SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 7273 / 7276 / 7277)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.58, fixing
various bugs and security issues.

The updates contains the following feature enhancement :

- Enable various md/raid10 and DASD enhancements.

- Make is possible for RAID10 to cope with DASD devices
being slow for various reasons - the affected device
will be temporarily removed from the array.

- Added support for reshaping of RAID10 arrays, mdadm
changes will be published to support the changes. The
following security issues were fixed :

- A division by zero in the TCP Illinois algorithm.
(CVE-2012-4565)

- The uname26 personality leaked kernel memory
information. (CVE-2012-0957)

- Kernel stack content disclosure via binfmt_script
load_script(). (CVE-2012-4530) The following
non-security issues were fixed :

- BTRFS :

- btrfs: reset path lock state to zero.

- btrfs: fix off-by-one in lseek.

- btrfs: fix btrfs_cont_expand() freeing IS_ERR em.

- btrfs: update timestamps on truncate().

- btrfs: put csums on the right ordered extent.

- btrfs: use existing align macros in btrfs_allocate()

- btrfs: fix off-by-one error of the reserved size of
btrfs_allocate()

- btrfs: add fiemaps flag check

- btrfs: fix permissions of empty files not affected by
umask

- btrfs: do not auto defrag a file when doing directIO

- btrfs: fix wrong return value of btrfs_truncate_page()

- btrfs: Notify udev when removing device

- btrfs: fix permissions of empty files not affected by
umask

- btrfs: fix hash overflow handling

- btrfs: do not delete a subvolume which is in a R/O
subvolume

- btrfs: remove call to btrfs_wait_ordered_extents to
avoid potential deadlock.

- btrfs: update the checks for mixed block groups with big
metadata blocks

- btrfs: Fix use-after-free in __btrfs_end_transaction

- btrfs: use commit root when loading free space cache.

- btrfs: avoid setting ->d_op twice (FATE#306586
bnc#731387).

- btrfs: fix race in reada (FATE#306586).

- btrfs: do not add both copies of DUP to reada extent
tree

- btrfs: do not mount when we have a sectorsize unequal to
PAGE_SIZE

- btrfs: add missing unlocks to transaction abort paths

- btrfs: avoid sleeping in verify_parent_transid while
atomic

- btrfs: disallow unequal data/metadata blocksize for
mixed block groups

- btrfs: enhance superblock sanity checks. (bnc#749651)

- btrfs: sanitizing ->fs_info, parts 1-5.

- btrfs: make open_ctree() return int.

- btrfs: kill pointless reassignment of ->s_fs_info in
btrfs_fill_super().

- btrfs: merge free_fs_info() calls on fill_super
failures.

- btrfs: make free_fs_info() call ->kill_sb()
unconditional.

- btrfs: consolidate failure exits in btrfs_mount() a bit.

- btrfs: let ->s_fs_info point to fs_info, not root...

- btrfs: take allocation of ->tree_root into open_ctree().

- Update DASD blk_timeout patches after review by IBM :

- dasd: Abort all requests from ioctl

- dasd: Disable block timeouts per default

- dasd: Reduce amount of messages for specific errors

- dasd: Rename ioctls

- dasd: check blk_noretry_request in dasd_times_out()

- dasd: lock ccw queue in dasd_times_out()

- dasd: make DASD_FLAG_TIMEOUT setting more robust

- dasd: rename flag to abortall

- LPFC :

- Update lpfc version for 8.3.5.48.3p driver release.

- lpfc 8.3.32: Correct successful aborts returning error
status.

- lpfc 8.3.34: Correct lock handling to eliminate reset
escalation on I/O abort.

- lpfc 8.3.34: Streamline fcp underrun message printing.

- DRM/i915 :

- drm/i915: EBUSY status handling added to
i915_gem_fault().

- drm/i915: Only clear the GPU domains upon a successful
finish.

- drm/i915: always use RPNSWREQ for turbo change requests.

- drm/i915: do not call modeset_init_hw in i915_reset.

- drm/i915: do not hang userspace when the gpu reset is
stuck.

- drm/i915: do not trylock in the gpu reset code.

- drm/i915: re-init modeset hw state after gpu reset.

- HyperV :

- x86: Hyper-V: register clocksource only if its
advertised.

- Other :

- xfrm: fix freed block size calculation in
xfrm_policy_fini().

- bonding: in balance-rr mode, set curr_active_slave only
if it is up.

- kernel: broken interrupt statistics (LTC#87893).

- kernel: sched_clock() overflow (LTC#87978).

- mm: call sleep_on_page_killable from
__wait_on_page_locked_killable.

- TTY: do not reset masters packet mode.

- patches.suse/kbuild-record-built-in-o: Avoid using
printf(1) in Makefile.build

- rpm/built-in-where.mk: Do not rely on the *.parts file
to be newline-separated.

- NFS: Allow sec=none mounts in certain cases.

- NFS: fix recent breakage to NFS error handling.

- bridge: Pull ip header into skb->data before looking
into ip header.

- dm mpath: allow ioctls to trigger pg init.

- dm mpath: only retry ioctl when no paths if
queue_if_no_path set.

- radix-tree: fix preload vector size.

- sched, rt: Unthrottle rt runqueues in
__disable_runtime().

