SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 6227 / 6229 / 6230)

high Nessus Plugin ID 64173

Language:

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 5.9

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

The SUSE Linux Enterprise 11 SP1 kernel has been updated to the 2.6.32.59 stable release to fix a lot of bugs and security issues.

The following security issues have been fixed :

- A use after free bug in hugetlb support could be used by local attackers to crash the system. (CVE-2012-2133)

- A NULL pointer dereference bug in the regsets proc file could be used by local attackers to perhaps crash the system. With mmap_min_addr is set and enabled, exploitation is unlikely. (CVE-2012-1097)

- A reference counting issue in CLONE_IO could be used by local attackers to cause a denial of service (out of memory). (CVE-2012-0879)

- A file handle leak in CIFS code could be used by local attackers to crash the system. (CVE-2012-1090)

- Large nested epoll chains could be used by local attackers to cause a denial of service (excessive CPU consumption). (CVE-2011-1083)

- When using KVM, programming a PIT timer without a irqchip configuration, can be used to crash the kvm guest. This likely can be done only by a privileged guest user. (CVE-2011-4622)

- A KVM 32bit guest crash in 'syscall' opcode handling was fixed that could be caused by local attackers.
(CVE-2012-0045)

- Fixed a oops in jbd/jbd2 that could be caused by specific filesystem access patterns. The following non-security issues have been fixed:. (CVE-2011-4086)

X86 :

- x86: fix the initialization of physnode_map.
(bnc#748112)

- x86: Allow bootmem reserves at greater than 8G node offset within a node. (bnc#740895)

- x86, tsc: Fix SMI induced variation in quick_pit_calibrate(). (bnc#751322)

- x86, efi: Work around broken firmware. (bnc#714507) BONDING :

- bonding: update speed/duplex for NETDEV_CHANGE.
(bnc#752634)

- bonding: comparing a u8 with -1 is always false.
(bnc#752634)

- bonding: start slaves with link down for ARP monitor.
(bnc#752634)

- bonding: send gratuitous ARP for all addresses (bnc#752491). XFS :

- xfs: Fix excessive inode syncing when project quota is exceeded. (bnc#756448)

- xfs: Fix oops on IO error during xlog_recover_process_iunlinks() (bnc#716850). SCSI :

- scsi/ses: Handle non-unique element descriptors.
(bnc#749342, bnc#617344)

- scsi/sd: mark busy sd majors as allocated (bug#744658).

- scsi: Check for invalid sdev in scsi_prep_state_check() (bnc#734300). MD/RAID :

- md: fix possible corruption of array metadata on shutdown.

- md: ensure changes to write-mostly are reflected in metadata. (bnc#755178)

- md: do not set md arrays to readonly on shutdown (bnc#740180, bnc#713148, bnc#734900). XEN :

- smpboot: adjust ordering of operations.

- x86-64: provide a memset() that can deal with 4Gb or above at a time. (bnc#738528)

- blkfront: properly fail packet requests. (bnc#745929)

- Update Xen patches to 2.6.32.57.

- xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX.

- xenbus_dev: add missing error checks to watch handling.

- Refresh other Xen patches. (bnc#652942, bnc#668194, bnc#688079)

- fix Xen-specific kABI issue in Linux 2.6.19. NFS :

- NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and MKDIR. (bnc#751880)

- nfs: Include SYNC flag when comparing mount options with NOAC flag. (bnc#745422)

- NFS returns EIO for EDQUOT and others. (bnc#747028)

- lockd: fix arg parsing for grace_period and timeout.
(bnc#733761)

- nfs: allow nfs4leasetime to be set before starting servers. (bnc#733761)

- nfs: handle d_revalidate of dot correctly (bnc#731809).
S/390 :

- ctcmpc: use correct idal word list for ctcmpc (bnc#750171,LTC#79264).

- qeth: synchronize discipline module loading (bnc#747430,LTC#78788).

- qdio: avoid race leading to stall when tolerating CQ (bnc#737326,LTC#76599).

- kernel: no storage key operations for invalid page table entries (bnc#737326,LTC#77697). OTHER :

- tlan: add cast needed for proper 64 bit operation.
(bnc#756840)

- dl2k: Tighten ioctl permissions. (bnc#758813)

- tg3: Fix RSS ring refill race condition. (bnc#757917)

- usbhid: fix error handling of not enough bandwidth.
(bnc#704280)

- pagecache limit: Fix the shmem deadlock. (bnc#755537)

- tty_audit: fix tty_audit_add_data live lock on audit disabled. (bnc#721366)

- ixgbe: driver sets all WOL flags upon initialization so that machine is powered on as soon at it is switched off. (bnc#693639)

- PCI: Set device power state to PCI_D0 for device without native PM support. (bnc#752972)

- dlm: Do not allocate a fd for peeloff. (bnc#729247)

- sctp: Export sctp_do_peeloff. (bnc#729247)

- epoll: Do not limit non-nested epoll paths. (bnc#676204)

- mlx4: Limit MSI-X vector allocation. (bnc#624072)

- mlx4: Changing interrupt scheme. (bnc#624072)

