SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 8509 / 8516 / 8518)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to
version 3.0.101 and also includes various other bug and security
fixes.

The following features have been added :

- Drivers: hv: Support handling multiple VMBUS versions
(FATE#314665).

- Drivers: hv: Save and export negotiated vmbus version
(FATE#314665).

- Drivers: hv: Move vmbus version definitions to hyperv.h
(FATE#314665). The following security issue has been
fixed :

- The sctp_sf_do_5_2_4_dupcook function in
net/sctp/sm_statefuns.c in the SCTP implementation in
the Linux kernel did not properly handle associations
during the processing of a duplicate COOKIE ECHO chunk,
which allowed remote attackers to cause a denial of
service (NULL pointer dereference and system crash) or
possibly have unspecified other impact via crafted SCTP
traffic. (bnc#826102). (CVE-2013-2206)

The following non-security bugs have been fixed :

- kernel: sclp console hangs (bnc#841498, LTC#95711).

- intel-iommu: Fix leaks in pagetable freeing.
(bnc#841402)

- iommu/vt-d: add quirk for broken interrupt remapping on
55XX chipsets. (bnc#844513)

- x86/iommu/vt-d: Expand interrupt remapping quirk to
cover x58 chipset. (bnc#844513)

- iommu/vt-d: Only warn about broken interrupt remapping.
(bnc#844513)

- iommu: Remove stack trace from broken irq remapping
warning. (bnc#844513)

- softirq: reduce latencies. (bnc#797526)

- Fix lockup related to stop_machine being stuck in
__do_softirq. (bnc#797526)

- splice: fix racy pipe->buffers uses. (bnc#827246)

- blktrace: fix race with open trace files and directory
removal. (bnc#832292)

- mm: Do not walk all of system memory during show_mem
(Reduce tasklist_lock hold times (bnc#821259)).

- mm: Bounce memory pool initialisation. (bnc#836347)

- mm, memcg: introduce own oom handler to iterate only
over its own threads.

- mm, memcg: move all oom handling to memcontrol.c.

- mm, oom: avoid looping when chosen thread detaches its
mm.

- mm, oom: fold oom_kill_task() into oom_kill_process().

- mm, oom: introduce helper function to process threads
during scan.

- mm, oom: reduce dependency on tasklist_lock.

- ipv6: do not call fib6_run_gc() until routing is ready.
(bnc#836218)

- ipv6: prevent fib6_run_gc() contention. (bnc#797526)

- ipv6: update ip6_rt_last_gc every time GC is run.
(bnc#797526)

- net/mlx4_en: Fix BlueFlame race. (bnc#835684)

- netfilter: nf_conntrack: use RCU safe kfree for
conntrack extensions (bnc#827416 bko#60853).

- netfilter: prevent race condition breaking net reference
counting. (bnc#835094)

- net: remove skb_orphan_try(). (bnc#834600)

- bonding: check bond->vlgrp in bond_vlan_rx_kill_vid().
(bnc#834905)

- sctp: deal with multiple COOKIE_ECHO chunks.
(bnc#826102)

- SUNRPC: close a rare race in xs_tcp_setup_socket.
(bnc#794824)

- NFS: make nfs_flush_incompatible more generous.
(bnc#816099)

- NFS: do not try to use lock state when we hold a
delegation. (bnc#831029)

- nfs_lookup_revalidate(): fix a leak. (bnc#828894)

- xfs: growfs: use uncached buffers for new headers.
(bnc#842604)

- xfs: Check the return value of xfs_buf_get().
(bnc#842604)

- xfs: avoid double-free in xfs_attr_node_addname.

- do_add_mount()/umount -l races. (bnc#836801)

- cifs: Fix TRANS2_QUERY_FILE_INFO ByteCount fields.
(bnc#804950)

- cifs: Fix EREMOTE errors encountered on DFS links.
(bnc#831143)

- reiserfs: fix race with flush_used_journal_lists and
flush_journal_list. (bnc#837803)

- reiserfs: remove useless flush_old_journal_lists.

- fs: writeback: Do not sync data dirtied after sync
start. (bnc#833820)

- rcu: Do not trigger false positive RCU stall detection.
(bnc#834204)

- lib/radix-tree.c: make radix_tree_node_alloc() work
correctly within interrupt. (bnc#763463)

- bnx2x: Change to D3hot only on removal. (bnc#838448)

- vmxnet3: prevent div-by-zero panic when ring resizing
uninitialized dev. (bnc#833321)

- Drivers: hv: Support handling multiple VMBUS versions
(fate#314665).

- Drivers: hv: Save and export negotiated vmbus version
(fate#314665).

- Drivers: hv: Move vmbus version definitions to hyperv.h
(fate#314665).