- sched/rt: Fix SCHED_RR across cgroups.

- sched/rt: Do not throttle when PI boosting.

- sched/rt: Keep period timer ticking when rt throttling
is active.

- sched/rt: Prevent idle task boosting.

- mm: limit mmu_gather batching to fix soft lockups on
!CONFIG_PREEMPT.

- kabi fixup for mm: limit mmu_gather batching to fix soft
lockups on !CONFIG_PREEMPT.

- Refresh Xen patches after update to 3.0.57.

- aio: make kiocb->private NUll in init_sync_kiocb().

- qeth: Fix retry logic in hardsetup. (LTC#87080)

- netiucv: reinsert dev_alloc_name for device naming.
(LTC#87086)

- qeth: set new mac even if old mac is gone (2).
(LTC#87138)

- ocfs2: use spinlock irqsave for downconvert lock.patch.

- af_netlink: force credentials passing.

- af_unix: dont send SCM_CREDENTIALS by default.

- sunrpc: increase maximum slots to use.

- bio: bio allocation failure due to bio_get_nr_vecs().

- bio: do not overflow in bio_get_nr_vecs().

- md: close race between removing and adding a device.

- thp, memcg: split hugepage for memcg oom on cow.

- bonding: delete migrated IP addresses from the rlb hash
table.

- xfs: Fix re-use of EWOULDBLOCK during read on dm-mirror.

- qla2xxx: Determine the number of outstanding commands
based on available resources.

- qla2xxx: Ramp down queue depth for attached SCSI
devices.

- autofs4: fix lockdep splat in autofs.

- ipv6: tcp: fix panic in SYN processing.

- add splash=black option to bootsplash code, to keep a
black background, useful for remote access to VMs.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=729854
https://bugzilla.novell.com/show_bug.cgi?id=731387
https://bugzilla.novell.com/show_bug.cgi?id=736255
https://bugzilla.novell.com/show_bug.cgi?id=739728
https://bugzilla.novell.com/show_bug.cgi?id=745876
https://bugzilla.novell.com/show_bug.cgi?id=749651
https://bugzilla.novell.com/show_bug.cgi?id=758104
https://bugzilla.novell.com/show_bug.cgi?id=762158
https://bugzilla.novell.com/show_bug.cgi?id=763463
https://bugzilla.novell.com/show_bug.cgi?id=773487
https://bugzilla.novell.com/show_bug.cgi?id=773831
https://bugzilla.novell.com/show_bug.cgi?id=775685
https://bugzilla.novell.com/show_bug.cgi?id=778136
https://bugzilla.novell.com/show_bug.cgi?id=779577
https://bugzilla.novell.com/show_bug.cgi?id=780008
https://bugzilla.novell.com/show_bug.cgi?id=782721
https://bugzilla.novell.com/show_bug.cgi?id=783515
https://bugzilla.novell.com/show_bug.cgi?id=786013
https://bugzilla.novell.com/show_bug.cgi?id=786976
https://bugzilla.novell.com/show_bug.cgi?id=787348
https://bugzilla.novell.com/show_bug.cgi?id=787576
https://bugzilla.novell.com/show_bug.cgi?id=787848
https://bugzilla.novell.com/show_bug.cgi?id=789115
https://bugzilla.novell.com/show_bug.cgi?id=789648
https://bugzilla.novell.com/show_bug.cgi?id=789993
https://bugzilla.novell.com/show_bug.cgi?id=790935
https://bugzilla.novell.com/show_bug.cgi?id=791498
https://bugzilla.novell.com/show_bug.cgi?id=791853
https://bugzilla.novell.com/show_bug.cgi?id=791904
https://bugzilla.novell.com/show_bug.cgi?id=792270
https://bugzilla.novell.com/show_bug.cgi?id=792500
https://bugzilla.novell.com/show_bug.cgi?id=792656
https://bugzilla.novell.com/show_bug.cgi?id=792834
https://bugzilla.novell.com/show_bug.cgi?id=793104
https://bugzilla.novell.com/show_bug.cgi?id=793139
https://bugzilla.novell.com/show_bug.cgi?id=793593
https://bugzilla.novell.com/show_bug.cgi?id=793671
https://bugzilla.novell.com/show_bug.cgi?id=794231
https://bugzilla.novell.com/show_bug.cgi?id=794824
https://bugzilla.novell.com/show_bug.cgi?id=795354
https://bugzilla.novell.com/show_bug.cgi?id=797042
https://bugzilla.novell.com/show_bug.cgi?id=798960
https://bugzilla.novell.com/show_bug.cgi?id=799209
https://bugzilla.novell.com/show_bug.cgi?id=799275
https://bugzilla.novell.com/show_bug.cgi?id=799909
http://support.novell.com/security/cve/CVE-2012-0957.html
http://support.novell.com/security/cve/CVE-2012-4530.html
http://support.novell.com/security/cve/CVE-2012-4565.html

Solution :

Apply SAT patch number 7273 / 7276 / 7277 as appropriate.

Risk factor :

Medium / CVSS Base Score : 4.9
(CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N)

Family: SuSE Local Security Checks

Nessus Plugin ID: 64500 ()

Bugtraq ID:

CVE ID: CVE-2012-0957
CVE-2012-4530
CVE-2012-4565

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now