SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7812)

Critical Nessus Plugin ID 57214


The remote SuSE 10 host is missing a security-related patch.


This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel.

The following security issues have been fixed :

- A USB string descriptor overflow in the auerwald USB driver was fixed, which could be used by physically proximate attackers to cause a kernel crash.

- Always check the path in CIFS mounts to avoid interesting filesystem path interaction issues and potential crashes. (CVE-2011-3363)

- A malicious CIFS server could cause a integer overflow on the local machine on directory index operations, in turn causing memory corruption. (CVE-2011-3191)

- The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel did not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allowed physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577.

The following non-security issues have been fixed :

- md: fix deadlock in md/raid1 and md/raid10 when handling a read error. (bnc#628343)

- md: fix possible raid1/raid10 deadlock on read error during resync. (bnc#628343)

- Add timeo parameter to /proc/mounts for nfs filesystems.

- virtio: indirect ring entries (VIRTIO_RING_F_INDIRECT_DESC). (bnc#713876)

- virtio: teach virtio_has_feature() about transport features. (bnc#713876)

- nf_nat: do not add NAT extension for confirmed conntracks. (bnc#709213)

- 8250: Oxford Semiconductor Devices. (bnc#717126)

- 8250_pci: Add support for the Digi/IBM PCIe 2-port Adapter. (bnc#717126)

- 8250: Fix capabilities when changing the port type.

- 8250: Add EEH support. (bnc#717126)

- xfs: fix memory reclaim recursion deadlock on locked inode buffer. (bnc#699355 / bnc#699354 / bnc#721830)

- ipmi: do not grab locks in run-to-completion mode.

- cifs: add fallback in is_path_accessible for old servers. (bnc#718028)

- cciss: do not attempt to read from a write-only register. (bnc#683101)

- s390: kernel: System hang if hangcheck timer expires (bnc#712009,LTC#74157).

- s390: kernel: NSS creation with initrd fails (bnc#712009,LTC#74207).

- s390: kernel: remove code to handle topology interrupts (bnc#712009,LTC#74440).

- xen: Added 1083-kbdfront-absolute-coordinates.patch.

- acpi: Use a spinlock instead of mutex to guard gbl_lock access. (bnc#707439)

- Allow balance_dirty_pages to help other filesystems.

- nfs: fix congestion control. (bnc#709369)

- NFS: Separate metadata and page cache revalidation mechanisms. (bnc#709369)

- jbd: Fix oops in journal_remove_journal_head().

- xen/blkfront: avoid NULL de-reference in CDROM ioctl handling. (bnc#701355)

- xen/x86: replace order-based range checking of M2P table by linear one.

- xen/x86: use dynamically adjusted upper bound for contiguous regions. (bnc#635880)

- Fix type in patches.fixes/libiscsi-dont-run-scsi-eh-if-iscsi-task-is

- s390: cio: Add timeouts for internal IO (bnc#701550,LTC#72691).

- s390: kernel: first time swap use results in heavy swapping (bnc#701550,LTC#73132).

- s390: qeth: wrong number of output queues for HiperSockets (bnc#701550,LTC#73814).


Apply ZYPP patch number 7812.

See Also

Plugin Details

Severity: Critical

ID: 57214

File Name: suse_kernel-7812.nasl

Version: $Revision: 1.3 $

Type: local

Agent: unix

Published: 2011/12/13

Modified: 2012/05/29

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2011/10/21

Reference Information

CVE: CVE-2009-4067, CVE-2011-1577, CVE-2011-1776, CVE-2011-3191, CVE-2011-3363