SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 6227 / 6229 / 6230)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

The SUSE Linux Enterprise 11 SP1 kernel has been updated to the
2.6.32.59 stable release to fix a lot of bugs and security issues.

The following security issues have been fixed :

- A use after free bug in hugetlb support could be used by
local attackers to crash the system. (CVE-2012-2133)

- A NULL pointer dereference bug in the regsets proc file
could be used by local attackers to perhaps crash the
system. With mmap_min_addr is set and enabled,
exploitation is unlikely. (CVE-2012-1097)

- A reference counting issue in CLONE_IO could be used by
local attackers to cause a denial of service (out of
memory). (CVE-2012-0879)

- A file handle leak in CIFS code could be used by local
attackers to crash the system. (CVE-2012-1090)

- Large nested epoll chains could be used by local
attackers to cause a denial of service (excessive CPU
consumption). (CVE-2011-1083)

- When using KVM, programming a PIT timer without a
irqchip configuration, can be used to crash the kvm
guest. This likely can be done only by a privileged
guest user. (CVE-2011-4622)

- A KVM 32bit guest crash in 'syscall' opcode handling was
fixed that could be caused by local attackers.
(CVE-2012-0045)

- Fixed a oops in jbd/jbd2 that could be caused by
specific filesystem access patterns. The following
non-security issues have been fixed:. (CVE-2011-4086)

X86 :

- x86: fix the initialization of physnode_map.
(bnc#748112)

- x86: Allow bootmem reserves at greater than 8G node
offset within a node. (bnc#740895)

- x86, tsc: Fix SMI induced variation in
quick_pit_calibrate(). (bnc#751322)

- x86, efi: Work around broken firmware. (bnc#714507)
BONDING :

- bonding: update speed/duplex for NETDEV_CHANGE.
(bnc#752634)

- bonding: comparing a u8 with -1 is always false.
(bnc#752634)

- bonding: start slaves with link down for ARP monitor.
(bnc#752634)

- bonding: send gratuitous ARP for all addresses
(bnc#752491). XFS :

- xfs: Fix excessive inode syncing when project quota is
exceeded. (bnc#756448)

- xfs: Fix oops on IO error during
xlog_recover_process_iunlinks() (bnc#716850). SCSI :

- scsi/ses: Handle non-unique element descriptors.
(bnc#749342, bnc#617344)

- scsi/sd: mark busy sd majors as allocated (bug#744658).

- scsi: Check for invalid sdev in scsi_prep_state_check()
(bnc#734300). MD/RAID :

- md: fix possible corruption of array metadata on
shutdown.

- md: ensure changes to write-mostly are reflected in
metadata. (bnc#755178)

- md: do not set md arrays to readonly on shutdown
(bnc#740180, bnc#713148, bnc#734900). XEN :

- smpboot: adjust ordering of operations.

- x86-64: provide a memset() that can deal with 4Gb or
above at a time. (bnc#738528)

- blkfront: properly fail packet requests. (bnc#745929)

- Update Xen patches to 2.6.32.57.

- xenbus: Reject replies with payload >
XENSTORE_PAYLOAD_MAX.

- xenbus_dev: add missing error checks to watch handling.

- Refresh other Xen patches. (bnc#652942, bnc#668194,
bnc#688079)

- fix Xen-specific kABI issue in Linux 2.6.19. NFS :

- NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and
MKDIR. (bnc#751880)

- nfs: Include SYNC flag when comparing mount options with
NOAC flag. (bnc#745422)

- NFS returns EIO for EDQUOT and others. (bnc#747028)

- lockd: fix arg parsing for grace_period and timeout.
(bnc#733761)

- nfs: allow nfs4leasetime to be set before starting
servers. (bnc#733761)

- nfs: handle d_revalidate of dot correctly (bnc#731809).
S/390 :

- ctcmpc: use correct idal word list for ctcmpc
(bnc#750171,LTC#79264).

- qeth: synchronize discipline module loading
(bnc#747430,LTC#78788).

- qdio: avoid race leading to stall when tolerating CQ
(bnc#737326,LTC#76599).

