openSUSE Security Update : Kernel (openSUSE-SU-2012:0812-1)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This kernel update of the openSUSE 12.1 kernel brings various bug and
security fixes.

Following issues were fixed :

- tcp: drop SYN+FIN messages (bnc#765102, CVE-2012-2663).

- net: sock: validate data_len before allocating skb in
sock_alloc_send_pskb() (bnc#765320, CVE-2012-2136).

- thp: avoid atomic64_read in pmd_read_atomic for 32bit
PAE (bnc#762991).

- be2net: non-member vlan pkts not received in promiscous
mode (bnc#732006 CVE-2011-3347).

- fcaps: clear the same personality flags as suid when
fcaps are used (bnc#758260 CVE-2012-2123).

- macvtap: zerocopy: validate vectors before building skb
(bnc#758243 CVE-2012-2119).

- macvtap: zerocopy: set SKBTX_DEV_ZEROCOPY only when skb
is built successfully (bnc#758243 CVE-2012-2119).

- macvtap: zerocopy: put page when fail to get all
requested user pages (bnc#758243 CVE-2012-2119).

- macvtap: zerocopy: fix offset calculation when building
skb (bnc#758243 CVE-2012-2119).

- Avoid reading past buffer when calling GETACL
(bnc#762992).

- Avoid beyond bounds copy while caching ACL (bnc#762992).

- Fix length of buffer copied in __nfs4_get_acl_uncached
(bnc#762992).

- hfsplus: Fix potential buffer overflows (bnc#760902
CVE-2009-4020).

- usb/net: rndis: merge command codes. only net/hyperv
part

- usb/net: rndis: remove ambiguous status codes. only
net/hyperv part

- usb/net: rndis: break out <linux/rndis.h> defines. only
net/hyperv part

- net/hyperv: Add flow control based on hi/low watermark.

- hv: fix return type of hv_post_message().

- Drivers: hv: util: Properly handle version negotiations.

- Drivers: hv: Get rid of an unnecessary check in
vmbus_prep_negotiate_resp().

- HID: hyperv: Set the hid drvdata correctly.

- HID: hid-hyperv: Do not use hid_parse_report() directly.

- [SCSI] storvsc: Properly handle errors from the host
(bnc#747404).

- Delete patches.suse/suse-hv-storvsc-ignore-ata_16.patch.

- patches.suse/suse-hv-pata_piix-ignore-disks.patch
replace our version of this patch with upstream variant:
ata_piix: defer disks to the Hyper-V drivers by default
libata: add a host flag to ignore detected ATA devices.

- mm: pmd_read_atomic: fix 32bit PAE pmd walk vs
pmd_populate SMP race condition (bnc#762991
CVE-2012-2373).

- xfrm: take net hdr len into account for esp payload size
calculation (bnc#759545).

- net/hyperv: Adding cancellation to ensure rndis filter
is closed.

- xfs: Fix oops on IO error during
xlog_recover_process_iunlinks() (bnc#761681).

- thp: reduce khugepaged freezing latency (bnc#760860).

- igb: fix rtnl race in PM resume path (bnc#748859).

- ixgbe: add missing rtnl_lock in PM resume path
(bnc#748859).

- cdc_ether: Ignore bogus union descriptor for RNDIS
devices (bnc#735362). Taking the fix from net-next

- Fix kABI breakage due to including proc_fs.h in
kernel/fork.c modversion changed because of changes in
struct proc_dir_entry (became defined) Refresh
patches.fixes/procfs-namespace-pid_ns-fix-leakage-on-for
k-failure.

- Disabled MMC_TEST (bnc#760077).

- Input: ALPS - add semi-MT support for v3 protocol
(bnc#716996).

- Input: ALPS - add support for protocol versions 3 and 4
(bnc#716996).

- Input: ALPS - remove assumptions about packet size
(bnc#716996).

- Input: ALPS - add protocol version field in
alps_model_info (bnc#716996).

- Input: ALPS - move protocol information to Documentation
(bnc#716996).

- sysctl/defaults: kernel.hung_task_timeout ->
kernel.hung_task_timeout_secs (bnc#700174)

- btrfs: partial revert of truncation improvements
(FATE#306586 bnc#748463 bnc#760279).

- libata: skip old error history when counting probe
trials.

- procfs, namespace, pid_ns: fix leakage upon fork()
failure (bnc#757783).

- cdc-wdm: fix race leading leading to memory corruption
(bnc#759554). This patch fixes a race whereby a pointer
to a buffer would be overwritten while the buffer was in
use leading to a double free and a memory leak. This
causes crashes. This bug was introduced in 2.6.34

- netfront: delay gARP until backend switches to
Connected.

- xenbus: Reject replies with payload >
XENSTORE_PAYLOAD_MAX.

- xenbus: check availability of XS_RESET_WATCHES command.

- xenbus_dev: add missing error checks to watch handling.

- drivers/xen/: use strlcpy() instead of strncpy().

- blkfront: properly fail packet requests (bnc#745929).

- Linux 3.1.10.

- Update Xen config files.

- Refresh other Xen patches.

- tlan: add cast needed for proper 64 bit operation
(bnc#756840).

