SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 6547 / 6548 / 6550)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

The SUSE Linux Enterprise 11 SP1 kernel have been updated to fix
various bugs and security issues.

The following security issues have been fixed :

- Several buffer overread and overwrite errors in the UDF
logical volume descriptor code were fixed that might
have allowed local attackers able to mount UDF volumes
to crash the kernel or potentially gain privileges.
(CVE-2012-3400)

- A local denial of service in the last epoll fix was
fixed. (CVE-2012-3375)

- A integer overflow in i915_gem_do_execbuffer() was fixed
that might be used by local attackers to crash the
kernel or potentially execute code. (CVE-2012-2384)

- A integer overflow in i915_gem_execbuffer2() was fixed
that might be used by local attackers to crash the
kernel or potentially execute code. (CVE-2012-2383)

- Memiory leaks in the hugetlbfs map reservation code were
fixed that could be used by local attackers to exhaust
machine memory. (CVE-2012-2390)

- The filesystem capability handling was not fully
correct, allowing local users to bypass fscaps related
restrictions to disable e.g. address space
randomization. (CVE-2012-2123)

- Validation of data_len before allocating fragments of
skbs was fixed that might have allowed a heap overflow.
(CVE-2012-2136)

- Fixed potential buffer overflows in the hfsplus
filesystem, which might be exploited by local attackers
able to mount such filesystems. (CVE-2012-2319)

Several leapsecond related bug fixes have been created :

- hrtimer: provide clock_was_set_delayed(). (bnc#768632)

- time: Fix leapsecond triggered hrtimer/futex load spike
issue. (bnc#768632)

- ntp: fix leap second hrtimer deadlock. (bnc#768632)

- ntp: avoid printk under xtime_lock (bnc#767684). The
following non-security issues have been fixed :

- tcp: drop SYN+FIN messages to avoid memory leaks.
(bnc#765102)

- be2net: Fix EEH error reset before a flash dump
completes. (bnc#755546)

- REVERT svcrpc: destroy server sockets all at once.
(bnc#769210)

- sched: Make sure to not re-read variables after
validation. (bnc#769685)

- audit: Do not send uninitialized data for AUDIT_TTY_GET.
(bnc#755513)

- dlm: do not depend on sctp. (bnc#729247, bnc#763656)

- RPC: killing RPC tasks races fixed. (bnc#765548)

- vlan/core: Fix memory leak/corruption on VLAN GRO_DROP.
(bnc#758058)

- CPU hotplug, cpusets, suspend/resume: Do not modify
cpusets during suspend/resume. (bnc#752858)

- ioat2: kill pending flag. (bnc#765022)

- Fix massive driver induced spin_lock_bh() contention.

- ipmi: Fix IPMI errors due to timing problems.
(bnc#761988)

- xen: fix VM_FOREIGN users after c/s 878:eba6fe6d8d53.
(bnc#760974)

- xen: gntdev: fix multi-page slot allocation.
(bnc#760974)

- rpm/kernel-binary.spec.in: Own the right -kdump initrd.
(bnc#764500)

- kernel: pfault task state race (bnc#764098,LTC#81724).

- xfrm: take net hdr len into account for esp payload size
calculation. (bnc#759545)

- bonding: do not dereference NULL pointer to device of
VLAN 0. (bnc#763830)

- cifs: fix oops while traversing open file list (try #4).
(bnc#756050)

- nfsd: fix BUG at fs/nfsd/nfsfh.h:199 on unlink.
(bnc#769777)

- nfs: Ensure we never try to mount an NFS auto-mount dir
(bnc748601).

