CVE-2011-3188
SLE 11 SERVER Unsupported Extras,SUSE Linux Enterprise Desktop 11 SP1,SUSE Linux Enterprise High Availability Extension 11 SP1,SUSE Linux Enterprise Server 11 SP1,SUSE Linux Enterprise Server 11 SP1 for VMware
CVE-2011-3188, security advisory, novell, suse linux, suse, security, cve

CVE-2011-3188

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2011-3188 at MITRE

Description

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 6.82
Vector AV:N/AC:M/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

Note from the SUSE Security Team

While a fix was released for SUSE Linux Enterprise 11 SP1 via the 2.6.32.stable tree, the SUSE kernel engineering team is currently not considering a backport for older SUSE Linux Enterprise versions for this problem.

Reasons are:

SUSE Bugzilla entries: 713650 [RESOLVED / FIXED], 737874 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 2.6.32.49-0.3.1
  • kernel-xen-extra >= 2.6.32.49-0.3.1
Builds
SAT Patch Nr: 5495
SUSE Linux Enterprise High Availability Extension 11 SP1
  • cluster-network-kmp-default >= 1.4_2.6.32.49_0.3-2.5.18
  • cluster-network-kmp-ppc64 >= 1.4_2.6.32.49_0.3-2.5.18
  • cluster-network-kmp-trace >= 1.4_2.6.32.49_0.3-2.5.18
  • gfs2-kmp-default >= 2_2.6.32.49_0.3-0.2.65
  • gfs2-kmp-ppc64 >= 2_2.6.32.49_0.3-0.2.65
  • gfs2-kmp-trace >= 2_2.6.32.49_0.3-0.2.65
  • ocfs2-kmp-default >= 1.6_2.6.32.49_0.3-0.4.2.18
  • ocfs2-kmp-ppc64 >= 1.6_2.6.32.49_0.3-0.4.2.18
  • ocfs2-kmp-trace >= 1.6_2.6.32.49_0.3-0.4.2.18
sles11-sp1.ppc
sle11-sp1-hae.ppc
SAT Patch Nr: 5507
SUSE Linux Enterprise Server 11 SP1
  • btrfs-kmp-default >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-trace >= 0_2.6.32.49_0.3-0.3.66
  • ext4dev-kmp-default >= 0_2.6.32.49_0.3-7.9.33
  • ext4dev-kmp-ppc64 >= 0_2.6.32.49_0.3-7.9.33
  • ext4dev-kmp-trace >= 0_2.6.32.49_0.3-7.9.33
  • kernel-default >= 2.6.32.49-0.3.1
  • kernel-default-base >= 2.6.32.49-0.3.1
  • kernel-default-devel >= 2.6.32.49-0.3.1
  • kernel-ppc64 >= 2.6.32.49-0.3.1
  • kernel-ppc64-base >= 2.6.32.49-0.3.1
  • kernel-ppc64-devel >= 2.6.32.49-0.3.1
  • kernel-source >= 2.6.32.49-0.3.1
  • kernel-syms >= 2.6.32.49-0.3.1
  • kernel-trace >= 2.6.32.49-0.3.1
  • kernel-trace-base >= 2.6.32.49-0.3.1
  • kernel-trace-devel >= 2.6.32.49-0.3.1
sles11-sp1.ppc
sle11-sp1-hae.ppc
SAT Patch Nr: 5507
SUSE Linux Enterprise High Availability Extension 11 SP1
  • cluster-network-kmp-default >= 1.4_2.6.32.49_0.3-2.5.18
  • cluster-network-kmp-trace >= 1.4_2.6.32.49_0.3-2.5.18
  • cluster-network-kmp-xen >= 1.4_2.6.32.49_0.3-2.5.18
  • gfs2-kmp-default >= 2_2.6.32.49_0.3-0.2.65
  • gfs2-kmp-trace >= 2_2.6.32.49_0.3-0.2.65
  • gfs2-kmp-xen >= 2_2.6.32.49_0.3-0.2.65
  • ocfs2-kmp-default >= 1.6_2.6.32.49_0.3-0.4.2.18
  • ocfs2-kmp-trace >= 1.6_2.6.32.49_0.3-0.4.2.18
  • ocfs2-kmp-xen >= 1.6_2.6.32.49_0.3-0.4.2.18
