SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 6227 / 6229 / 6230)

High Nessus Plugin ID 64173

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

The SUSE Linux Enterprise 11 SP1 kernel has been updated to the 2.6.32.59 stable release to fix a lot of bugs and security issues.

The following security issues have been fixed :

- A use after free bug in hugetlb support could be used by local attackers to crash the system. (CVE-2012-2133)

- A NULL pointer dereference bug in the regsets proc file could be used by local attackers to perhaps crash the system. With mmap_min_addr is set and enabled, exploitation is unlikely. (CVE-2012-1097)

- A reference counting issue in CLONE_IO could be used by local attackers to cause a denial of service (out of memory). (CVE-2012-0879)

- A file handle leak in CIFS code could be used by local attackers to crash the system. (CVE-2012-1090)

- Large nested epoll chains could be used by local attackers to cause a denial of service (excessive CPU consumption). (CVE-2011-1083)

- When using KVM, programming a PIT timer without a irqchip configuration, can be used to crash the kvm guest. This likely can be done only by a privileged guest user. (CVE-2011-4622)

- A KVM 32bit guest crash in 'syscall' opcode handling was fixed that could be caused by local attackers.
(CVE-2012-0045)

- Fixed a oops in jbd/jbd2 that could be caused by specific filesystem access patterns. The following non-security issues have been fixed:. (CVE-2011-4086)

X86 :

- x86: fix the initialization of physnode_map.
(bnc#748112)

- x86: Allow bootmem reserves at greater than 8G node offset within a node. (bnc#740895)

- x86, tsc: Fix SMI induced variation in quick_pit_calibrate(). (bnc#751322)

- x86, efi: Work around broken firmware. (bnc#714507) BONDING :

- bonding: update speed/duplex for NETDEV_CHANGE.
(bnc#752634)

- bonding: comparing a u8 with -1 is always false.
(bnc#752634)

- bonding: start slaves with link down for ARP monitor.
(bnc#752634)

- bonding: send gratuitous ARP for all addresses (bnc#752491). XFS :

- xfs: Fix excessive inode syncing when project quota is exceeded. (bnc#756448)

- xfs: Fix oops on IO error during xlog_recover_process_iunlinks() (bnc#716850). SCSI :

- scsi/ses: Handle non-unique element descriptors.
(bnc#749342, bnc#617344)

- scsi/sd: mark busy sd majors as allocated (bug#744658).

- scsi: Check for invalid sdev in scsi_prep_state_check() (bnc#734300). MD/RAID :

- md: fix possible corruption of array metadata on shutdown.

- md: ensure changes to write-mostly are reflected in metadata. (bnc#755178)

- md: do not set md arrays to readonly on shutdown (bnc#740180, bnc#713148, bnc#734900). XEN :

- smpboot: adjust ordering of operations.

- x86-64: provide a memset() that can deal with 4Gb or above at a time. (bnc#738528)

- blkfront: properly fail packet requests. (bnc#745929)

- Update Xen patches to 2.6.32.57.

- xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX.

- xenbus_dev: add missing error checks to watch handling.

- Refresh other Xen patches. (bnc#652942, bnc#668194, bnc#688079)

- fix Xen-specific kABI issue in Linux 2.6.19. NFS :

- NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and MKDIR. (bnc#751880)

- nfs: Include SYNC flag when comparing mount options with NOAC flag. (bnc#745422)

- NFS returns EIO for EDQUOT and others. (bnc#747028)

- lockd: fix arg parsing for grace_period and timeout.
(bnc#733761)

- nfs: allow nfs4leasetime to be set before starting servers. (bnc#733761)

- nfs: handle d_revalidate of dot correctly (bnc#731809).
S/390 :

- ctcmpc: use correct idal word list for ctcmpc (bnc#750171,LTC#79264).

- qeth: synchronize discipline module loading (bnc#747430,LTC#78788).

- qdio: avoid race leading to stall when tolerating CQ (bnc#737326,LTC#76599).

