Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[security-announce] openSUSE-SU-2012:0206-1: important: kernel: security and bugfix update.

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

openSUSE Security Update: kernel: security and bugfix update.

______________________________________________________________________________

 

Announcement ID: openSUSE-SU-2012:0206-1

Rating: important

References: #691052 #692498 #698450 #699709 #700879 #702037

#707288 #709764 #710235 #726788 #728661 #735612

#736149

Cross-References: CVE-2011-1576 CVE-2011-1770 CVE-2011-2203

CVE-2011-2213 CVE-2011-2525 CVE-2011-2534

CVE-2011-2699 CVE-2011-2723 CVE-2011-2898

CVE-2011-4081 CVE-2011-4604

Affected Products:

openSUSE 11.3

______________________________________________________________________________

 

An update that solves 11 vulnerabilities and has two fixes

is now available. It includes one version update.

 

Description:

 

The openSUSE 11.3 kernel was updated to fix various bugs

and security issues.

 

Following security issues have been fixed: CVE-2011-4604:

If root does read() on a specific socket, it's possible to

corrupt (kernel) memory over network, with an ICMP packet,

if the B.A.T.M.A.N. mesh protocol is used.

 

CVE-2011-2525: A flaw allowed the tc_fill_qdisc() function

in the Linux kernels packet scheduler API implementation to

be called on built-in qdisc structures. A local,

unprivileged user could have used this flaw to trigger a

NULL pointer dereference, resulting in a denial of service.

 

CVE-2011-2699: Fernando Gont discovered that the IPv6 stack

used predictable fragment identification numbers. A remote

attacker could exploit this to exhaust network resources,

leading to a denial of service.

 

CVE-2011-2213: The inet_diag_bc_audit function in

net/ipv4/inet_diag.c in the Linux kernel did not properly

audit INET_DIAG bytecode, which allowed local users to

cause a denial of service (kernel infinite loop) via

crafted INET_DIAG_REQ_BYTECODE instructions in a netlink

message, as demonstrated by an INET_DIAG_BC_JMP instruction

with a zero yes value, a different vulnerability than

CVE-2010-3880.

 

CVE-2011-1576: The Generic Receive Offload (GRO)

implementation in the Linux kernel allowed remote attackers

to cause a denial of service via crafted VLAN packets that

are processed by the napi_reuse_skb function, leading to

(1) a memory leak or (2) memory corruption, a different

vulnerability than CVE-2011-1478.

 

CVE-2011-2534: Buffer overflow in the clusterip_proc_write

function in net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux

kernel might have allowed local users to cause a denial of

service or have unspecified other impact via a crafted

write operation, related to string data that lacks a

terminating '\0' character.

 

CVE-2011-1770: Integer underflow in the dccp_parse_options

function (net/dccp/options.c) in the Linux kernel allowed

remote attackers to cause a denial of service via a

Datagram Congestion Control Protocol (DCCP) packet with an

invalid feature options length, which triggered a buffer

over-read.

 

CVE-2011-2723: The skb_gro_header_slow function in

include/linux/netdevice.h in the Linux kernel, when Generic

Receive Offload (GRO) is enabled, reset certain fields in

incorrect situations, which allowed remote attackers to

cause a denial of service (system crash) via crafted

network traffic.

 

CVE-2011-2898: A kernel information leak in the AF_PACKET

protocol was fixed which might have allowed local attackers

to read kernel memory.

 

CVE-2011-2203: A NULL ptr dereference on mounting corrupt

hfs filesystems was fixed which could be used by local

attackers to crash the kernel.

 

CVE-2011-4081: Using the crypto interface a local user

could Oops the kernel by writing to a AF_ALG socket.

 

 

Special Instructions and Notes:

 

Please reboot the system after installing this update.

 

Patch Instructions:

 

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

 

- openSUSE 11.3:

 

zypper in -t patch kernel-5605

 

To bring your system up-to-date, use "zypper patch".

 

 

Package List:

 

- openSUSE 11.3 (i586 x86_64) [New Version: 2.6.34.10]:

 

kernel-debug-2.6.34.10-0.6.1

kernel-debug-base-2.6.34.10-0.6.1

kernel-debug-devel-2.6.34.10-0.6.1

kernel-default-2.6.34.10-0.6.1

kernel-default-base-2.6.34.10-0.6.1

kernel-default-devel-2.6.34.10-0.6.1

kernel-desktop-2.6.34.10-0.6.1

kernel-desktop-base-2.6.34.10-0.6.1

kernel-desktop-devel-2.6.34.10-0.6.1

kernel-ec2-2.6.34.10-0.6.1

kernel-ec2-base-2.6.34.10-0.6.1

kernel-ec2-devel-2.6.34.10-0.6.1

kernel-ec2-extra-2.6.34.10-0.6.1

kernel-syms-2.6.34.10-0.6.1

kernel-trace-2.6.34.10-0.6.1

kernel-trace-base-2.6.34.10-0.6.1

kernel-trace-devel-2.6.34.10-0.6.1

kernel-vanilla-2.6.34.10-0.6.1

kernel-vanilla-base-2.6.34.10-0.6.1

kernel-vanilla-devel-2.6.34.10-0.6.1

kernel-xen-2.6.34.10-0.6.1

kernel-xen-base-2.6.34.10-0.6.1

kernel-xen-devel-2.6.34.10-0.6.1

preload-kmp-default-1.1_k2.6.34.10_0.6-19.1.37

preload-kmp-desktop-1.1_k2.6.34.10_0.6-19.1.37

 

- openSUSE 11.3 (noarch) [New Version: 2.6.34.10]:

 

kernel-devel-2.6.34.10-0.6.1

kernel-source-2.6.34.10-0.6.1

kernel-source-vanilla-2.6.34.10-0.6.1

 

- openSUSE 11.3 (i586) [New Version: 2.6.34.10]:

 

kernel-pae-2.6.34.10-0.6.1

kernel-pae-base-2.6.34.10-0.6.1

kernel-pae-devel-2.6.34.10-0.6.1

kernel-vmi-2.6.34.10-0.6.1

kernel-vmi-base-2.6.34.10-0.6.1

kernel-vmi-devel-2.6.34.10-0.6.1

 

 

References:

 

http://support.novell.com/security/cve/CVE-2011-1576.html

http://support.novell.com/security/cve/CVE-2011-1770.html

http://support.novell.com/security/cve/CVE-2011-2203.html

http://support.novell.com/security/cve/CVE-2011-2213.html

http://support.novell.com/security/cve/CVE-2011-2525.html

http://support.novell.com/security/cve/CVE-2011-2534.html

http://support.novell.com/security/cve/CVE-2011-2699.html

http://support.novell.com/security/cve/CVE-2011-2723.html

http://support.novell.com/security/cve/CVE-2011-2898.html

http://support.novell.com/security/cve/CVE-2011-4081.html

http://support.novell.com/security/cve/CVE-2011-4604.html

https://bugzilla.novell.com/691052

https://bugzilla.novell.com/692498

https://bugzilla.novell.com/698450

https://bugzilla.novell.com/699709

https://bugzilla.novell.com/700879

https://bugzilla.novell.com/702037

https://bugzilla.novell.com/707288

https://bugzilla.novell.com/709764

https://bugzilla.novell.com/710235

https://bugzilla.novell.com/726788

https://bugzilla.novell.com/728661

https://bugzilla.novell.com/735612

https://bugzilla.novell.com/736149

 

--

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org

For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

 

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×