Security update for Linux kernel

SUSE Security Update: Security update for Linux kernel

Announcement ID:	SUSE-SU-2013:0394-1
Rating:	moderate
References:	#698102 #705551 #708296 #715635 #718910 #720946 #722560 #723776 #725152 #725355 #729854 #730660 #731035 #731387 #731739 #736255 #739728 #740291 #741814 #744198 #744314 #744655 #744692 #745876 #746509 #748896 #749651 #752067 #752544 #753172 #754391 #754670 #754898 #755546 #755620 #756585 #758104 #758703 #760833 #761774 #761775 #762099 #762158 #762214 #762259 #762366 #762693 #763198 #763463 #763628 #763654 #763858 #763954 #763968 #764209 #764900 #766156 #766410 #766445 #766654 #766733 #767281 #767469 #767610 #767612 #767684 #767983 #768052 #768084 #768470 #768504 #768632 #769035 #769195 #769251 #769407 #769685 #769784 #769896 #770034 #770238 #770269 #770695 #770763 #771102 #771242 #771361 #771398 #771428 #771706 #771778 #772407 #772420 #772427 #772454 #772473 #772483 #772566 #772786 #772831 #772893 #773006 #773007 #773251 #773267 #773319 #773320 #773383 #773406 #773487 #773606 #773699 #773831 #773878 #774073 #774285 #774289 #774500 #774523 #774612 #774859 #774902 #774964 #774973 #775182 #775373 #775394 #775577 #775685 #775984 #776019 #776044 #776081 #776095 #776127 #776144 #776787 #776896 #777024 #777269 #777283 #778082 #778136 #778334 #778630 #778822 #779294 #779330 #779461 #779462 #779577 #779699 #779750 #779969 #780008 #780012 #780216 #780461 #780876 #781018 #781134 #781327 #781484 #781574 #782369 #782721 #783965 #784192 #784334 #784576 #785100 #785496 #785554 #785851 #786976 #787168 #787202 #787348 #787821 #787848 #788277 #788452 #789010 #789115 #789235 #789648 #789703 #789836 #789993 #790457 #790498 #790867 #790920 #790935 #791498 #791853 #791904 #792270 #792500 #792656 #792834 #793104 #793139 #793593 #793671 #794231 #795354 #795928 #796823 #797042 #798960 #799209 #799275 #799909
Affected Products:	SUSE Linux Enterprise Real Time 11 SP2

An update that solves 8 vulnerabilities and has 206 fixes is now available. It includes one version update.

Description:

The SUSE Linux Enterprise Server 11 SP2 Realtime kernel was
updated to 3.0.61 which fixes various bugs and security
issues.

The RT realtime patchset has been updated to "rt85".

The following security issues have been fixed:

* CVE-2012-4565: A division by zero in the TCP Illinois
algorithm was fixed.
* CVE-2012-0957: The UNAME26 personality leaked kernel
memory information.
*

CVE-2012-4530: Kernel stack content was disclosed via
binfmt_script load_script().

*

CVE-2012-1601: The KVM implementation in the Linux
kernel allowed host OS users to cause a denial of service
(NULL pointer dereference and host OS crash) by making a
KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already
exists.

*

CVE-2012-2137: Buffer overflow in virt/kvm/irq_comm.c
in the KVM subsystem in the Linux kernel allowed local
users to cause a denial of service (crash) and possibly
execute arbitrary code via vectors related to Message
Signaled Interrupts (MSI), irq routing entries, and an
incorrect check by the setup_routing_entry function before
invoking the kvm_set_irq function.

*

CVE-2012-2372: The rds_ib_xmit function in
net/rds/ib_send.c in the Reliable Datagram Sockets (RDS)
protocol implementation in the Linux kernel allowed local
users to cause a denial of service (BUG_ON and kernel
panic) by establishing an RDS connection with the source IP
address equal to the IPoIB interface's own IP address, as
demonstrated by rds-ping.

*

CVE-2012-2745: The copy_creds function in
kernel/cred.c in the Linux kernel provided an invalid
replacement session keyring to a child process, which
allowed local users to cause a denial of service (panic)
via a crafted application that uses the fork system call.

*

CVE-2012-3412: The sfc (aka Solarflare Solarstorm)
driver in the Linux kernel allowed remote attackers to
cause a denial of service (DMA descriptor consumption and
network-controller outage) via crafted TCP packets that
trigger a small MSS value.