- dl2k: Tighten ioctl permissions (bnc#758813).

- mqueue: fix a vfsmount longterm reference leak
(bnc#757783).

- cciss: Add IRQF_SHARED back in for the non-MSI(X)
interrupt handler (bnc#757789).

- procfs: fix a vfsmount longterm reference leak
(bnc#757783).

- uwb: fix error handling (bnc#731720). This fixes a
kernel error on unplugging an uwb dongle

- uwb: fix use of del_timer_sync() in interrupt
(bnc#731720). This fixes a kernel warning on plugging in
an uwb dongle

- acer-wmi: Detect communication hot key number.

- acer-wmi: replaced the hard coded bitmap by the
communication devices bitmap from SMBIOS.

- acer-wmi: add ACER_WMID_v2 interface flag to represent
new notebooks.

- acer-wmi: No wifi rfkill on Sony machines.

- acer-wmi: No wifi rfkill on Lenovo machines.

- [media] cx22702: Fix signal strength.

- fs: cachefiles: Add support for large files in
filesystem caching (bnc#747038).

- Drivers: scsi: storvsc: Account for in-transit packets
in the RESET path.

- CPU hotplug, cpusets, suspend: Don't touch cpusets
during suspend/resume (bnc#752460).

- net: fix a potential rcu_read_lock() imbalance in
rt6_fill_node() (bnc#754186, bnc#736268).

- This commit fixes suspend to ram breakage reported in
bnc#764864. Remove dud patch. The problem it addressed
is being respun upstream, is in tip, but not yet
mainlined. See bnc#752460 for details regarding the
problem the now removed patch fixed while breaking S2R.
Delete
patches.fixes/cpusets-Dont-touch-cpusets-during-suspend-
or-resume.patch.

- Remove dud patch. The problem it addressed is being
respun upstream, is in tip, but not yet mainlined.
Delete
patches.fixes/cpusets-Dont-touch-cpusets-during-suspend-
or-resume.patch.

- fix VM_FOREIGN users after c/s 878:eba6fe6d8d53
(bnc#760974).

- gntdev: fix multi-page slot allocation (bnc#760974).

- mm: pmd_read_atomic: fix 32bit PAE pmd walk vs
pmd_populateSMP race condition (bnc#762991
CVE-2012-2373).

- thp: avoid atomic64_read in pmd_read_atomic for 32bit
PAE (bnc#762991).

- sym53c8xx: Fix NULL pointer dereference in slave_destroy
(bnc#767786).

- sky2: fix regression on Yukon Optima (bnc#731537).

See also :

http://lists.opensuse.org/opensuse-updates/2012-07/msg00002.html
https://bugzilla.novell.com/show_bug.cgi?id=700174
https://bugzilla.novell.com/show_bug.cgi?id=716996
https://bugzilla.novell.com/show_bug.cgi?id=731537
https://bugzilla.novell.com/show_bug.cgi?id=731720
https://bugzilla.novell.com/show_bug.cgi?id=732006
https://bugzilla.novell.com/show_bug.cgi?id=735362
https://bugzilla.novell.com/show_bug.cgi?id=736268
https://bugzilla.novell.com/show_bug.cgi?id=745929
https://bugzilla.novell.com/show_bug.cgi?id=747038
https://bugzilla.novell.com/show_bug.cgi?id=747404
https://bugzilla.novell.com/show_bug.cgi?id=748463
https://bugzilla.novell.com/show_bug.cgi?id=748859
https://bugzilla.novell.com/show_bug.cgi?id=752460
https://bugzilla.novell.com/show_bug.cgi?id=754186
https://bugzilla.novell.com/show_bug.cgi?id=756840
https://bugzilla.novell.com/show_bug.cgi?id=757783
https://bugzilla.novell.com/show_bug.cgi?id=757789
https://bugzilla.novell.com/show_bug.cgi?id=758243
https://bugzilla.novell.com/show_bug.cgi?id=758260
https://bugzilla.novell.com/show_bug.cgi?id=758813
https://bugzilla.novell.com/show_bug.cgi?id=759545
https://bugzilla.novell.com/show_bug.cgi?id=759554
https://bugzilla.novell.com/show_bug.cgi?id=760077
https://bugzilla.novell.com/show_bug.cgi?id=760279
https://bugzilla.novell.com/show_bug.cgi?id=760860
https://bugzilla.novell.com/show_bug.cgi?id=760902
https://bugzilla.novell.com/show_bug.cgi?id=760974
https://bugzilla.novell.com/show_bug.cgi?id=761681
https://bugzilla.novell.com/show_bug.cgi?id=762991
https://bugzilla.novell.com/show_bug.cgi?id=762992
https://bugzilla.novell.com/show_bug.cgi?id=764864
https://bugzilla.novell.com/show_bug.cgi?id=765102
https://bugzilla.novell.com/show_bug.cgi?id=765320
https://bugzilla.novell.com/show_bug.cgi?id=767786

Solution :

Update the affected Kernel packages.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 74661 ()

Bugtraq ID:

CVE ID: CVE-2009-4020
CVE-2011-3347
CVE-2012-2119
CVE-2012-2123
CVE-2012-2136
CVE-2012-2373
CVE-2012-2663

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now