SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 8161)

NASLDB: SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 8161)

General

ID: 59521
Name: SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 8161)

Summary: Checks rpm output for the updated packages

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: –

Port: 0
Family: SuSE Local Security Checks
Type: Local

Description

This Linux kernel update fixes various security issues and bugs in the
SUSE Linux Enterprise 10 SP4 kernel.

The following security issues have been fixed :

– A memory corruption when mounting a hfsplus filesystem
was fixed that could be used by local attackers able to
mount filesystem to crash the system. (CVE-2012-2319)

– The dl2k network card driver lacked permission handling
for some ethtool ioctls, which could allow local
attackers to start/stop the network card.
(CVE-2012-2313)

– The befs_follow_linkl function in fs/befs/linuxvfs.c in
the Linux kernel did not validate the lenght attribute
of long symlinsk, which allowed local users to cause a
denial of service (incorrect pointer dereference and
Ooops) by accessing a long symlink on a malformed Be
filesystem. (CVE-2011-2928)

– Fixed a memory corruption possibility in xfs readlink,
which could be used by local attackers to crash the
system or potentially execute code by mounting a
prepared xfs filesystem image. (CVE-2011-4077)

– A BUG error report in the nfs4xdr routines on a NFSv4
mount was fixed that could happen during mknod.
(CVE-2011-4324)

– Mounting a corrupted hfs filesystem could lead to a
buffer overflow. (CVE-2011-4330)

The following non-security issues have been fixed :

– kernel: pfault task state race (bnc#764128,LTC#81724).

– ap: Toleration for ap bus devices with device type 10.
(bnc#761389)

– hugetlb, numa: fix interleave mpol reference count.
(bnc#762111)

– cciss: fixup kdump. (bnc#730200)

– kdump: Avoid allocating bootmem map over crash reserved
region. (bnc#749168, bnc#722400, bnc#742881)

– qeth: Improve OSA Express 4 blkt defaults
(bnc#754964,LTC#80325).

– zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl
(bnc#754964,LTC#80378).

– virtio: add names to virtqueue struct, mapping from
devices to queues. (bnc#742148)

– virtio: find_vqs/del_vqs virtio operations. (bnc#742148)

– virtio_pci: optional MSI-X support. (bnc#742148)

– virtio_pci: split up vp_interrupt. (bnc#742148)

– knfsd: nfsd4: fix laundromat shutdown race (752556).

– driver core: Check for valid device in
bus_find_device(). (bnc#729685)

– VMware detection backport from mainline. (bnc#671124,
bnc#747381)

– net: adding memory barrier to the poll and receive
callbacks. (bnc#746397 / bnc#750928)

– qla2xxx: drop reference before wait for completion.
(bnc#744592)

– qla2xxx: drop reference before wait for completion.
(bnc#744592)

– ixgbe driver sets all WOL flags upon initialization so
that machine is powered on as soon at it is switched
off. (bnc#693639)

– Properly release MSI vector(s) when MSI gets
disabled. (bnc#723294, bnc#721869)

– scsi: Always retry internal target error. (bnc#745640)

– cxgb4: fix parent device access in netdev_printk.
(bnc#733155)

– lcs: lcs offline failure (bnc#752486,LTC#79788).

– qeth: add missing wake_up call (bnc#752486,LTC#79899).

– NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and
MKDIR. (bnc#751880)

– xenbus: Reject replies with payload >
XENSTORE_PAYLOAD_MAX.

– xenbus_dev: add missing error checks to watch handling.

– blkfront: properly fail packet requests. (bnc#745929)

– blkback: failure to write ‘feature-barrier’ node is
non-fatal.

– igb: Free MSI and MSIX interrupt vectors on driver
remove or shutdown. (bnc#723294)

– igb: Fix for Alt MAC Address feature on 82580 and later
devices. (bnc#746980)

– igb: Free MSI and MSIX interrupt vectors on driver
remove or shutdown. (bnc#723294)

– cfq: Fix infinite loop in cfq_preempt_queue().
(bnc#724692)

– dasd: fix fixpoint divide exception in define_extent
(bnc#750168,LTC#79125).

– ctcmpc: use correct idal word list for ctcmpc
(bnc#750168,LTC#79264).

– patches.fixes/ext3-fix-reuse-of-freed-blocks.diff:
Delete. Patch should not really be needed and apparently
causes a performance regression. (bnc#683270)

– tcp: fix race condition leading to premature termination
of sockets in FIN_WAIT2 state and connection being
reset. (bnc#745760)

– kernel: console interrupts vs. panic
(bnc#737325,LTC#77272).

– af_iucv: remove IUCV-pathes completely
(bnc#737325,LTC#78292).

– qdio: wrong buffers-used counter for ERROR buffers
(bnc#737325,LTC#78758).

– ext3: Fix credit estimate for DIO allocation.
(bnc#745732)

– jbd: validate sb->s_first in journal_get_superblock().
(bnc#730118)

– ocfs2: serialize unaligned aio. (bnc#671479)

– cifs: eliminate usage of kthread_stop for cifsd.
(bnc#718343)

– virtio: fix wrong type used, resulting in truncated
addresses in bigsmp kernel. (bnc#737899)

– cciss: Adds simple mode functionality. (bnc#730200)

– blktap: fix locking (again). (bnc#724734)

– block: Initial support for data-less (or empty) barrier
support (bnc#734707 FATE#313126).

– xen: Do not allow empty barriers to be passed down to
queues that do not grok them (bnc#734707 FATE#313126).

– linkwatch: Handle jiffies wrap-around. (bnc#740131)

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2011-2928
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: 2012/05/31
Plugin Release: 2012/06/15

Plugin

Version: 1.1
Filename: suse_kernel-8161.nasl
Filesize: 9542 bytes
MD5 Hash: 07d90acfce38ec0c0aef8bcf402802a2

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list
Dependencies: "ssh_get_info.nasl"

Latest Plugins

Latest Plugins

scip AG