- kernel: no storage key operations for invalid page table entries (bnc#737326,LTC#77697). OTHER :

- tlan: add cast needed for proper 64 bit operation.
(bnc#756840)

- dl2k: Tighten ioctl permissions. (bnc#758813)

- tg3: Fix RSS ring refill race condition. (bnc#757917)

- usbhid: fix error handling of not enough bandwidth.
(bnc#704280)

- pagecache limit: Fix the shmem deadlock. (bnc#755537)

- tty_audit: fix tty_audit_add_data live lock on audit disabled. (bnc#721366)

- ixgbe: driver sets all WOL flags upon initialization so that machine is powered on as soon at it is switched off. (bnc#693639)

- PCI: Set device power state to PCI_D0 for device without native PM support. (bnc#752972)

- dlm: Do not allocate a fd for peeloff. (bnc#729247)

- sctp: Export sctp_do_peeloff. (bnc#729247)

- epoll: Do not limit non-nested epoll paths. (bnc#676204)

- mlx4: Limit MSI-X vector allocation. (bnc#624072)

- mlx4: Changing interrupt scheme. (bnc#624072)

- mlx4_en: Assigning TX irq per ring. (bnc#624072)

- mlx4_en: Restoring RX buffer pointer in case of failure.
(bnc#624072)

- mlx4_en: using new mlx4 interrupt scheme. (bnc#624072)

- igb: Fix for Alt MAC Address feature on 82580 and later devices. (bnc#746980)

- igb: Power down link when interface is down.
(bnc#745699)

- igb: use correct bits to identify if managability is enabled. (bnc#743209)

- intel_agp: Do not oops with zero stolen memory.
(bnc#738679)

- agp: fix scratch page cleanup. (bnc#738679)

- hugetlb: add generic definition of NUMA_NO_NODE.
(bnc#751844)

- sched: Fix proc_sched_set_task(). (bnc#717994)

- PM: Print a warning if firmware is requested when tasks are frozen. (bnc#749886)

- PM / Sleep: Fix freezer failures due to racy usermodehelper_is_disabled(). (bnc#749886)

- PM / Sleep: Fix read_unlock_usermodehelper() call.
(bnc#749886)

- firmware loader: allow builtin firmware load even if usermodehelper is disabled. (bnc#749886)

- PM / Hibernate: Enable usermodehelpers in software_resume() error path. (bnc#744163)

- ipv6: Allow inet6_dump_addr() to handle more than 64 addresses. (bnc#748279)

- ipv6: fix refcnt problem related to POSTDAD state.
(bnc#743619)

- be2net: change to show correct physical link status.
(bnc#727834)

- be2net: changes to properly provide phy details.
(bnc#727834)

- aio: fix race between io_destroy() and io_submit().
(bnc#747445 / bnc#611264)

- intel-iommu: Check for identity mapping candidate using system dma mask. (bnc#700449)

- intel-iommu: Dont cache iova above 32bit. (bnc#700449)

- intel-iommu: Add domain check in domain_remove_one_dev_info. (bnc#700449)

- intel-iommu: Provide option to enable 64-bit IOMMU pass through mode. (bnc#700449)

- intel-iommu: Remove Host Bridge devices from identity mapping. (bnc#700449)

- intel-iommu: Speed up processing of the identity_mapping function. (bnc#700449)

- intel-iommu: Use coherent DMA mask when requested.
(bnc#700449)

- 1: Fix accounting of softirq time when idle.
(bnc#719793)

- driver-core: fix race between device_register and driver_register. (bnc#742358)

- dcache: patches.fixes/large-hash-dcache_init-fix.patch:
Fix oops when initializing large hash on > 16TB machine.
(bnc#742210)

- kdump: Save PG_compound or PG_head value in VMCOREINFO.
(bnc#738503)

- Update config files: disable NET_9P_RDMA. (bnc#720374)

- cdc-wdm: fix race leading leading to memory corruption.
(bnc#759544)

