openSUSE Security Update : kernel (openSUSE-SU-2013:1619-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

The Linux kernel was updated to 3.4.63, fixing various bugs and
security issues.

- Linux 3.4.59 (CVE-2013-2237 bnc#828119).

- Linux 3.4.57 (CVE-2013-2148 bnc#823517).

- Linux 3.4.55 (CVE-2013-2232 CVE-2013-2234 CVE-2013-4162
CVE-2013-4163 bnc#827749 bnc#827750 bnc#831055

- Drivers: hv: util: Fix a bug in util version negotiation
code (bnc#838346).

- vmxnet3: prevent div-by-zero panic when ring resizing
uninitialized dev (bnc#833321).

- bnx2x: protect different statistics flows (bnc#814336).

- bnx2x: Avoid sending multiple statistics queries

- Drivers: hv: util: Fix a bug in version negotiation code
for util services (bnc#828714).

- Update Xen patches to 3.4.53.

- netfront: fix kABI after 'reduce gso_max_size to account
for max TCP header'.

- netback: don't disconnect frontend when seeing oversize
packet (bnc#823342).

- netfront: reduce gso_max_size to account for max TCP

- backends: Check for insane amounts of requests on the

- reiserfs: Fixed double unlock in reiserfs_setattr
failure path.

- reiserfs: locking, release lock around quota operations

- reiserfs: locking, handle nested locks properly

- reiserfs: locking, push write lock out of xattr code

- ipv6: ip6_append_data_mtu did not care about pmtudisc
and frag_size (bnc#831055, CVE-2013-4163).

- af_key: fix info leaks in notify messages (bnc#827749

- af_key: initialize satype in key_notify_policy_flush()
(bnc#828119 CVE-2013-2237).

- ipv6: call udp_push_pending_frames when uncorking a
socket with (bnc#831058, CVE-2013-4162).

- ipv6: ip6_sk_dst_check() must not assume ipv6 dst.

- xfs: fix _xfs_buf_find oops on blocks beyond the
filesystem end (CVE-2013-1819 bnc#807471).

- brcmsmac: don't start device when RfKill is engaged

- CIFS: Protect i_nlink from being negative (bnc#785542

- cifs: don't compare uniqueids in cifs_prime_dcache
unless server inode numbers are in use (bnc#794988).

- xfs: xfs: fallback to vmalloc for large buffers in
xfs_compat_attrlist_by_handle (bnc#818053 bnc#807153).

- xfs: fallback to vmalloc for large buffers in
xfs_attrlist_by_handle (bnc#818053 bnc#807153).

- Linux 3.4.53 (CVE-2013-2164 CVE-2013-2851 bnc#822575

- drivers/cdrom/cdrom.c: use kzalloc() for failing
hardware (bnc#824295, CVE-2013-2164).

- fanotify: info leak in copy_event_to_user()
(CVE-2013-2148 bnc#823517).

- block: do not pass disk names as format strings
(bnc#822575 CVE-2013-2851).

- ext4: avoid hang when mounting non-journal filesystems
with orphan list (bnc#817377).

- Linux 3.4.49 (CVE-2013-0231 XSA-43 bnc#801178).

- Linux 3.4.48 (CVE-2013-1774 CVE-2013-2850 bnc#806976

- Always include the git commit in KOTD builds This allows
us not to set it explicitly in builds submitted to the
official distribution (bnc#821612, bnc#824171).

- Bluetooth: Really fix registering hci with duplicate
name (bnc#783858).

- Bluetooth: Fix registering hci with duplicate name

See also :

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 7.9
CVSS Temporal Score : 6.9
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now