*

CVE-2012-3430: The rds_recvmsg function in
net/rds/recv.c in the Linux kernel did not initialize a
certain structure member, which allowed local users to
obtain potentially sensitive information from kernel stack
memory via a (1) recvfrom or (2) recvmsg system call on an
RDS socket.

*

CVE-2012-4461: The KVM subsystem in the Linux kernel,
when running on hosts that use qemu userspace without
XSAVE, allowed local users to cause a denial of service
(kernel OOPS) by using the KVM_SET_SREGS ioctl to set the
X86_CR4_OSXSAVE bit in the guest cr4 register, then calling
the KVM_RUN ioctl.

*

CVE-2012-5517: The online_pages function in
mm/memory_hotplug.c in the Linux kernel allowed local users
to cause a denial of service (NULL pointer dereference and
system crash) or possibly have unspecified other impact in
opportunistic circumstances by using memory that was
hot-added by an administrator.

A long list of other bugs have been fixed in this update
that were merged from regular SUSE Linux Enterprise 11 SP2
and are too many to list here. Check the kernel changelog
(rpm -q --changelog kernel-rt ) for a detailed list.

Other Realtime / scheduling related bugfixes that have been
applied:

* kernel: broken interrupt statistics (bnc#799275,
LTC#87893).
* kernel: sched_clock() overflow (bnc#799275,
LTC#87978).
* mm: call sleep_on_page_killable from
__wait_on_page_locked_killable (bnc#799909).
* sched, rt: Unthrottle rt runqueues in
__disable_runtime().
* Add upstream group scheduling starvation fix.
* sched/rt: Fix SCHED_RR across cgroups.
* sched/rt: Do not throttle when PI boosting.
* sched/rt: Keep period timer ticking when rt
throttling is active.
* sched/rt: Prevent idle task boosting.
* mm: limit mmu_gather batching to fix soft lockups on
!CONFIG_PREEMPT (bnc#791904).
* kabi fixup for mm: limit mmu_gather batching to fix
soft lockups on !CONFIG_PREEMPT (bnc#791904).
* mm: compaction: Abort async compaction if locks are
contended or taking too long.
* mm: compaction: abort compaction loop if lock is
contended or run too long.
* mm: compaction: acquire the zone->lock as late as
possible.
* mm: compaction: acquire the zone->lru_lock as late as
possible.
*

mm: compaction: move fatal signal check out of
compact_checklock_irqsave. Reduce LRU and zone lock
contention when compacting memory for THP (bnc#796823).

*

Update to -rt82

*

sched: Adjust sched_reset_on_fork when nothing else
changes.

* sched: Queue RT tasks to head when prio drops.
* sched: Consider pi boosting in setscheduler.
*

workqueue: exit rescuer_thread() as TASK_RUNNING
(bnc#789993).

*

Update to -rt74

*

softirq: Init softirq local lock after per cpu
section is set up.

* mm: slab: Fix potential deadlock.
* mm: page_alloc: Use local_lock_on() instead of plain
spinlock.
* rt: rwsem/rwlock: lockdep annotations.
* hrtimer: Raise softirq if hrtimer irq stalled.
* rcu: Disable RCU_FAST_NO_HZ on RT.
*

net: netfilter: Serialize xt_write_recseq sections on
RT.

*

Change 'goto' target to avoid pointless 'bug'
messages in normal error cases. (bnc#787848)

*

intel_idle: IVB support (fate#313719).

*

perf: Do no try to schedule task events if there are
none (bnc#781574).

*

perf: Do not set task_ctx pointer in cpuctx if there
are no events in the context (bnc#781574).

*

hpwdt: Only BYTE reads/writes to WD Timer port 0x72.

*

Merge SLE11-SP2 rpm-3.0.38-0.5-122-g2890aac, and
update to -rt65

*

New rt patches:

* patches.rt/0408-fix-printk-flush-of-messages.patch:
fix printk flush of messages.
*

patches.rt/0411-fix-printk-flush-of-messages.patch:
fix printk flush of messages.

*

sched: Fix ancient race in do_exit() (bnc#781018).

*

Merge SLE11-SP2, and update -rt version to rt61. No
rt changes this merge.