- Drivers: hv: util: Fix a bug in version negotiation code
for util services. (bnc#828714)

- Drivers: hv: util: Correctly support ws2008R2 and
earlier. (bnc#838346)

- Drivers: hv: util: Fix a bug in util version negotiation
code. (bnc#838346)

- iscsi: do not hang in endless loop if no targets
present. (bnc#841094)

- ata: Set proper SK when CK_COND is set. (bnc#833588)

- md: Throttle number of pending write requests in
md/raid10. (bnc#833858)

- dm: ignore merge_bvec for snapshots when safe.
(bnc#820848)

- elousb: some systems cannot stomach work around.
(bnc#840830)

- bio-integrity: track owner of integrity payload.
(bnc#831380)

- quirks: add touchscreen that is dazzeled by remote
wakeup. (bnc#835930)

- Fixed Xen guest freezes. (bnc#829682, bnc#842063)

- config/debug: Enable FSCACHE_DEBUG and CACHEFILES_DEBUG.
(bnc#837372)

- series.conf: disable XHCI ring expansion patches because
on machines with large memory they cause a starvation
problem. (bnc#833635)

- rpm/old-flavors, rpm/mkspec: Add version information to
obsolete flavors. (bnc#821465)

- rpm/kernel-binary.spec.in: Move the xenpae obsolete to
the old-flavors file.

- rpm/old-flavors: Convert the old-packages.conf file to a
flat list.

- rpm/old-packages.conf: Drop bogus obsoletes for 'smp'.
(bnc#821465)

- rpm/kernel-binary.spec.in: Make sure that all KMP
obsoletes are versioned. (bnc#821465)

- rpm/kernel-binary.spec.in: Remove unversioned
provides/obsoletes for packages that were only seen in
openSUSE releases up to 11.0. . (bnc#821465)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=763463
https://bugzilla.novell.com/show_bug.cgi?id=794824
https://bugzilla.novell.com/show_bug.cgi?id=797526
https://bugzilla.novell.com/show_bug.cgi?id=804950
https://bugzilla.novell.com/show_bug.cgi?id=816099
https://bugzilla.novell.com/show_bug.cgi?id=820848
https://bugzilla.novell.com/show_bug.cgi?id=821259
https://bugzilla.novell.com/show_bug.cgi?id=821465
https://bugzilla.novell.com/show_bug.cgi?id=826102
https://bugzilla.novell.com/show_bug.cgi?id=827246
https://bugzilla.novell.com/show_bug.cgi?id=827416
https://bugzilla.novell.com/show_bug.cgi?id=828714
https://bugzilla.novell.com/show_bug.cgi?id=828894
https://bugzilla.novell.com/show_bug.cgi?id=829682
https://bugzilla.novell.com/show_bug.cgi?id=831029
https://bugzilla.novell.com/show_bug.cgi?id=831143
https://bugzilla.novell.com/show_bug.cgi?id=831380
https://bugzilla.novell.com/show_bug.cgi?id=832292
https://bugzilla.novell.com/show_bug.cgi?id=833321
https://bugzilla.novell.com/show_bug.cgi?id=833588
https://bugzilla.novell.com/show_bug.cgi?id=833635
https://bugzilla.novell.com/show_bug.cgi?id=833820
https://bugzilla.novell.com/show_bug.cgi?id=833858
https://bugzilla.novell.com/show_bug.cgi?id=834204
https://bugzilla.novell.com/show_bug.cgi?id=834600
https://bugzilla.novell.com/show_bug.cgi?id=834905
https://bugzilla.novell.com/show_bug.cgi?id=835094
https://bugzilla.novell.com/show_bug.cgi?id=835684
https://bugzilla.novell.com/show_bug.cgi?id=835930
https://bugzilla.novell.com/show_bug.cgi?id=836218
https://bugzilla.novell.com/show_bug.cgi?id=836347
https://bugzilla.novell.com/show_bug.cgi?id=836801
https://bugzilla.novell.com/show_bug.cgi?id=837372
https://bugzilla.novell.com/show_bug.cgi?id=837803
https://bugzilla.novell.com/show_bug.cgi?id=838346
https://bugzilla.novell.com/show_bug.cgi?id=838448
https://bugzilla.novell.com/show_bug.cgi?id=840830
https://bugzilla.novell.com/show_bug.cgi?id=841094
https://bugzilla.novell.com/show_bug.cgi?id=841402
https://bugzilla.novell.com/show_bug.cgi?id=841498
https://bugzilla.novell.com/show_bug.cgi?id=842063
https://bugzilla.novell.com/show_bug.cgi?id=842604
https://bugzilla.novell.com/show_bug.cgi?id=844513
http://support.novell.com/security/cve/CVE-2013-2206.html

Solution :

Apply SAT patch number 8509 / 8516 / 8518 as appropriate.

Risk factor :

Medium / CVSS Base Score : 5.4
(CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 71033 ()

Bugtraq ID:

CVE ID: CVE-2013-2206

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now