Security update for Linux kernel
SUSE Security Update: Security update for Linux kernel
This Linux kernel update fixes various security issues and
bugs in the SUSE Linux Enterprise 10 SP4 kernel.
The following security issues have been fixed:
*
CVE-2012-2319: A memory corruption when mounting a
hfsplus filesystem was fixed that could be used by local
attackers able to mount filesystem to crash the system.
*
CVE-2012-2313: The dl2k network card driver lacked
permission handling for some ethtool ioctls, which could
allow local attackers to start/stop the network card.
*
CVE-2011-2928: The befs_follow_linkl function in
fs/befs/linuxvfs.c in the Linux kernel did not validate the
lenght attribute of long symlinsk, which allowed local
users to cause a denial of service (incorrect pointer
dereference and Ooops) by accessing a long symlink on a
malformed Be filesystem.
*
CVE-2011-4077: Fixed a memory corruption possibility
in xfs readlink, which could be used by local attackers to
crash the system or potentially execute code by mounting a
prepared xfs filesystem image.
*
CVE-2011-4324: A BUG() error report in the nfs4xdr
routines on a NFSv4 mount was fixed that could happen
during mknod.
*
CVE-2011-4330: Mounting a corrupted hfs filesystem
could lead to a buffer overflow.
The following non-security issues have been fixed:
* kernel: pfault task state race (bnc#764128,LTC#81724).
* ap: Toleration for ap bus devices with device type 10
(bnc#761389).
* hugetlb, numa: fix interleave mpol reference count
(bnc#762111).
* cciss: fixup kdump (bnc#730200).
* kdump: Avoid allocating bootmem map over crash
reserved region (bnc#749168, bnc#722400, bnc#742881).
* qeth: Improve OSA Express 4 blkt defaults
(bnc#754964,LTC#80325).
* zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl
(bnc#754964,LTC#80378).
* virtio: add names to virtqueue struct, mapping from
devices to queues (bnc#742148).
* virtio: find_vqs/del_vqs virtio operations
(bnc#742148).
* virtio_pci: optional MSI-X support (bnc#742148).
* virtio_pci: split up vp_interrupt (bnc#742148).
* knfsd: nfsd4: fix laundromat shutdown race (752556).
* driver core: Check for valid device in
bus_find_device() (bnc#729685).
* VMware detection backport from mainline (bnc#671124,
bnc#747381).
* net: adding memory barrier to the poll and receive
callbacks (bnc#746397 bnc#750928).
* qla2xxx: drop reference before wait for completion
(bnc#744592).
* qla2xxx: drop reference before wait for completion
(bnc#744592).
* ixgbe driver sets all WOL flags upon initialization
so that machine is powered on as soon at it is switched off
(bnc#693639)
* Properly release MSI(X) vector(s) when MSI(X) gets
disabled (bnc#723294, bnc#721869).
* scsi: Always retry internal target error (bnc#745640).
* cxgb4: fix parent device access in netdev_printk
(bnc#733155).
* lcs: lcs offline failure (bnc#752486,LTC#79788).
* qeth: add missing wake_up call (bnc#752486,LTC#79899).
* NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and
MKDIR (bnc#751880).
* xenbus: Reject replies with payload >
XENSTORE_PAYLOAD_MAX.
* xenbus_dev: add missing error checks to watch
handling.
* blkfront: properly fail packet requests (bnc#745929).
* blkback: failure to write "feature-barrier" node is
non-fatal.
* igb: Free MSI and MSIX interrupt vectors on driver
remove or shutdown (bnc#723294).
* igb: Fix for Alt MAC Address feature on 82580 and
later devices (bnc#746980).
* igb: Free MSI and MSIX interrupt vectors on driver
remove or shutdown (bnc#723294).
* cfq: Fix infinite loop in cfq_preempt_queue()
(bnc#724692).
* dasd: fix fixpoint divide exception in define_extent
(bnc#750168,LTC#79125).
* ctcmpc: use correct idal word list for ctcmpc
(bnc#750168,LTC#79264).