sle11-sp1-hae.x86-64
sles11-sp1.x86-64
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
SAT Patch Nr: 5511
SUSE Linux Enterprise Desktop 11 SP1
  • btrfs-kmp-default >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-trace >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-xen >= 0_2.6.32.49_0.3-0.3.66
  • hyper-v-kmp-default >= 0_2.6.32.49_0.3-0.14.17
  • hyper-v-kmp-default >= 0_2.6.32.49_0.3-0.18.1
  • hyper-v-kmp-trace >= 0_2.6.32.49_0.3-0.18.1
  • kernel-default >= 2.6.32.49-0.3.1
  • kernel-default-base >= 2.6.32.49-0.3.1
  • kernel-default-devel >= 2.6.32.49-0.3.1
  • kernel-default-extra >= 2.6.32.49-0.3.1
  • kernel-desktop-devel >= 2.6.32.49-0.3.1
  • kernel-source >= 2.6.32.49-0.3.1
  • kernel-syms >= 2.6.32.49-0.3.1
  • kernel-trace-devel >= 2.6.32.49-0.3.1
  • kernel-xen >= 2.6.32.49-0.3.1
  • kernel-xen-base >= 2.6.32.49-0.3.1
  • kernel-xen-devel >= 2.6.32.49-0.3.1
  • kernel-xen-extra >= 2.6.32.49-0.3.1
sle11-sp1-hae.x86-64
sles11-sp1.x86-64
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
SAT Patch Nr: 5511
SUSE Linux Enterprise Server 11 SP1 for VMware
  • btrfs-kmp-default >= 0_2.6.32.49_0.3-0.3.66
  • ext4dev-kmp-default >= 0_2.6.32.49_0.3-7.9.33
  • hyper-v-kmp-default >= 0_2.6.32.49_0.3-0.14.17
  • hyper-v-kmp-default >= 0_2.6.32.49_0.3-0.18.1
  • kernel-default >= 2.6.32.49-0.3.1
  • kernel-default-base >= 2.6.32.49-0.3.1
  • kernel-default-devel >= 2.6.32.49-0.3.1
  • kernel-source >= 2.6.32.49-0.3.1
  • kernel-syms >= 2.6.32.49-0.3.1
  • kernel-trace >= 2.6.32.49-0.3.1
  • kernel-trace-base >= 2.6.32.49-0.3.1
  • kernel-trace-devel >= 2.6.32.49-0.3.1
sle11-sp1-hae.x86-64
sles11-sp1.x86-64
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
SAT Patch Nr: 5511
SUSE Linux Enterprise Server 11 SP1
  • btrfs-kmp-default >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-trace >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-xen >= 0_2.6.32.49_0.3-0.3.66
  • ext4dev-kmp-default >= 0_2.6.32.49_0.3-7.9.33
  • ext4dev-kmp-trace >= 0_2.6.32.49_0.3-7.9.33
  • ext4dev-kmp-xen >= 0_2.6.32.49_0.3-7.9.33
  • hyper-v-kmp-default >= 0_2.6.32.49_0.3-0.14.17
  • hyper-v-kmp-default >= 0_2.6.32.49_0.3-0.18.1
  • hyper-v-kmp-trace >= 0_2.6.32.49_0.3-0.18.1
  • kernel-default >= 2.6.32.49-0.3.1
  • kernel-default-base >= 2.6.32.49-0.3.1
  • kernel-default-devel >= 2.6.32.49-0.3.1
  • kernel-ec2 >= 2.6.32.49-0.3.1
  • kernel-ec2-base >= 2.6.32.49-0.3.1
  • kernel-source >= 2.6.32.49-0.3.1
  • kernel-syms >= 2.6.32.49-0.3.1
  • kernel-trace >= 2.6.32.49-0.3.1
  • kernel-trace-base >= 2.6.32.49-0.3.1
  • kernel-trace-devel >= 2.6.32.49-0.3.1
  • kernel-xen >= 2.6.32.49-0.3.1
  • kernel-xen-base >= 2.6.32.49-0.3.1
  • kernel-xen-devel >= 2.6.32.49-0.3.1
sle11-sp1-hae.x86-64
sles11-sp1.x86-64
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
SAT Patch Nr: 5511
