Security update for Linux kernel
SUSE Security Update: Security update for Linux kernel
This Linux kernel update fixes various security issues and
bugs in the SUSE Linux Enterprise 10 SP4 kernel.
This update fixes the following security issues:
* bnc#651219: X.25 remote DoS (CVE-2010-3873)
* bnc#653260: X.25 remote Dos (CVE-2010-4164)
* bnc#655696: 1 socket local DoS (CVE-2010-4249)
* bnc#676602: ebtables infoleak (CVE-2011-1080)
* bnc#681180: netfilter: arp_tables infoleak to
userspace (CVE-2011-1170)
* bnc#681181: netfilter: ip_tables infoleak to
userspace (CVE-2011-1171)
* bnc#681185: netfilter: ip6_tables infoleak to
userspace (CVE-2011-1172)
* bnc#681186: econet 4 byte infoleak (CVE-2011-1173)
* bnc#699709: hfs NULL pointer dereference
(CVE-2011-2203)
* bnc#700879: inet_diag infinite loop (CVE-2011-2213)
* bnc#702037: netfilter: ipt_CLUSTERIP buffer overflow
(CVE-2011-2534)
* bnc#707288: ipv6: make fragment identifications less
predictable (CVE-2011-2699)
* bnc#726064: clock_gettime() panic (CVE-2011-3209)
* bnc#735612: qdisc NULL dereference (CVE-2011-2525)
This update also fixes the following non-security issues:
* bnc#671124: New timesource for VMware platform
* bnc#673343: usblp crashes after the printer is
unplugged for the second time
* bnc#704253: Data corruption with mpt2sas driver
* bnc#716437: NIC Bond no longer works when booting the
XEN kernel
* bnc#721267: "reboot=b" kernel command line hangs
system on reboot
* bnc#721351: kernel panic at iscsi_xmitwork function
* bnc#725878: NFS supplementary group permissions
* bnc#726843: IBM LTC System z Maintenance Kernel
Patches (#59)
* bnc#727597: NFS slowness
* bnc#728341: IBM LTC System z maintenance kernel
patches (#60)
* bnc#729117: propagate MAC-address to VLAN-interface
* bnc#730749: ipmi deadlock in start_next_msg
* bnc#731770: ext3 filesystem corruption after crash
* bnc#732375: IBM LTC System z maintenance kernel
patches (#61)
* bnc#733407: hangs when offlining a CPU core
Security Issue references:
* CVE-2011-2534
>
* CVE-2011-2525
>
* CVE-2011-2203
>
* CVE-2011-2699
>
* CVE-2010-4249
>
* CVE-2011-1173
>
* CVE-2011-1170
>
* CVE-2011-1171
>
* CVE-2010-3873
>
* CVE-2011-1080
>
* CVE-2011-2213
>
* CVE-2011-3209
>
* CVE-2011-1172
>
* CVE-2010-4164
>
| Announcement ID: | SUSE-SU-2012:0115-1 |
| Rating: | moderate |
| References: | #651219 #653260 #655696 #656153 #671124 #673343 #676602 #681180 #681181 #681185 #681186 #699709 #700879 #702037 #704253 #707288 #716437 #721267 #721351 #725878 #726064 #726843 #727597 #728341 #729117 #730749 #731770 #732375 #733407 #735612 |
| Affected Products: |
An update that solves 14 vulnerabilities and has 16 fixes is now available.
Description:
This Linux kernel update fixes various security issues and
bugs in the SUSE Linux Enterprise 10 SP4 kernel.
This update fixes the following security issues:
* bnc#651219: X.25 remote DoS (CVE-2010-3873)
* bnc#653260: X.25 remote Dos (CVE-2010-4164)
* bnc#655696: 1 socket local DoS (CVE-2010-4249)
* bnc#676602: ebtables infoleak (CVE-2011-1080)
* bnc#681180: netfilter: arp_tables infoleak to
userspace (CVE-2011-1170)
* bnc#681181: netfilter: ip_tables infoleak to
userspace (CVE-2011-1171)
* bnc#681185: netfilter: ip6_tables infoleak to
userspace (CVE-2011-1172)
* bnc#681186: econet 4 byte infoleak (CVE-2011-1173)
* bnc#699709: hfs NULL pointer dereference
(CVE-2011-2203)
* bnc#700879: inet_diag infinite loop (CVE-2011-2213)
* bnc#702037: netfilter: ipt_CLUSTERIP buffer overflow
(CVE-2011-2534)
* bnc#707288: ipv6: make fragment identifications less
predictable (CVE-2011-2699)
* bnc#726064: clock_gettime() panic (CVE-2011-3209)
* bnc#735612: qdisc NULL dereference (CVE-2011-2525)
This update also fixes the following non-security issues:
* bnc#671124: New timesource for VMware platform
* bnc#673343: usblp crashes after the printer is
unplugged for the second time
* bnc#704253: Data corruption with mpt2sas driver
* bnc#716437: NIC Bond no longer works when booting the
XEN kernel