* patches.fixes/ext3-fix-reuse-of-freed-blocks.diff:
Delete. Patch should not really be needed and apparently
causes a performance regression (bnc#683270)
* tcp: fix race condition leading to premature
termination of sockets in FIN_WAIT2 state and connection
being reset (bnc#745760)
* kernel: console interrupts vs. panic
(bnc#737325,LTC#77272).
* af_iucv: remove IUCV-pathes completely
(bnc#737325,LTC#78292).
* qdio: wrong buffers-used counter for ERROR buffers
(bnc#737325,LTC#78758).
* ext3: Fix credit estimate for DIO allocation
(bnc#745732).
* jbd: validate sb->s_first in journal_get_superblock()
(bnc#730118).
* ocfs2: serialize unaligned aio (bnc#671479).
* cifs: eliminate usage of kthread_stop for cifsd
(bnc#718343).
* virtio: fix wrong type used, resulting in truncated
addresses in bigsmp kernel. (bnc#737899)
* cciss: Adds simple mode functionality (bnc#730200).
* blktap: fix locking (again) (bnc#724734).
* block: Initial support for data-less (or empty)
barrier support (bnc#734707 FATE#313126).
* xen: Do not allow empty barriers to be passed down to
queues that do not grok them (bnc#734707 FATE#313126).
* linkwatch: Handle jiffies wrap-around (bnc#740131).
Security Issue references:
* CVE-2011-2928
>
* CVE-2011-4077
>
* CVE-2011-4324
>
* CVE-2011-4330
>
* CVE-2012-2319
>
* CVE-2012-2313
>
http://support.novell.com/security/cve/CVE-2011-2928.html
http://support.novell.com/security/cve/CVE-2011-4077.html
http://support.novell.com/security/cve/CVE-2011-4324.html
http://support.novell.com/security/cve/CVE-2011-4330.html
http://support.novell.com/security/cve/CVE-2012-2313.html
http://support.novell.com/security/cve/CVE-2012-2319.html
https://bugzilla.novell.com/671124
https://bugzilla.novell.com/671479
https://bugzilla.novell.com/683270
https://bugzilla.novell.com/693639
https://bugzilla.novell.com/713430
https://bugzilla.novell.com/718343
https://bugzilla.novell.com/721869
https://bugzilla.novell.com/722400
https://bugzilla.novell.com/723294
https://bugzilla.novell.com/724692
https://bugzilla.novell.com/724734
https://bugzilla.novell.com/726600
https://bugzilla.novell.com/729685
https://bugzilla.novell.com/730118
https://bugzilla.novell.com/730200
https://bugzilla.novell.com/731673
https://bugzilla.novell.com/732613
https://bugzilla.novell.com/733155
https://bugzilla.novell.com/734707
https://bugzilla.novell.com/737325
https://bugzilla.novell.com/737899
https://bugzilla.novell.com/740131
https://bugzilla.novell.com/742148
https://bugzilla.novell.com/742881
https://bugzilla.novell.com/744592
https://bugzilla.novell.com/745640
https://bugzilla.novell.com/745732
https://bugzilla.novell.com/745760
https://bugzilla.novell.com/745929
https://bugzilla.novell.com/746397
https://bugzilla.novell.com/746980
https://bugzilla.novell.com/747381
https://bugzilla.novell.com/749168
https://bugzilla.novell.com/750168
https://bugzilla.novell.com/750928
https://bugzilla.novell.com/751880
https://bugzilla.novell.com/752486
https://bugzilla.novell.com/754964
https://bugzilla.novell.com/758813
https://bugzilla.novell.com/760902
https://bugzilla.novell.com/761389
https://bugzilla.novell.com/762111
https://bugzilla.novell.com/764128
http://download.suse.com/patch/finder/?keywords=3395803e5857d3e0f44b39331dc3b010
http://download.suse.com/patch/finder/?keywords=74169532cbeb6a34c2168ce4ce202dbf
http://download.suse.com/patch/finder/?keywords=96d47125b6fb737bee4bf3f7619aa63d
http://download.suse.com/patch/finder/?keywords=9fe1c1f891de7bb8b0abad73549e497a
http://download.suse.com/patch/finder/?keywords=d66830daf8e6d37d2c64dfa779e3a77d
| Announcement ID: | SUSE-SU-2012:0736-1 |
| Rating: | important |
| References: | #671124 #671479 #683270 #693639 #713430 #718343 #721869 #722400 #723294 #724692 #724734 #726600 #729685 #730118 #730200 #731673 #732613 #733155 #734707 #737325 #737899 #740131 #742148 #742881 #744592 #745640 #745732 #745760 #745929 #746397 #746980 #747381 #749168 #750168 #750928 #751880 #752486 #754964 #758813 #760902 #761389 #762111 #764128 |
| Affected Products: |
An update that solves 6 vulnerabilities and has 37 fixes is now available.
