve/CVE-2011-2928.html
  http://support.novell.com/security/cve/CVE-2011-4077.html
  http://support.novell.com/security/cve/CVE-2011-4324.html
  http://support.novell.com/security/cve/CVE-2011-4330.html
  http://support.novell.com/security/cve/CVE-2012-2313.html
  http://support.novell.com/security/cve/CVE-2012-2319.html
  https://bugzilla.novell.com/671124
  https://bugzilla.novell.com/671479
  https://bugzilla.novell.com/683270
  https://bugzilla.novell.com/693639
  https://bugzilla.novell.com/713430
  https://bugzilla.novell.com/718343
  https://bugzilla.novell.com/721869
  https://bugzilla.novell.com/722400
  https://bugzilla.novell.com/723294
  https://bugzilla.novell.com/724692
  https://bugzilla.novell.com/724734
  https://bugzilla.novell.com/726600
  https://bugzilla.novell.com/729685
  https://bugzilla.novell.com/730118
  https://bugzilla.novell.com/730200
  https://bugzilla.novell.com/731673
  https://bugzilla.novell.com/732613
  https://bugzilla.novell.com/733155
  https://bugzilla.novell.com/734707
  https://bugzilla.novell.com/737325
  https://bugzilla.novell.com/737899
  https://bugzilla.novell.com/740131
  https://bugzilla.novell.com/742148
  https://bugzilla.novell.com/742881
  https://bugzilla.novell.com/744592
  https://bugzilla.novell.com/745640
  https://bugzilla.novell.com/745732
  https://bugzilla.novell.com/745760
  https://bugzilla.novell.com/745929
  https://bugzilla.novell.com/746397
  https://bugzilla.novell.com/746980
  https://bugzilla.novell.com/747381
  https://bugzilla.novell.com/749168
  https://bugzilla.novell.com/750168
  https://bugzilla.novell.com/750928
  https://bugzilla.novell.com/751880
  https://bugzilla.novell.com/752486
  https://bugzilla.novell.com/754964
  https://bugzilla.novell.com/758813
  https://bugzilla.novell.com/760902
  https://bugzilla.novell.com/761389
  https://bugzilla.novell.com/762111
  https://bugzilla.novell.com/764128
  http://download.novell.com/patch/finder/?keywords=3395803e5857d3e0f44b39331dc3b010
  http://download.novell.com/patch/finder/?keywords=74169532cbeb6a34c2168ce4ce202dbf
  http://download.novell.com/patch/finder/?keywords=96d47125b6fb737bee4bf3f7619aa63d
  http://download.novell.com/patch/finder/?keywords=9fe1c1f891de7bb8b0abad73549e497a
  http://download.novell.com/patch/finder/?keywords=d66830daf8e6d37d2c64dfa779e3a77d
Screenshot

Project Spotlight

NTRU

The NTRU public-key cryptosystem.

Screenshot

Project Spotlight

Orthanc

A lightweight, RESTful server for medical imaging.