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 2.6.32.49-0.3.1
  • kernel-pae-extra >= 2.6.32.49-0.3.1
  • kernel-xen-extra >= 2.6.32.49-0.3.1
Builds
SAT Patch Nr: 5496
SUSE Linux Enterprise High Availability Extension 11 SP1
  • cluster-network-kmp-default >= 1.4_2.6.32.49_0.3-2.5.18
  • cluster-network-kmp-trace >= 1.4_2.6.32.49_0.3-2.5.18
  • gfs2-kmp-default >= 2_2.6.32.49_0.3-0.2.65
  • gfs2-kmp-trace >= 2_2.6.32.49_0.3-0.2.65
  • ocfs2-kmp-default >= 1.6_2.6.32.49_0.3-0.4.2.18
  • ocfs2-kmp-trace >= 1.6_2.6.32.49_0.3-0.4.2.18
sle11-sp1-hae.ia64
sles11-sp1.ia64
SAT Patch Nr: 5494
SUSE Linux Enterprise Server 11 SP1
  • btrfs-kmp-default >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-trace >= 0_2.6.32.49_0.3-0.3.66
  • ext4dev-kmp-default >= 0_2.6.32.49_0.3-7.9.33
  • ext4dev-kmp-trace >= 0_2.6.32.49_0.3-7.9.33
  • kernel-default >= 2.6.32.49-0.3.1
  • kernel-default-base >= 2.6.32.49-0.3.1
  • kernel-default-devel >= 2.6.32.49-0.3.1
  • kernel-source >= 2.6.32.49-0.3.1
  • kernel-syms >= 2.6.32.49-0.3.1
  • kernel-trace >= 2.6.32.49-0.3.1
  • kernel-trace-base >= 2.6.32.49-0.3.1
  • kernel-trace-devel >= 2.6.32.49-0.3.1
sle11-sp1-hae.ia64
sles11-sp1.ia64
SAT Patch Nr: 5494
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 2.6.32.49-0.3.1
  • kernel-ppc64-extra >= 2.6.32.49-0.3.1
Builds
SAT Patch Nr: 5497
SUSE Linux Enterprise High Availability Extension 11 SP1
  • cluster-network-kmp-default >= 1.4_2.6.32.49_0.3-2.5.18
  • cluster-network-kmp-pae >= 1.4_2.6.32.49_0.3-2.5.18
  • cluster-network-kmp-trace >= 1.4_2.6.32.49_0.3-2.5.18
  • cluster-network-kmp-xen >= 1.4_2.6.32.49_0.3-2.5.18
  • gfs2-kmp-default >= 2_2.6.32.49_0.3-0.2.65
  • gfs2-kmp-pae >= 2_2.6.32.49_0.3-0.2.65
  • gfs2-kmp-trace >= 2_2.6.32.49_0.3-0.2.65
  • gfs2-kmp-xen >= 2_2.6.32.49_0.3-0.2.65
  • ocfs2-kmp-default >= 1.6_2.6.32.49_0.3-0.4.2.18
  • ocfs2-kmp-pae >= 1.6_2.6.32.49_0.3-0.4.2.18
  • ocfs2-kmp-trace >= 1.6_2.6.32.49_0.3-0.4.2.18
  • ocfs2-kmp-xen >= 1.6_2.6.32.49_0.3-0.4.2.18
sles11-sp1-vmware.x86
sle11-sp1-hae.x86
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 5510
SUSE Linux Enterprise Desktop 11 SP1
  • btrfs-kmp-default >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-pae >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-trace >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-xen >= 0_2.6.32.49_0.3-0.3.66
  • hyper-v-kmp-default >= 0_2.6.32.49_0.3-0.14.17
  • hyper-v-kmp-default >= 0_2.6.32.49_0.3-0.18.1
  • hyper-v-kmp-pae >= 0_2.6.32.49_0.3-0.14.17
  • hyper-v-kmp-pae >= 0_2.6.32.49_0.3-0.18.1
  • hyper-v-kmp-trace >= 0_2.6.32.49_0.3-0.18.1
  • kernel-default >= 2.6.32.49-0.3.1
  • kernel-default-base >= 2.6.32.49-0.3.1
  • kernel-default-devel >= 2.6.32.49-0.3.1
  • kernel-default-extra >= 2.6.32.49-0.3.1
  • kernel-desktop-devel >= 2.6.32.49-0.3.1
