SUSE-SU-2012:1056-1

Security update for Real Time Linux kernel

SUSE Security Update: Security update for Real Time Linux kernel
Announcement ID: SUSE-SU-2012:1056-1
Rating: moderate
References: #676204 #717994 #726600 #730118 #731673 #740745 #745832 #749118 #749569 #750079 #758058 #758260 #758532 #760902 #763194 #764150 #769896
Affected Products:
  • SUSE Linux Enterprise Real Time 11 SP1

  • An update that solves 16 vulnerabilities and has one errata is now available. It includes one version update.

    Description:


    The SUSE Linux Enterprise Server 11 SP1 Realtime kernel has
    been updated to fix various bugs and security issues.

    The following security issues have been fixed:

    * CVE-2012-3375: Fixed a denial of service condition in
    the epoll loop detection.
    *

    CVE-2012-2390: Memory leaks in the hugetlbfs map
    reservation code have been fixed that could be used by
    local attackers to exhaust machine memory.

    *

    CVE-2012-2133: A fix use after free bug in "quota"
    handling of hugepages has been fixed that could cause a
    local denial of service.

    *

    CVE-2012-2384: A integer overflow in
    i915_gem_do_execbuffer() has been fixed that might be used
    by local attackers to crash the kernel or potentially
    execute code.

    *

    CVE-2012-2383: A integer overflow in
    i915_gem_execbuffer2() has been fixed that might be used by
    local attackers to crash the kernel or potentially execute
    code.

    *

    CVE-2012-2123: The filesystem cabability handling was
    not fully correct, allowing local users to bypass fscaps
    related restrictions to disable e.g. address space
    randomization.

    *

    CVE-2009-4020: Fixed a potential buffer overflow in
    hfsplus that could have been used to crash the kernel by
    supplying a bad hfsplus image for mounting.

    *

    CVE-2011-4330: Mounting a corrupted hfs filesystem
    could have lead to a buffer overflow.

    *

    CVE-2012-1097: The regset common infrastructure
    assumed that regsets would always have .get and .set
    methods, but necessarily .active methods. Unfortunately
    people have since written regsets without .set method, so
    NULL pointer dereference attacks were possible.

    *

    CVE-2011-1083: Limit the path length users can build
    using epoll() to avoid local attackers consuming lots of
    kernel CPU time.

    *

    CVE-2012-1090: Fixed a dentry refcount leak when
    opening a FIFO on lookup in cifs that could have been used
    to crash the kernel.

    *

    CVE-2012-0810: A stack reusage bug has been fixed
    which could be used by local attackers to crash the kernel
    in some circumstances. As this only affects x86 32bit, it
    does not affect x86_64 at all.

    *

    CVE-2012-0044: A integer overflow in
    drm_mode_dirtyfb_ioctl() has been fixed that might be used
    by local attackers to crash the kernel or execute code.

    *

    CVE-2011-4077: A possible memory corruption in
    xfs_readlink has been fixed that could be used by local
    users able to mount xfs images to crash the kernel.

    *

    CVE-2011-4132: Fixed a oops in jbd/jbd2 that could
    have been caused by mounting a malicious prepared
    filesystem.

    *

    CVE-2011-4086: Fixed a oops in jbd/jbd2 that could
    have been caused by specific filesystem access patterns.

    Also the following non security bugs have been fixed:

    * sched: Fix proc_sched_set_task() (bnc#717994).
    * vlan/core: Fix memory leak/corruption on VLAN
    GRO_DROP (bnc#758058).

    Security Issue references:

    * CVE-2009-4020
    >
    * CVE-2011-1083
    >
    * CVE-2011-4077
    >
    * CVE-2011-4086
    >
    * CVE-2011-4132
    >
    * CVE-2011-4330
    >
    * CVE-2012-0044
    >
    * CVE-2012-0810
    >
    * CVE-2012-1090
    >
    * CVE-2012-1097
    >
    * CVE-2012-2123
    >
    * CVE-2012-2383
    >
    * CVE-2012-2384
    >
    * CVE-2012-2390
    >
    * CVE-2012-3375
    >
    * CVE-2012-2133
    >

    Indications:

    Everyone using the Real Time Linux Kernel on x86_64 architecture should update.