*

Kill apply/revert dance below that evolved over
3.0-rt development. It's all in history, and now just gets
in the way of stable comit
b1c7ba1bab7363fee6dc5d4ee5be4e916adcf691: workqueue:
perform cpu down operations from low priority cpu_notifier()

*

Freezer / sunrpc / NFS: don't allow TASK_KILLABLE
sleeps to block the freezer (bnc#775182).

*

Merge SP2 and update rt version to -rt59 to match
rt-mainline.

*

sched: fix divide by zero in
thread_group/task_times() (bnc#761774).

*

sched: fix migration thread runtime bogosity
(bnc#773699, bnc#769251).

*

Silence useless NOHZ: local_softirq_pending warning.

If the local_softirq_lock for a softirq is held,
don't gripe, there's nothing to be done about it. The nohz
code will prevent shutting down the tick, with the same
result as nohz=off, the pending softirq will be run when it
can be. What we _can_ do is wake the appropriate softirq
thread to potentially PI boost the lock holder, so do that.

*

mm: use cpu_chill() in spin_trylock_page() and cancel
on immediately RT. (bnc#768470)

*

Update config files.

o Unset CONFIG_WATCHDOG_NOWAYOUT to prevent
reboot of openais on service stop. (bnc#756585)
*

sched: Make sure to not re-read variables after
validation (bnc#769685).

Security Issue references:

* CVE-2012-1601
>
* CVE-2012-2137
>
* CVE-2012-2372
>
* CVE-2012-2745
>
* CVE-2012-3412
>
* CVE-2012-3430
>
* CVE-2012-4461
>
* CVE-2012-5517
>

Indications:

Everyone using the Real Time Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

SUSE Linux Enterprise Real Time 11 SP2:
zypper in -t patch slertesp2-kernel-7433

To bring your system up-to-date, use "zypper patch".

Package List:

SUSE Linux Enterprise Real Time 11 SP2 (x86_64) [New Version: 3.0.61.rt85]:

cluster-network-kmp-rt-1.4_3.0.61_rt85_0.7-2.18.23

cluster-network-kmp-rt_trace-1.4_3.0.61_rt85_0.7-2.18.23

drbd-kmp-rt-8.4.2_3.0.61_rt85_0.7-0.6.6.14

drbd-kmp-rt_trace-8.4.2_3.0.61_rt85_0.7-0.6.6.14

iscsitarget-kmp-rt-1.4.20_3.0.61_rt85_0.7-0.23.20

iscsitarget-kmp-rt_trace-1.4.20_3.0.61_rt85_0.7-0.23.20

kernel-rt-3.0.61.rt85-0.7.1

kernel-rt-base-3.0.61.rt85-0.7.1

kernel-rt-devel-3.0.61.rt85-0.7.1

kernel-rt_trace-3.0.61.rt85-0.7.1

kernel-rt_trace-base-3.0.61.rt85-0.7.1

kernel-rt_trace-devel-3.0.61.rt85-0.7.1

kernel-source-rt-3.0.61.rt85-0.7.1

kernel-syms-rt-3.0.61.rt85-0.7.1

lttng-modules-kmp-rt-2.0.4_3.0.61_rt85_0.7-0.7.19

lttng-modules-kmp-rt_trace-2.0.4_3.0.61_rt85_0.7-0.7.19

ocfs2-kmp-rt-1.6_3.0.61_rt85_0.7-0.11.22

ocfs2-kmp-rt_trace-1.6_3.0.61_rt85_0.7-0.11.22

ofed-kmp-rt-1.5.2_3.0.61_rt85_0.7-0.26.22

ofed-kmp-rt_trace-1.5.2_3.0.61_rt85_0.7-0.26.22

References:

http://support.novell.com/security/cve/CVE-2012-1601.html
http://support.novell.com/security/cve/CVE-2012-2137.html
http://support.novell.com/security/cve/CVE-2012-2372.html
http://support.novell.com/security/cve/CVE-2012-2745.html
http://support.novell.com/security/cve/CVE-2012-3412.html
http://support.novell.com/security/cve/CVE-2012-3430.html
http://support.novell.com/security/cve/CVE-2012-4461.html
http://support.novell.com/security/cve/CVE-2012-5517.html
https://bugzilla.novell.com/698102
https://bugzilla.novell.com/705551
https://bugzilla.novell.com/708296
https://bugzilla.novell.com/715635
https://bugzilla.novell.com/718910
https://bugzilla.novell.com/720946
https://bugzilla.novell.com/722560
https://bugzilla.novell.com/723776
https://bugzilla.novell.com/725152
https://bugzilla.novell.com/725355
https://bugzilla.novell.com/729854
https://bugzilla.novell.com/730660
https://bugzilla.novell.com/731035
https://bugzilla.novell.com/731387
https://bugzilla.novell.com/731739
https://bugzilla.novell.com/736255
https://bugzilla.novell.com/739728
https://bugzilla.novell.com/740291
https://bugzilla.novell.com/741814
https://bugzilla.novell.com/744198
https://bugzilla.novell.com/744314
https://bugzilla.novell.com/744655
https://bugzilla.novell.com/744692
https://bugzilla.novell.com/745876
https://bugzilla.novell.com/746509
https://bugzilla.novell.com/748896
https://bugzilla.novell.com/749651
https://bugzilla.novell.com/752067
https://bugzilla.novell.com/752544
https://bugzilla.novell.com/753172
https://bugzilla.novell.com/754391
https://bugzilla.novell.com/754670
https://bugzilla.novell.com/754898
https://bugzilla.novell.com/755546
https://bugzilla.novell.com/755620
https://bugzilla.novell.com/756585
https://bugzilla.novell.com/758104
https://bugzilla.novell.com/758703
https://bugzilla.novell.com/760833
https://bugzilla.novell.com/761774
https://bugzilla.novell.com/761775
https://bugzilla.novell.com/762099
https://bugzilla.novell.com/762158
https://bugzilla.novell.com/762214
https://bugzilla.novell.com/762259
https://bugzilla.novell.com/762366
https://bugzilla.novell.com/762693
https://bugzilla.novell.com/763198
https://bugzilla.novell.com/763463
https://bugzilla.novell.com/763628
https://bugzilla.novell.com/763654
https://bugzilla.novell.com/763858
https://bugzilla.novell.com/763954
https://bugzilla.novell.com/763968
https://bugzilla.novell.com/764209
https://bugzilla.novell.com/764900
https://bugzilla.novell.com/766156
https://bugzilla.novell.com/766410
https://bugzilla.novell.com/766445
https://bugzilla.novell.com/766654
https://bugzilla.novell.com/766733
https://bugzilla.novell.com/767281
https://bugzilla.novell.com/767469
https://bugzilla.novell.com/767610
https://bugzilla.novell.com/767612
https://bugzilla.novell.com/767684
https://bugzilla.novell.com/767983
https://bugzilla.novell.com/768052
https://bugzilla.novell.com/768084
https://bugzilla.novell.com/768470
https://bugzilla.novell.com/768504
https://bugzilla.novell.com/768632
https://bugzilla.novell.com/769035
https://bugzilla.novell.com/769195
https://bugzilla.novell.com/769251
https://bugzilla.novell.com/769407
https://bugzilla.novell.com/769685
https://bugzilla.novell.com/769784
https://bugzilla.novell.com/769896
https://bugzilla.novell.com/770034
https://bugzilla.novell.com/770238
https://bugzilla.novell.com/770269
https://bugzilla.novell.com/770695
https://bugzilla.novell.com/770763
https://bugzilla.novell.com/771102
https://bugzilla.novell.com/771242
https://bugzilla.novell.com/771361
https://bugzilla.novell.com/771398
https://bugzilla.novell.com/771428
https://bugzilla.novell.com/771706
https://bugzilla.novell.com/771778
https://bugzilla.novell.com/772407
https://bugzilla.novell.com/772420
https://bugzilla.novell.com/772427
https://bugzilla.novell.com/772454
https://bugzilla.novell.com/772473
https://bugzilla.novell.com/772483
https://bugzilla.novell.com/772566
https://bugzilla.novell.com/772786
https://bugzilla.novell.com/772831
https://bugzilla.novell.com/772893
https://bugzilla.novell.com/773006