  • kernel-pae >= 2.6.32.49-0.3.1
  • kernel-pae-base >= 2.6.32.49-0.3.1
  • kernel-pae-devel >= 2.6.32.49-0.3.1
  • kernel-pae-extra >= 2.6.32.49-0.3.1
  • kernel-source >= 2.6.32.49-0.3.1
  • kernel-syms >= 2.6.32.49-0.3.1
  • kernel-trace-devel >= 2.6.32.49-0.3.1
  • kernel-xen >= 2.6.32.49-0.3.1
  • kernel-xen-base >= 2.6.32.49-0.3.1
  • kernel-xen-devel >= 2.6.32.49-0.3.1
  • kernel-xen-extra >= 2.6.32.49-0.3.1
sles11-sp1-vmware.x86
sle11-sp1-hae.x86
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 5510
SUSE Linux Enterprise Server 11 SP1 for VMware
  • btrfs-kmp-default >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-pae >= 0_2.6.32.49_0.3-0.3.66
  • ext4dev-kmp-default >= 0_2.6.32.49_0.3-7.9.33
  • ext4dev-kmp-pae >= 0_2.6.32.49_0.3-7.9.33
  • hyper-v-kmp-default >= 0_2.6.32.49_0.3-0.14.17
  • hyper-v-kmp-default >= 0_2.6.32.49_0.3-0.18.1
  • hyper-v-kmp-pae >= 0_2.6.32.49_0.3-0.14.17
  • hyper-v-kmp-pae >= 0_2.6.32.49_0.3-0.18.1
  • kernel-default >= 2.6.32.49-0.3.1
  • kernel-default-base >= 2.6.32.49-0.3.1
  • kernel-default-devel >= 2.6.32.49-0.3.1
  • kernel-pae >= 2.6.32.49-0.3.1
  • kernel-pae-base >= 2.6.32.49-0.3.1
  • kernel-pae-devel >= 2.6.32.49-0.3.1
  • kernel-source >= 2.6.32.49-0.3.1
  • kernel-syms >= 2.6.32.49-0.3.1
  • kernel-trace >= 2.6.32.49-0.3.1
  • kernel-trace-base >= 2.6.32.49-0.3.1
  • kernel-trace-devel >= 2.6.32.49-0.3.1
sles11-sp1-vmware.x86
sle11-sp1-hae.x86
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 5510
SUSE Linux Enterprise Server 11 SP1
  • btrfs-kmp-default >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-pae >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-trace >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-xen >= 0_2.6.32.49_0.3-0.3.66
  • ext4dev-kmp-default >= 0_2.6.32.49_0.3-7.9.33
  • ext4dev-kmp-pae >= 0_2.6.32.49_0.3-7.9.33
  • ext4dev-kmp-trace >= 0_2.6.32.49_0.3-7.9.33
  • ext4dev-kmp-xen >= 0_2.6.32.49_0.3-7.9.33
  • hyper-v-kmp-default >= 0_2.6.32.49_0.3-0.14.17
  • hyper-v-kmp-default >= 0_2.6.32.49_0.3-0.18.1
  • hyper-v-kmp-pae >= 0_2.6.32.49_0.3-0.14.17
  • hyper-v-kmp-pae >= 0_2.6.32.49_0.3-0.18.1
  • hyper-v-kmp-trace >= 0_2.6.32.49_0.3-0.18.1
  • kernel-default >= 2.6.32.49-0.3.1
  • kernel-default-base >= 2.6.32.49-0.3.1
  • kernel-default-devel >= 2.6.32.49-0.3.1
  • kernel-ec2 >= 2.6.32.49-0.3.1
  • kernel-ec2-base >= 2.6.32.49-0.3.1
  • kernel-pae >= 2.6.32.49-0.3.1
  • kernel-pae-base >= 2.6.32.49-0.3.1
  • kernel-pae-devel >= 2.6.32.49-0.3.1
  • kernel-source >= 2.6.32.49-0.3.1
  • kernel-syms >= 2.6.32.49-0.3.1
  • kernel-trace >= 2.6.32.49-0.3.1
  • kernel-trace-base >= 2.6.32.49-0.3.1
  • kernel-trace-devel >= 2.6.32.49-0.3.1
  • kernel-xen >= 2.6.32.49-0.3.1
  • kernel-xen-base >= 2.6.32.49-0.3.1
  • kernel-xen-devel >= 2.6.32.49-0.3.1
sles11-sp1-vmware.x86
sle11-sp1-hae.x86