- mlx4_en: Assigning TX irq per ring. (bnc#624072)

- mlx4_en: Restoring RX buffer pointer in case of failure.
(bnc#624072)

- mlx4_en: using new mlx4 interrupt scheme. (bnc#624072)

- igb: Fix for Alt MAC Address feature on 82580 and later devices. (bnc#746980)

- igb: Power down link when interface is down.
(bnc#745699)

- igb: use correct bits to identify if managability is enabled. (bnc#743209)

- intel_agp: Do not oops with zero stolen memory.
(bnc#738679)

- agp: fix scratch page cleanup. (bnc#738679)

- hugetlb: add generic definition of NUMA_NO_NODE.
(bnc#751844)

- sched: Fix proc_sched_set_task(). (bnc#717994)

- PM: Print a warning if firmware is requested when tasks are frozen. (bnc#749886)

- PM / Sleep: Fix freezer failures due to racy usermodehelper_is_disabled(). (bnc#749886)

- PM / Sleep: Fix read_unlock_usermodehelper() call.
(bnc#749886)

- firmware loader: allow builtin firmware load even if usermodehelper is disabled. (bnc#749886)

- PM / Hibernate: Enable usermodehelpers in software_resume() error path. (bnc#744163)

- ipv6: Allow inet6_dump_addr() to handle more than 64 addresses. (bnc#748279)

- ipv6: fix refcnt problem related to POSTDAD state.
(bnc#743619)

- be2net: change to show correct physical link status.
(bnc#727834)

- be2net: changes to properly provide phy details.
(bnc#727834)

- aio: fix race between io_destroy() and io_submit().
(bnc#747445 / bnc#611264)

- intel-iommu: Check for identity mapping candidate using system dma mask. (bnc#700449)

- intel-iommu: Dont cache iova above 32bit. (bnc#700449)

- intel-iommu: Add domain check in domain_remove_one_dev_info. (bnc#700449)

- intel-iommu: Provide option to enable 64-bit IOMMU pass through mode. (bnc#700449)

- intel-iommu: Remove Host Bridge devices from identity mapping. (bnc#700449)

- intel-iommu: Speed up processing of the identity_mapping function. (bnc#700449)

- intel-iommu: Use coherent DMA mask when requested.
(bnc#700449)

- 1: Fix accounting of softirq time when idle.
(bnc#719793)

- driver-core: fix race between device_register and driver_register. (bnc#742358)

- dcache: patches.fixes/large-hash-dcache_init-fix.patch:
Fix oops when initializing large hash on > 16TB machine.
(bnc#742210)

- kdump: Save PG_compound or PG_head value in VMCOREINFO.
(bnc#738503)

- Update config files: disable NET_9P_RDMA. (bnc#720374)

- cdc-wdm: fix race leading leading to memory corruption.
(bnc#759544)

Solution

Apply SAT patch number 6227 / 6229 / 6230 as appropriate.

Plugin Details

Severity: High

ID: 64173

File Name: suse_11_kernel-120428.nasl

Version: 1.5

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 1/25/2013

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information

Risk Factor: High

VPR Score: 5.9

CVSS v2.0

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:btrfs-kmp-default, p-cpe:/a:novell:suse_linux:11:btrfs-kmp-pae, p-cpe:/a:novell:suse_linux:11:btrfs-kmp-xen, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-trace, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen, p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-default, p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-pae, p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-trace, p-cpe:/a:novell:suse_linux:11:kernel-default, p-cpe:/a:novell:suse_linux:11:kernel-default-base, p-cpe:/a:novell:suse_linux:11:kernel-default-devel, p-cpe:/a:novell:suse_linux:11:kernel-default-extra, p-cpe:/a:novell:suse_linux:11:kernel-default-man, p-cpe:/a:novell:suse_linux:11:kernel-desktop-devel, p-cpe:/a:novell:suse_linux:11:kernel-ec2, p-cpe:/a:novell:suse_linux:11:kernel-ec2-base, p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel, p-cpe:/a:novell:suse_linux:11:kernel-pae, p-cpe:/a:novell:suse_linux:11:kernel-pae-base, p-cpe:/a:novell:suse_linux:11:kernel-pae-devel, p-cpe:/a:novell:suse_linux:11:kernel-pae-extra, p-cpe:/a:novell:suse_linux:11:kernel-source, p-cpe:/a:novell:suse_linux:11:kernel-syms, p-cpe:/a:novell:suse_linux:11:kernel-trace, p-cpe:/a:novell:suse_linux:11:kernel-trace-base, p-cpe:/a:novell:suse_linux:11:kernel-trace-devel, p-cpe:/a:novell:suse_linux:11:kernel-xen, p-cpe:/a:novell:suse_linux:11:kernel-xen-base, p-cpe:/a:novell:suse_linux:11:kernel-xen-devel, p-cpe:/a:novell:suse_linux:11:kernel-xen-extra, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 4/28/2012

Reference Information

CVE: CVE-2011-1083, CVE-2011-4086, CVE-2011-4622, CVE-2012-0045, CVE-2012-0879, CVE-2012-1090, CVE-2012-1097, CVE-2012-2133