    Special Instructions and Notes:

    Please reboot the system after installing this update.

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Real Time 11 SP1:
      zypper in -t patch slertesp1-kernel-6677

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Real Time 11 SP1 (x86_64) [New Version: 2.6.33.20]:
    • brocade-bna-kmp-rt-2.1.0.0_2.6.33.20_rt31_0.5-0.2.52
    • cluster-network-kmp-rt-1.4_2.6.33.20_rt31_0.5-2.5.62
    • cluster-network-kmp-rt_trace-1.4_2.6.33.20_rt31_0.5-2.5.62
    • drbd-kmp-rt-8.3.11_2.6.33.20_rt31_0.5-0.3.62
    • drbd-kmp-rt_trace-8.3.11_2.6.33.20_rt31_0.5-0.3.62
    • iscsitarget-kmp-rt-1.4.19_2.6.33.20_rt31_0.5-0.9.11.38
    • kernel-rt-2.6.33.20-0.5.1
    • kernel-rt-base-2.6.33.20-0.5.1
    • kernel-rt-devel-2.6.33.20-0.5.1
    • kernel-rt_trace-2.6.33.20-0.5.1
    • kernel-rt_trace-base-2.6.33.20-0.5.1
    • kernel-rt_trace-devel-2.6.33.20-0.5.1
    • kernel-source-rt-2.6.33.20-0.5.1
    • kernel-syms-rt-2.6.33.20-0.5.1
    • ocfs2-kmp-rt-1.6_2.6.33.20_rt31_0.5-0.4.2.62
    • ocfs2-kmp-rt_trace-1.6_2.6.33.20_rt31_0.5-0.4.2.62
    • ofed-kmp-rt-1.5.2_2.6.33.20_rt31_0.5-0.9.13.49

    References:

  • http://support.novell.com/security/cve/CVE-2009-4020.html
  • http://support.novell.com/security/cve/CVE-2011-1083.html
  • http://support.novell.com/security/cve/CVE-2011-4077.html
  • http://support.novell.com/security/cve/CVE-2011-4086.html
  • http://support.novell.com/security/cve/CVE-2011-4132.html
  • http://support.novell.com/security/cve/CVE-2011-4330.html
  • http://support.novell.com/security/cve/CVE-2012-0044.html
  • http://support.novell.com/security/cve/CVE-2012-0810.html
  • http://support.novell.com/security/cve/CVE-2012-1090.html
  • http://support.novell.com/security/cve/CVE-2012-1097.html
  • http://support.novell.com/security/cve/CVE-2012-2123.html
  • http://support.novell.com/security/cve/CVE-2012-2133.html
  • http://support.novell.com/security/cve/CVE-2012-2383.html
  • http://support.novell.com/security/cve/CVE-2012-2384.html
  • http://support.novell.com/security/cve/CVE-2012-2390.html
  • http://support.novell.com/security/cve/CVE-2012-3375.html
  • https://bugzilla.novell.com/676204
  • https://bugzilla.novell.com/717994
  • https://bugzilla.novell.com/726600
  • https://bugzilla.novell.com/730118
  • https://bugzilla.novell.com/731673
  • https://bugzilla.novell.com/740745
  • https://bugzilla.novell.com/745832
  • https://bugzilla.novell.com/749118
  • https://bugzilla.novell.com/749569
  • https://bugzilla.novell.com/750079
  • https://bugzilla.novell.com/758058
  • https://bugzilla.novell.com/758260
  • https://bugzilla.novell.com/758532
  • https://bugzilla.novell.com/760902
  • https://bugzilla.novell.com/763194
  • https://bugzilla.novell.com/764150
  • https://bugzilla.novell.com/769896
  • http://download.suse.com/patch/finder/?keywords=6ec388979fe13af4de509d36e09a4dc4
  • 2020-03-20