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 5510
SUSE Linux Enterprise High Availability Extension 11 SP1
  • drbd-kmp-trace >= 8.3.11_2.6.32.49_0.3-0.3.18
sle11-sp1-hae.ppc
sle11-sp1-hae.ia64
sles11-sp1.ppc
sles11-sp1.s390x
sles11-sp1.x86-64
sle11-sp1-hae.s390x
sle11-sp1-hae.x86
sles11-sp1.ia64
sles11-sp1.x86
sle11-sp1-hae.x86-64
SAT Patch Nr: 5509
SUSE Linux Enterprise Server 11 SP1
  • brocade-bna-kmp-trace >= 2.1.0.0_2.6.32.49_0.3-0.2.31
  • iscsitarget-kmp-trace >= 1.4.19_2.6.32.49_0.3-0.7.60
  • ofed-kmp-trace >= 1.5.2_2.6.32.49_0.3-0.9.13.5
  • oracleasm-kmp-trace >= 2.0.5_2.6.32.49_0.3-7.17.36
  • xen-kmp-trace >= 4.0.2_21511_04_2.6.32.49_0.3-0.5.10
sle11-sp1-hae.ppc
sle11-sp1-hae.ia64
sles11-sp1.ppc
sles11-sp1.s390x
sles11-sp1.x86-64
sle11-sp1-hae.s390x
sle11-sp1-hae.x86
sles11-sp1.ia64
sles11-sp1.x86
sle11-sp1-hae.x86-64
SAT Patch Nr: 5509
SUSE Linux Enterprise Server 11 SP1
  • iscsitarget-kmp-trace >= 1.4.19_2.6.32.49_0.3-0.7.60
  • ofed-kmp-trace >= 1.5.2_2.6.32.49_0.3-0.9.13.5
  • oracleasm-kmp-trace >= 2.0.5_2.6.32.49_0.3-7.17.36
sle11-sp1-hae.ppc
sle11-sp1-hae.ia64
sles11-sp1.ppc
sles11-sp1.s390x
sles11-sp1.x86-64
sle11-sp1-hae.s390x
sle11-sp1-hae.x86
sles11-sp1.ia64
sles11-sp1.x86
sle11-sp1-hae.x86-64
SAT Patch Nr: 5509
SUSE Linux Enterprise Server 11 SP1
  • iscsitarget-kmp-trace >= 1.4.19_2.6.32.49_0.3-0.7.60
  • oracleasm-kmp-trace >= 2.0.5_2.6.32.49_0.3-7.17.36
sle11-sp1-hae.ppc
sle11-sp1-hae.ia64
sles11-sp1.ppc
sles11-sp1.s390x
sles11-sp1.x86-64
sle11-sp1-hae.s390x
sle11-sp1-hae.x86
sles11-sp1.ia64
sles11-sp1.x86
sle11-sp1-hae.x86-64
SAT Patch Nr: 5509
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 2.6.32.49-0.3.1
Builds
SAT Patch Nr: 5503
SLE 11 SERVER Unsupported Extras
  • kernel-default-extra >= 2.6.32.49-0.3.1
Builds
SAT Patch Nr: 5502
SUSE Linux Enterprise High Availability Extension 11 SP1
  • cluster-network-kmp-default >= 1.4_2.6.32.49_0.3-2.5.18
  • cluster-network-kmp-trace >= 1.4_2.6.32.49_0.3-2.5.18
  • gfs2-kmp-default >= 2_2.6.32.49_0.3-0.2.65
  • gfs2-kmp-trace >= 2_2.6.32.49_0.3-0.2.65
  • ocfs2-kmp-default >= 1.6_2.6.32.49_0.3-0.4.2.18
  • ocfs2-kmp-trace >= 1.6_2.6.32.49_0.3-0.4.2.18
sles11-sp1.s390x
sle11-sp1-hae.s390x
SAT Patch Nr: 5493
SUSE Linux Enterprise Server 11 SP1
  • btrfs-kmp-default >= 0_2.6.32.49_0.3-0.3.66
  • btrfs-kmp-trace >= 0_2.6.32.49_0.3-0.3.66
  • ext4dev-kmp-default >= 0_2.6.32.49_0.3-7.9.33
  • ext4dev-kmp-trace >= 0_2.6.32.49_0.3-7.9.33
  • kernel-default >= 2.6.32.49-0.3.1
  • kernel-default-base >= 2.6.32.49-0.3.1
  • kernel-default-devel >= 2.6.32.49-0.3.1
  • kernel-default-man >= 2.6.32.49-0.3.1
  • kernel-source >= 2.6.32.49-0.3.1
  • kernel-syms >= 2.6.32.49-0.3.1
  • kernel-trace >= 2.6.32.49-0.3.1
  • kernel-trace-base >= 2.6.32.49-0.3.1
  • kernel-trace-devel >= 2.6.32.49-0.3.1
sles11-sp1.s390x
sle11-sp1-hae.s390x
SAT Patch Nr: 5493