Description:
This Linux kernel update fixes various security issues and
bugs in the SUSE Linux Enterprise 10 SP4 kernel.
The following security issues have been fixed:
*
CVE-2012-2319: A memory corruption when mounting a
hfsplus filesystem was fixed that could be used by local
attackers able to mount filesystem to crash the system.
*
CVE-2012-2313: The dl2k network card driver lacked
permission handling for some ethtool ioctls, which could
allow local attackers to start/stop the network card.
*
CVE-2011-2928: The befs_follow_linkl function in
fs/befs/linuxvfs.c in the Linux kernel did not validate the
lenght attribute of long symlinsk, which allowed local
users to cause a denial of service (incorrect pointer
dereference and Ooops) by accessing a long symlink on a
malformed Be filesystem.
*
CVE-2011-4077: Fixed a memory corruption possibility
in xfs readlink, which could be used by local attackers to
crash the system or potentially execute code by mounting a
prepared xfs filesystem image.
*
CVE-2011-4324: A BUG() error report in the nfs4xdr
routines on a NFSv4 mount was fixed that could happen
during mknod.
*
CVE-2011-4330: Mounting a corrupted hfs filesystem
could lead to a buffer overflow.
The following non-security issues have been fixed:
* kernel: pfault task state race (bnc#764128,LTC#81724).
* ap: Toleration for ap bus devices with device type 10
(bnc#761389).
* hugetlb, numa: fix interleave mpol reference count
(bnc#762111).
* cciss: fixup kdump (bnc#730200).
* kdump: Avoid allocating bootmem map over crash
reserved region (bnc#749168, bnc#722400, bnc#742881).
* qeth: Improve OSA Express 4 blkt defaults
(bnc#754964,LTC#80325).
* zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl
(bnc#754964,LTC#80378).
* virtio: add names to virtqueue struct, mapping from
devices to queues (bnc#742148).
* virtio: find_vqs/del_vqs virtio operations
(bnc#742148).
* virtio_pci: optional MSI-X support (bnc#742148).
* virtio_pci: split up vp_interrupt (bnc#742148).
* knfsd: nfsd4: fix laundromat shutdown race (752556).
* driver core: Check for valid device in
bus_find_device() (bnc#729685).
* VMware detection backport from mainline (bnc#671124,
bnc#747381).
* net: adding memory barrier to the poll and receive
callbacks (bnc#746397 bnc#750928).
* qla2xxx: drop reference before wait for completion
(bnc#744592).
* qla2xxx: drop reference before wait for completion
(bnc#744592).
* ixgbe driver sets all WOL flags upon initialization
so that machine is powered on as soon at it is switched off
(bnc#693639)
* Properly release MSI(X) vector(s) when MSI(X) gets
disabled (bnc#723294, bnc#721869).
* scsi: Always retry internal target error (bnc#745640).
* cxgb4: fix parent device access in netdev_printk
(bnc#733155).
* lcs: lcs offline failure (bnc#752486,LTC#79788).
* qeth: add missing wake_up call (bnc#752486,LTC#79899).
* NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and
MKDIR (bnc#751880).
* xenbus: Reject replies with payload >
XENSTORE_PAYLOAD_MAX.
* xenbus_dev: add missing error checks to watch
handling.
* blkfront: properly fail packet requests (bnc#745929).
* blkback: failure to write "feature-barrier" node is
non-fatal.
