openSUSE Security Update : kernel (openSUSE-SU-2013:0951-1)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE 12.3 kernel was updated to fix a critical security issue,
other security issues and several bugs.

Security issues fixed: CVE-2013-2094: The perf_swevent_init function
in kernel/events/core.c in the Linux kernel used an incorrect integer
data type, which allowed local users to gain privileges via a crafted
perf_event_open system call.

CVE-2013-0290: The __skb_recv_datagram function in net/core/datagram.c
in the Linux kernel did not properly handle the MSG_PEEK flag with
zero-length data, which allowed local users to cause a denial of
service (infinite loop and system hang) via a crafted application.

Bugs fixed :

- qlge: fix dma map leak when the last chunk is not
allocated (bnc#819519).

- ACPI / thermal: do not always return
THERMAL_TREND_RAISING for active trip points
(bnc#820048).

- perf: Treat attr.config as u64 in perf_swevent_init()
(bnc#819789, CVE-2013-2094).

- cxgb4: fix error recovery when t4_fw_hello returns a
positive value (bnc#818497).

- kabi/severities: Ignore drivers/mfd/ucb1400_core It
provides internal exports to UCB1400 drivers, that we
have just disabled.

- Fix -devel package for armv7hl armv7hl kernel flavors in
the non-multiplatform configuration (which is the
default for our openSUSE 12.3 release), needs more
header files from the machine specific directories to be
included in kernel-devel.

- Update config files: disable UCB1400 on all but ARM
Currently UCB1400 is only used on ARM OMAP systems, and
part of the code is dead code that can't even be
modularized.

- CONFIG_UCB1400_CORE=n

- CONFIG_TOUCHSCREEN_UCB1400=n

- CONFIG_GPIO_UCB1400=n

- rpm/config.sh: Drop the ARM repository, the KOTD will
build against the 'ports' repository of openSUSE:12.3

- mm/mmap: check for RLIMIT_AS before unmapping
(bnc#818327).

- rpm/kernel-spec-macros: Properly handle KOTD release
numbers with .g<commit> suffix

- rpm/kernel-spec-macros: Drop the %release_num macro We
no longer put the -rcX tag into the release string.

- xen-pciback: notify hypervisor about devices intended to
be assigned to guests.

- unix/stream: fix peeking with an offset larger than data
in queue (bnc#803931 CVE-2013-0290).

- unix/dgram: fix peeking with an offset larger than data
in queue (bnc#803931 CVE-2013-0290).

- unix/dgram: peek beyond 0-sized skbs (bnc#803931
CVE-2013-0290).

- net: fix infinite loop in __skb_recv_datagram()
(bnc#803931 CVE-2013-0290).

- TTY: fix atime/mtime regression (bnc#815745).

- md/raid1,raid10: fix deadlock with freeze_array()
(813889).

- md: raid1,10: Handle REQ_WRITE_SAME flag in write bios
(bnc#813889).

- KMS: fix EDID detailed timing vsync parsing.

- KMS: fix EDID detailed timing frame rate.

- Add Netfilter/ebtables support Those modues are needed
for proper OpenStack support on ARM, and are also
enabled on x86(_64)

See also :

http://lists.opensuse.org/opensuse-updates/2013-06/msg00087.html
https://bugzilla.novell.com/show_bug.cgi?id=803931
https://bugzilla.novell.com/show_bug.cgi?id=813889
https://bugzilla.novell.com/show_bug.cgi?id=815745
https://bugzilla.novell.com/show_bug.cgi?id=818327
https://bugzilla.novell.com/show_bug.cgi?id=818497
https://bugzilla.novell.com/show_bug.cgi?id=819519
https://bugzilla.novell.com/show_bug.cgi?id=819789
https://bugzilla.novell.com/show_bug.cgi?id=820048

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.6
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 75016 ()

Bugtraq ID: 57964
59846

CVE ID: CVE-2013-0290
CVE-2013-2094

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now