https://bugzilla.novell.com/773007
https://bugzilla.novell.com/773251
https://bugzilla.novell.com/773267
https://bugzilla.novell.com/773319
https://bugzilla.novell.com/773320
https://bugzilla.novell.com/773383
https://bugzilla.novell.com/773406
https://bugzilla.novell.com/773487
https://bugzilla.novell.com/773606
https://bugzilla.novell.com/773699
https://bugzilla.novell.com/773831
https://bugzilla.novell.com/773878
https://bugzilla.novell.com/774073
https://bugzilla.novell.com/774285
https://bugzilla.novell.com/774289
https://bugzilla.novell.com/774500
https://bugzilla.novell.com/774523
https://bugzilla.novell.com/774612
https://bugzilla.novell.com/774859
https://bugzilla.novell.com/774902
https://bugzilla.novell.com/774964
https://bugzilla.novell.com/774973
https://bugzilla.novell.com/775182
https://bugzilla.novell.com/775373
https://bugzilla.novell.com/775394
https://bugzilla.novell.com/775577
https://bugzilla.novell.com/775685
https://bugzilla.novell.com/775984
https://bugzilla.novell.com/776019
https://bugzilla.novell.com/776044
https://bugzilla.novell.com/776081
https://bugzilla.novell.com/776095
https://bugzilla.novell.com/776127
https://bugzilla.novell.com/776144
https://bugzilla.novell.com/776787
https://bugzilla.novell.com/776896
https://bugzilla.novell.com/777024
https://bugzilla.novell.com/777269
https://bugzilla.novell.com/777283
https://bugzilla.novell.com/778082
https://bugzilla.novell.com/778136
https://bugzilla.novell.com/778334
https://bugzilla.novell.com/778630
https://bugzilla.novell.com/778822
https://bugzilla.novell.com/779294
https://bugzilla.novell.com/779330
https://bugzilla.novell.com/779461
https://bugzilla.novell.com/779462
https://bugzilla.novell.com/779577
https://bugzilla.novell.com/779699
https://bugzilla.novell.com/779750
https://bugzilla.novell.com/779969
https://bugzilla.novell.com/780008
https://bugzilla.novell.com/780012
https://bugzilla.novell.com/780216
https://bugzilla.novell.com/780461
https://bugzilla.novell.com/780876
https://bugzilla.novell.com/781018
https://bugzilla.novell.com/781134
https://bugzilla.novell.com/781327
https://bugzilla.novell.com/781484
https://bugzilla.novell.com/781574
https://bugzilla.novell.com/782369
https://bugzilla.novell.com/782721
https://bugzilla.novell.com/783965
https://bugzilla.novell.com/784192
https://bugzilla.novell.com/784334
https://bugzilla.novell.com/784576
https://bugzilla.novell.com/785100
https://bugzilla.novell.com/785496
https://bugzilla.novell.com/785554
https://bugzilla.novell.com/785851
https://bugzilla.novell.com/786976
https://bugzilla.novell.com/787168
https://bugzilla.novell.com/787202
https://bugzilla.novell.com/787348
https://bugzilla.novell.com/787821
https://bugzilla.novell.com/787848
https://bugzilla.novell.com/788277
https://bugzilla.novell.com/788452
https://bugzilla.novell.com/789010
https://bugzilla.novell.com/789115
https://bugzilla.novell.com/789235
https://bugzilla.novell.com/789648
https://bugzilla.novell.com/789703
https://bugzilla.novell.com/789836
https://bugzilla.novell.com/789993
https://bugzilla.novell.com/790457
https://bugzilla.novell.com/790498
https://bugzilla.novell.com/790867
https://bugzilla.novell.com/790920
https://bugzilla.novell.com/790935
https://bugzilla.novell.com/791498
https://bugzilla.novell.com/791853
https://bugzilla.novell.com/791904
https://bugzilla.novell.com/792270
https://bugzilla.novell.com/792500
https://bugzilla.novell.com/792656
https://bugzilla.novell.com/792834
https://bugzilla.novell.com/793104
https://bugzilla.novell.com/793139
https://bugzilla.novell.com/793593
https://bugzilla.novell.com/793671
https://bugzilla.novell.com/794231
https://bugzilla.novell.com/795354
https://bugzilla.novell.com/795928
https://bugzilla.novell.com/796823
https://bugzilla.novell.com/797042
https://bugzilla.novell.com/798960
https://bugzilla.novell.com/799209
https://bugzilla.novell.com/799275
https://bugzilla.novell.com/799909
http://download.suse.com/patch/finder/?keywords=bb0aa1dbfea22b088bd77c648de9ca4e