* igb: Free MSI and MSIX interrupt vectors on driver
remove or shutdown (bnc#723294).
* igb: Fix for Alt MAC Address feature on 82580 and
later devices (bnc#746980).
* igb: Free MSI and MSIX interrupt vectors on driver
remove or shutdown (bnc#723294).
* cfq: Fix infinite loop in cfq_preempt_queue()
(bnc#724692).
* dasd: fix fixpoint divide exception in define_extent
(bnc#750168,LTC#79125).
* ctcmpc: use correct idal word list for ctcmpc
(bnc#750168,LTC#79264).
* patches.fixes/ext3-fix-reuse-of-freed-blocks.diff:
Delete. Patch should not really be needed and apparently
causes a performance regression (bnc#683270)
* tcp: fix race condition leading to premature
termination of sockets in FIN_WAIT2 state and connection
being reset (bnc#745760)
* kernel: console interrupts vs. panic
(bnc#737325,LTC#77272).
* af_iucv: remove IUCV-pathes completely
(bnc#737325,LTC#78292).
* qdio: wrong buffers-used counter for ERROR buffers
(bnc#737325,LTC#78758).
* ext3: Fix credit estimate for DIO allocation
(bnc#745732).
* jbd: validate sb->s_first in journal_get_superblock()
(bnc#730118).
* ocfs2: serialize unaligned aio (bnc#671479).
* cifs: eliminate usage of kthread_stop for cifsd
(bnc#718343).
* virtio: fix wrong type used, resulting in truncated
addresses in bigsmp kernel. (bnc#737899)
* cciss: Adds simple mode functionality (bnc#730200).
* blktap: fix locking (again) (bnc#724734).
* block: Initial support for data-less (or empty)
barrier support (bnc#734707 FATE#313126).
* xen: Do not allow empty barriers to be passed down to
queues that do not grok them (bnc#734707 FATE#313126).
* linkwatch: Handle jiffies wrap-around (bnc#740131).
Security Issue references:
* CVE-2011-2928
* CVE-2011-4077
* CVE-2011-4324
* CVE-2011-4330
* CVE-2012-2319
* CVE-2012-2313
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
- kernel-default-2.6.16.60-0.97.1
- kernel-source-2.6.16.60-0.97.1
- kernel-syms-2.6.16.60-0.97.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 x86_64):
- kernel-debug-2.6.16.60-0.97.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64):
- kernel-kdump-2.6.16.60-0.97.1
- SUSE Linux Enterprise Server 10 SP4 (i586 x86_64):
- kernel-smp-2.6.16.60-0.97.1
- kernel-xen-2.6.16.60-0.97.1
- SUSE Linux Enterprise Server 10 SP4 (i586):
- kernel-bigsmp-2.6.16.60-0.97.1
- kernel-kdumppae-2.6.16.60-0.97.1
- kernel-vmi-2.6.16.60-0.97.1
- kernel-vmipae-2.6.16.60-0.97.1
- kernel-xenpae-2.6.16.60-0.97.1
- SUSE Linux Enterprise Server 10 SP4 (ppc):
- kernel-iseries64-2.6.16.60-0.97.1
- kernel-ppc64-2.6.16.60-0.97.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
- kernel-default-2.6.16.60-0.97.1
- kernel-smp-2.6.16.60-0.97.1
- kernel-source-2.6.16.60-0.97.1
- kernel-syms-2.6.16.60-0.97.1
- kernel-xen-2.6.16.60-0.97.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586):
- kernel-bigsmp-2.6.16.60-0.97.1
- kernel-xenpae-2.6.16.60-0.97.1
- SLE SDK 10 SP4 (i586 ia64 x86_64):
- kernel-debug-2.6.16.60-0.97.1
- SLE SDK 10 SP4 (i586 ppc x86_64):
- kernel-kdump-2.6.16.60-0.97.1
- SLE SDK 10 SP4 (i586 x86_64):
- kernel-xen-2.6.16.60-0.97.1
- SLE SDK 10 SP4 (i586):
- kernel-xenpae-2.6.16.60-0.97.1