openSUSE Security Update : kernel (openSUSE-SU-2013:0923-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE 12.3 kernel was updated to fix various security issues
and bugs :

- config.conf: Disable armv7hl/u8500 until it builds again

-
patches.fixes/ocfs2-Fix-oops-in-ocfs2_fast_symlink_readp
age: ocfs2: Fix oops in ocfs2_fast_symlink_readpage()
code path

- drm/nouveau: Fix typo in init_idx_addr_latched()
(bnc#800686).

- rtl28xxu: Add USB ID for MaxMedia HU394-T (bnc#812113).

- rtl28xxu: Add USB IDs for Compro VideoMate U620F
(bnc#812113).

- Support Digivox Mini HD (rtl2832) (bnc#812113).

- rtl28xxu: correct some device names (bnc#812113).

- rtl28xxu: add Gigabyte U7300 DVB-T Dongle (bnc#812113).

- rtl28xxu: [1b80:d3a8] ASUS My Cinema-U3100Mini Plus V2
(bnc#812113).

- rtl28xxu: add NOXON DAB/DAB+ USB dongle rev 2
(bnc#812113).

- drm: correctly restore mappings if drm_open fails
(bnc#807850).

- Drivers: hv: vmbus: Fix a bug in hv_need_to_signal()
(bnc#811417).

- svcrpc: fix rpc server shutdown races (bnc#802812).

- Update patches to what was accepted upstream.

- Refresh
patches.arch/kvm-convert-msr_kvm_system_time-to-use-gfn_
to_hva_cache_init.patch.

- Refresh
patches.arch/kvm-fix-for-buffer-overflow-in-handling-of-
msr_kvm_system_time.patch.

- KVM: Convert MSR_KVM_SYSTEM_TIME to use
gfn_to_hva_cache_init (bnc#806980 CVE-2013-1797).

- KVM: Fix bounds checking in ioapic indirect register
read (bnc#806980 CVE-2013-1798).

- KVM: Fix for buffer overflow in handling of
MSR_KVM_SYSTEM_TIME (bnc#806980 CVE-2013-1796).

- kabi/severities: Allow kvm abi changes - kvm modules are
self consistent

- loopdev: fix a deadlock (bnc#809748).

- block: use i_size_write() in bd_set_size() (bnc#809748).

- drm/i915: bounds check execbuffer relocation count
(bnc#808829,CVE-2013-0913).

- TTY: do not reset master's packet mode (bnc#809330).

- Update patches.fixes/ext3-Fix-format-string-issues.patch
(bnc#809155 CVE-2013-1848).

- ext3: Fix format string issues (bnc#809155).

- Drivers: hv: balloon: Do not request completion
notification (fate#314663).

- e1000e: fix runtime power management transitions
(bnc#806966).

- e1000e: fix pci-device enable-counter balance
(bnc#806966).

- e1000e: fix accessing to suspended device (bnc#806966).

- gpio-ich: Fix ichx_gpio_check_available() return what
callers expect.

- gpio/ich: Add missing spinlock init.

- Refresh
patches.suse/SUSE-bootsplash-mgadrmfb-workaround. Add
the same w/a for ast and cirrus KMS, too (bnc#806990).

- Fix broken VT1 output with mgadrmfb (bnc#806990).

- PCI/PM: Clear state_saved during suspend (bnc#806966).

See also :

http://lists.opensuse.org/opensuse-updates/2013-06/msg00059.html
https://bugzilla.novell.com/show_bug.cgi?id=800686
https://bugzilla.novell.com/show_bug.cgi?id=802812
https://bugzilla.novell.com/show_bug.cgi?id=806966
https://bugzilla.novell.com/show_bug.cgi?id=806980
https://bugzilla.novell.com/show_bug.cgi?id=806990
https://bugzilla.novell.com/show_bug.cgi?id=807850
https://bugzilla.novell.com/show_bug.cgi?id=808829
https://bugzilla.novell.com/show_bug.cgi?id=809155
https://bugzilla.novell.com/show_bug.cgi?id=809330
https://bugzilla.novell.com/show_bug.cgi?id=809748
https://bugzilla.novell.com/show_bug.cgi?id=811417
https://bugzilla.novell.com/show_bug.cgi?id=812113

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 74985 ()

Bugtraq ID:

CVE ID: CVE-2013-0913
CVE-2013-1796
CVE-2013-1797
CVE-2013-1798
CVE-2013-1848

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now