* bnc#721267: "reboot=b" kernel command line hangs
system on reboot
* bnc#721351: kernel panic at iscsi_xmitwork function
* bnc#725878: NFS supplementary group permissions
* bnc#726843: IBM LTC System z Maintenance Kernel
Patches (#59)
* bnc#727597: NFS slowness
* bnc#728341: IBM LTC System z maintenance kernel
patches (#60)
* bnc#729117: propagate MAC-address to VLAN-interface
* bnc#730749: ipmi deadlock in start_next_msg
* bnc#731770: ext3 filesystem corruption after crash
* bnc#732375: IBM LTC System z maintenance kernel
patches (#61)
* bnc#733407: hangs when offlining a CPU core
Security Issue references:
* CVE-2011-2534
* CVE-2011-2525
* CVE-2011-2203
* CVE-2011-2699
* CVE-2010-4249
* CVE-2011-1173
* CVE-2011-1170
* CVE-2011-1171
* CVE-2010-3873
* CVE-2011-1080
* CVE-2011-2213
* CVE-2011-3209
* CVE-2011-1172
* CVE-2010-4164
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (ia64 ppc x86_64):
- kernel-default-2.6.16.60-0.93.1
- kernel-source-2.6.16.60-0.93.1
- kernel-syms-2.6.16.60-0.93.1
- SUSE Linux Enterprise Server 10 SP4 (ia64 x86_64):
- kernel-debug-2.6.16.60-0.93.1
- SUSE Linux Enterprise Server 10 SP4 (ppc x86_64):
- kernel-kdump-2.6.16.60-0.93.1
- SUSE Linux Enterprise Server 10 SP4 (x86_64):
- kernel-smp-2.6.16.60-0.93.1
- kernel-xen-2.6.16.60-0.93.1
- SUSE Linux Enterprise Server 10 SP4 (ppc):
- kernel-iseries64-2.6.16.60-0.93.1
- kernel-ppc64-2.6.16.60-0.93.1
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
- kernel-default-2.6.16.60-0.93.1
- kernel-smp-2.6.16.60-0.93.1
- kernel-source-2.6.16.60-0.93.1
- kernel-syms-2.6.16.60-0.93.1
- kernel-xen-2.6.16.60-0.93.1
- SLE SDK 10 SP4 (ia64 x86_64):
- kernel-debug-2.6.16.60-0.93.1
- SLE SDK 10 SP4 (ppc x86_64):
- kernel-kdump-2.6.16.60-0.93.1
- SLE SDK 10 SP4 (x86_64):
- kernel-xen-2.6.16.60-0.93.1
References:
- http://support.novell.com/security/cve/CVE-2010-3873.html
- http://support.novell.com/security/cve/CVE-2010-4164.html
- http://support.novell.com/security/cve/CVE-2010-4249.html
- http://support.novell.com/security/cve/CVE-2011-1080.html
- http://support.novell.com/security/cve/CVE-2011-1170.html
- http://support.novell.com/security/cve/CVE-2011-1171.html
- http://support.novell.com/security/cve/CVE-2011-1172.html
- http://support.novell.com/security/cve/CVE-2011-1173.html
- http://support.novell.com/security/cve/CVE-2011-2203.html
- http://support.novell.com/security/cve/CVE-2011-2213.html
- http://support.novell.com/security/cve/CVE-2011-2525.html
- http://support.novell.com/security/cve/CVE-2011-2534.html
- http://support.novell.com/security/cve/CVE-2011-2699.html
- http://support.novell.com/security/cve/CVE-2011-3209.html
- https://bugzilla.novell.com/651219
- https://bugzilla.novell.com/653260
- https://bugzilla.novell.com/655696
- https://bugzilla.novell.com/656153
- https://bugzilla.novell.com/671124
- https://bugzilla.novell.com/673343
- https://bugzilla.novell.com/676602
- https://bugzilla.novell.com/681180
- https://bugzilla.novell.com/681181
- https://bugzilla.novell.com/681185
- https://bugzilla.novell.com/681186
- https://bugzilla.novell.com/699709
- https://bugzilla.novell.com/700879
- https://bugzilla.novell.com/702037
- https://bugzilla.novell.com/704253
- https://bugzilla.novell.com/707288
- https://bugzilla.novell.com/716437
- https://bugzilla.novell.com/721267
- https://bugzilla.novell.com/721351
- https://bugzilla.novell.com/725878
- https://bugzilla.novell.com/726064
- https://bugzilla.novell.com/726843
- https://bugzilla.novell.com/727597
- https://bugzilla.novell.com/728341
- https://bugzilla.novell.com/729117
- https://bugzilla.novell.com/730749
- https://bugzilla.novell.com/731770
- https://bugzilla.novell.com/732375
- https://bugzilla.novell.com/733407
- https://bugzilla.novell.com/735612
- http://download.suse.com/patch/finder/?keywords=2a1dcec5842ef47d7b0bf7d89db4e205
- http://download.suse.com/patch/finder/?keywords=2a3c70bd23d91ad0dd11094f7e71f27a
- http://download.suse.com/patch/finder/?keywords=ed1ddae1d04fbafa3e5bdc6898982285