- kernel: no storage key operations for invalid page table
entries (bnc#737326,LTC#77697). OTHER :

- tlan: add cast needed for proper 64 bit operation.
(bnc#756840)

- dl2k: Tighten ioctl permissions. (bnc#758813)

- tg3: Fix RSS ring refill race condition. (bnc#757917)

- usbhid: fix error handling of not enough bandwidth.
(bnc#704280)

- pagecache limit: Fix the shmem deadlock. (bnc#755537)

- tty_audit: fix tty_audit_add_data live lock on audit
disabled. (bnc#721366)

- ixgbe: driver sets all WOL flags upon initialization so
that machine is powered on as soon at it is switched
off. (bnc#693639)

- PCI: Set device power state to PCI_D0 for device without
native PM support. (bnc#752972)

- dlm: Do not allocate a fd for peeloff. (bnc#729247)

- sctp: Export sctp_do_peeloff. (bnc#729247)

- epoll: Do not limit non-nested epoll paths. (bnc#676204)

- mlx4: Limit MSI-X vector allocation. (bnc#624072)

- mlx4: Changing interrupt scheme. (bnc#624072)

- mlx4_en: Assigning TX irq per ring. (bnc#624072)

- mlx4_en: Restoring RX buffer pointer in case of failure.
(bnc#624072)

- mlx4_en: using new mlx4 interrupt scheme. (bnc#624072)

- igb: Fix for Alt MAC Address feature on 82580 and later
devices. (bnc#746980)

- igb: Power down link when interface is down.
(bnc#745699)

- igb: use correct bits to identify if managability is
enabled. (bnc#743209)

- intel_agp: Do not oops with zero stolen memory.
(bnc#738679)

- agp: fix scratch page cleanup. (bnc#738679)

- hugetlb: add generic definition of NUMA_NO_NODE.
(bnc#751844)

- sched: Fix proc_sched_set_task(). (bnc#717994)

- PM: Print a warning if firmware is requested when tasks
are frozen. (bnc#749886)

- PM / Sleep: Fix freezer failures due to racy
usermodehelper_is_disabled(). (bnc#749886)

- PM / Sleep: Fix read_unlock_usermodehelper() call.
(bnc#749886)

- firmware loader: allow builtin firmware load even if
usermodehelper is disabled. (bnc#749886)

- PM / Hibernate: Enable usermodehelpers in
software_resume() error path. (bnc#744163)

- ipv6: Allow inet6_dump_addr() to handle more than 64
addresses. (bnc#748279)

- ipv6: fix refcnt problem related to POSTDAD state.
(bnc#743619)

- be2net: change to show correct physical link status.
(bnc#727834)

- be2net: changes to properly provide phy details.
(bnc#727834)

- aio: fix race between io_destroy() and io_submit().
(bnc#747445 / bnc#611264)

- intel-iommu: Check for identity mapping candidate using
system dma mask. (bnc#700449)

- intel-iommu: Dont cache iova above 32bit. (bnc#700449)

- intel-iommu: Add domain check in
domain_remove_one_dev_info. (bnc#700449)

- intel-iommu: Provide option to enable 64-bit IOMMU pass
through mode. (bnc#700449)

- intel-iommu: Remove Host Bridge devices from identity
mapping. (bnc#700449)

- intel-iommu: Speed up processing of the identity_mapping
function. (bnc#700449)

- intel-iommu: Use coherent DMA mask when requested.
(bnc#700449)

- 1: Fix accounting of softirq time when idle.
(bnc#719793)

- driver-core: fix race between device_register and
driver_register. (bnc#742358)

- dcache: patches.fixes/large-hash-dcache_init-fix.patch:
Fix oops when initializing large hash on > 16TB machine.
(bnc#742210)

- kdump: Save PG_compound or PG_head value in VMCOREINFO.
(bnc#738503)

- Update config files: disable NET_9P_RDMA. (bnc#720374)