- patches.suse/cgroup-disable-memcg-when-low-lowmem.patch:
fix typo: use if defined(CONFIG_) rather than if CONFIG_

- patches.suse/pagecache-limit-fix-shmem-deadlock.patch:
Fixed the GFP_NOWAIT is zero and not suitable for tests
bug. (bnc#755537)

- sys_poll: fix incorrect type for timeout parameter.
(bnc#754428)

- scsi_transport_fc: fix blocked bsg request when fc
object deleted. (bnc#761414, bnc#734300)

- ehea: fix allmulticast support. (bnc#758013)

- scsi: Silence unnecessary warnings about ioctl to
partition. (bnc#758104)

- sched/x86: Fix overflow in cyc2ns_offset. (bnc#630970,
bnc#661605)

- sched/rt: Do not throttle when PI boosting. (bnc#754085)

- sched/rt: Keep period timer ticking when rt throttling
is active. (bnc#754085)

- sched,rt: fix isolated CPUs leaving root_task_group
indefinitely throttled. (bnc#754085)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=630970
https://bugzilla.novell.com/show_bug.cgi?id=661605
https://bugzilla.novell.com/show_bug.cgi?id=720374
https://bugzilla.novell.com/show_bug.cgi?id=729247
https://bugzilla.novell.com/show_bug.cgi?id=734300
https://bugzilla.novell.com/show_bug.cgi?id=752858
https://bugzilla.novell.com/show_bug.cgi?id=754085
https://bugzilla.novell.com/show_bug.cgi?id=754428
https://bugzilla.novell.com/show_bug.cgi?id=755513
https://bugzilla.novell.com/show_bug.cgi?id=755537
https://bugzilla.novell.com/show_bug.cgi?id=755546
https://bugzilla.novell.com/show_bug.cgi?id=756050
https://bugzilla.novell.com/show_bug.cgi?id=758013
https://bugzilla.novell.com/show_bug.cgi?id=758058
https://bugzilla.novell.com/show_bug.cgi?id=758104
https://bugzilla.novell.com/show_bug.cgi?id=758260
https://bugzilla.novell.com/show_bug.cgi?id=759545
https://bugzilla.novell.com/show_bug.cgi?id=760902
https://bugzilla.novell.com/show_bug.cgi?id=760974
https://bugzilla.novell.com/show_bug.cgi?id=761414
https://bugzilla.novell.com/show_bug.cgi?id=761988
https://bugzilla.novell.com/show_bug.cgi?id=763194
https://bugzilla.novell.com/show_bug.cgi?id=763656
https://bugzilla.novell.com/show_bug.cgi?id=763830
https://bugzilla.novell.com/show_bug.cgi?id=764098
https://bugzilla.novell.com/show_bug.cgi?id=764150
https://bugzilla.novell.com/show_bug.cgi?id=764500
https://bugzilla.novell.com/show_bug.cgi?id=765022
https://bugzilla.novell.com/show_bug.cgi?id=765102
https://bugzilla.novell.com/show_bug.cgi?id=765320
https://bugzilla.novell.com/show_bug.cgi?id=765548
https://bugzilla.novell.com/show_bug.cgi?id=767684
https://bugzilla.novell.com/show_bug.cgi?id=768632
https://bugzilla.novell.com/show_bug.cgi?id=769210
https://bugzilla.novell.com/show_bug.cgi?id=769685
https://bugzilla.novell.com/show_bug.cgi?id=769777
https://bugzilla.novell.com/show_bug.cgi?id=769784
https://bugzilla.novell.com/show_bug.cgi?id=769896
http://support.novell.com/security/cve/CVE-2012-2123.html
http://support.novell.com/security/cve/CVE-2012-2136.html
http://support.novell.com/security/cve/CVE-2012-2319.html
http://support.novell.com/security/cve/CVE-2012-2383.html
http://support.novell.com/security/cve/CVE-2012-2384.html
http://support.novell.com/security/cve/CVE-2012-2390.html
http://support.novell.com/security/cve/CVE-2012-2663.html
http://support.novell.com/security/cve/CVE-2012-3375.html
http://support.novell.com/security/cve/CVE-2012-3400.html

Solution :

Apply SAT patch number 6547 / 6548 / 6550 as appropriate.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 64177 ()

Bugtraq ID:

CVE ID: CVE-2012-2123
CVE-2012-2136
CVE-2012-2319
CVE-2012-2383
CVE-2012-2384
CVE-2012-2390
CVE-2012-2663
CVE-2012-3375
CVE-2012-3400

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now