- cdc-wdm: fix race leading leading to memory corruption.
(bnc#759544)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=611264
https://bugzilla.novell.com/show_bug.cgi?id=617344
https://bugzilla.novell.com/show_bug.cgi?id=624072
https://bugzilla.novell.com/show_bug.cgi?id=652942
https://bugzilla.novell.com/show_bug.cgi?id=668194
https://bugzilla.novell.com/show_bug.cgi?id=676204
https://bugzilla.novell.com/show_bug.cgi?id=688079
https://bugzilla.novell.com/show_bug.cgi?id=693639
https://bugzilla.novell.com/show_bug.cgi?id=697920
https://bugzilla.novell.com/show_bug.cgi?id=700449
https://bugzilla.novell.com/show_bug.cgi?id=704280
https://bugzilla.novell.com/show_bug.cgi?id=713148
https://bugzilla.novell.com/show_bug.cgi?id=714507
https://bugzilla.novell.com/show_bug.cgi?id=716850
https://bugzilla.novell.com/show_bug.cgi?id=717994
https://bugzilla.novell.com/show_bug.cgi?id=719793
https://bugzilla.novell.com/show_bug.cgi?id=720374
https://bugzilla.novell.com/show_bug.cgi?id=721366
https://bugzilla.novell.com/show_bug.cgi?id=727834
https://bugzilla.novell.com/show_bug.cgi?id=729247
https://bugzilla.novell.com/show_bug.cgi?id=731809
https://bugzilla.novell.com/show_bug.cgi?id=733761
https://bugzilla.novell.com/show_bug.cgi?id=734300
https://bugzilla.novell.com/show_bug.cgi?id=734900
https://bugzilla.novell.com/show_bug.cgi?id=737326
https://bugzilla.novell.com/show_bug.cgi?id=738210
https://bugzilla.novell.com/show_bug.cgi?id=738503
https://bugzilla.novell.com/show_bug.cgi?id=738528
https://bugzilla.novell.com/show_bug.cgi?id=738679
https://bugzilla.novell.com/show_bug.cgi?id=740180
https://bugzilla.novell.com/show_bug.cgi?id=740895
https://bugzilla.novell.com/show_bug.cgi?id=740969
https://bugzilla.novell.com/show_bug.cgi?id=742210
https://bugzilla.novell.com/show_bug.cgi?id=742358
https://bugzilla.novell.com/show_bug.cgi?id=743209
https://bugzilla.novell.com/show_bug.cgi?id=743619
https://bugzilla.novell.com/show_bug.cgi?id=744163
https://bugzilla.novell.com/show_bug.cgi?id=744658
https://bugzilla.novell.com/show_bug.cgi?id=745422
https://bugzilla.novell.com/show_bug.cgi?id=745699
https://bugzilla.novell.com/show_bug.cgi?id=745832
https://bugzilla.novell.com/show_bug.cgi?id=745929
https://bugzilla.novell.com/show_bug.cgi?id=746980
https://bugzilla.novell.com/show_bug.cgi?id=747028
https://bugzilla.novell.com/show_bug.cgi?id=747430
https://bugzilla.novell.com/show_bug.cgi?id=747445
https://bugzilla.novell.com/show_bug.cgi?id=748112
https://bugzilla.novell.com/show_bug.cgi?id=748279
https://bugzilla.novell.com/show_bug.cgi?id=748812
https://bugzilla.novell.com/show_bug.cgi?id=749342
https://bugzilla.novell.com/show_bug.cgi?id=749569
https://bugzilla.novell.com/show_bug.cgi?id=749886
https://bugzilla.novell.com/show_bug.cgi?id=750079
https://bugzilla.novell.com/show_bug.cgi?id=750171
https://bugzilla.novell.com/show_bug.cgi?id=751322
https://bugzilla.novell.com/show_bug.cgi?id=751844
https://bugzilla.novell.com/show_bug.cgi?id=751880
https://bugzilla.novell.com/show_bug.cgi?id=752491
https://bugzilla.novell.com/show_bug.cgi?id=752634
https://bugzilla.novell.com/show_bug.cgi?id=752972
https://bugzilla.novell.com/show_bug.cgi?id=755178
https://bugzilla.novell.com/show_bug.cgi?id=755537
https://bugzilla.novell.com/show_bug.cgi?id=756448
https://bugzilla.novell.com/show_bug.cgi?id=756840
https://bugzilla.novell.com/show_bug.cgi?id=757917
https://bugzilla.novell.com/show_bug.cgi?id=758532
https://bugzilla.novell.com/show_bug.cgi?id=758813
https://bugzilla.novell.com/show_bug.cgi?id=759544
http://support.novell.com/security/cve/CVE-2011-1083.html
http://support.novell.com/security/cve/CVE-2011-4086.html
http://support.novell.com/security/cve/CVE-2011-4622.html
http://support.novell.com/security/cve/CVE-2012-0045.html
http://support.novell.com/security/cve/CVE-2012-0879.html
http://support.novell.com/security/cve/CVE-2012-1090.html
http://support.novell.com/security/cve/CVE-2012-1097.html
http://support.novell.com/security/cve/CVE-2012-2133.html

Solution :

Apply SAT patch number 6227 / 6229 / 6230 as appropriate.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 64173 ()

Bugtraq ID:

CVE ID: CVE-2011-1083
CVE-2011-4086
CVE-2011-4622
CVE-2012-0045
CVE-2012-0879
CVE-2012-1090
CVE-2012-1097
CVE-2012-2133

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now