Solution

Apply SAT patch number 6227 / 6229 / 6230 as appropriate.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=611264

https://bugzilla.novell.com/show_bug.cgi?id=617344

https://bugzilla.novell.com/show_bug.cgi?id=624072

https://bugzilla.novell.com/show_bug.cgi?id=652942

https://bugzilla.novell.com/show_bug.cgi?id=668194

https://bugzilla.novell.com/show_bug.cgi?id=676204

https://bugzilla.novell.com/show_bug.cgi?id=688079

https://bugzilla.novell.com/show_bug.cgi?id=693639

https://bugzilla.novell.com/show_bug.cgi?id=697920

https://bugzilla.novell.com/show_bug.cgi?id=700449

https://bugzilla.novell.com/show_bug.cgi?id=704280

https://bugzilla.novell.com/show_bug.cgi?id=713148

https://bugzilla.novell.com/show_bug.cgi?id=714507

https://bugzilla.novell.com/show_bug.cgi?id=716850

https://bugzilla.novell.com/show_bug.cgi?id=717994

https://bugzilla.novell.com/show_bug.cgi?id=719793

https://bugzilla.novell.com/show_bug.cgi?id=720374

https://bugzilla.novell.com/show_bug.cgi?id=721366

https://bugzilla.novell.com/show_bug.cgi?id=727834

https://bugzilla.novell.com/show_bug.cgi?id=729247

https://bugzilla.novell.com/show_bug.cgi?id=731809

https://bugzilla.novell.com/show_bug.cgi?id=733761

https://bugzilla.novell.com/show_bug.cgi?id=734300

https://bugzilla.novell.com/show_bug.cgi?id=734900

https://bugzilla.novell.com/show_bug.cgi?id=737326

https://bugzilla.novell.com/show_bug.cgi?id=738210

https://bugzilla.novell.com/show_bug.cgi?id=738503

https://bugzilla.novell.com/show_bug.cgi?id=738528

https://bugzilla.novell.com/show_bug.cgi?id=738679

https://bugzilla.novell.com/show_bug.cgi?id=740180

https://bugzilla.novell.com/show_bug.cgi?id=740895

https://bugzilla.novell.com/show_bug.cgi?id=740969

https://bugzilla.novell.com/show_bug.cgi?id=742210

https://bugzilla.novell.com/show_bug.cgi?id=742358

https://bugzilla.novell.com/show_bug.cgi?id=743209

https://bugzilla.novell.com/show_bug.cgi?id=743619

https://bugzilla.novell.com/show_bug.cgi?id=744163

https://bugzilla.novell.com/show_bug.cgi?id=744658

https://bugzilla.novell.com/show_bug.cgi?id=745422

https://bugzilla.novell.com/show_bug.cgi?id=745699

https://bugzilla.novell.com/show_bug.cgi?id=745832

https://bugzilla.novell.com/show_bug.cgi?id=745929

https://bugzilla.novell.com/show_bug.cgi?id=746980

https://bugzilla.novell.com/show_bug.cgi?id=747028

https://bugzilla.novell.com/show_bug.cgi?id=747430

https://bugzilla.novell.com/show_bug.cgi?id=747445

https://bugzilla.novell.com/show_bug.cgi?id=748112

https://bugzilla.novell.com/show_bug.cgi?id=748279

https://bugzilla.novell.com/show_bug.cgi?id=748812

https://bugzilla.novell.com/show_bug.cgi?id=749342

https://bugzilla.novell.com/show_bug.cgi?id=749569

https://bugzilla.novell.com/show_bug.cgi?id=749886

https://bugzilla.novell.com/show_bug.cgi?id=750079

https://bugzilla.novell.com/show_bug.cgi?id=750171

https://bugzilla.novell.com/show_bug.cgi?id=751322

https://bugzilla.novell.com/show_bug.cgi?id=751844

https://bugzilla.novell.com/show_bug.cgi?id=751880

https://bugzilla.novell.com/show_bug.cgi?id=752491

https://bugzilla.novell.com/show_bug.cgi?id=752634

https://bugzilla.novell.com/show_bug.cgi?id=752972

https://bugzilla.novell.com/show_bug.cgi?id=755178

https://bugzilla.novell.com/show_bug.cgi?id=755537

https://bugzilla.novell.com/show_bug.cgi?id=756448

https://bugzilla.novell.com/show_bug.cgi?id=756840

https://bugzilla.novell.com/show_bug.cgi?id=757917

https://bugzilla.novell.com/show_bug.cgi?id=758532

https://bugzilla.novell.com/show_bug.cgi?id=758813

https://bugzilla.novell.com/show_bug.cgi?id=759544

http://support.novell.com/security/cve/CVE-2011-1083.html

http://support.novell.com/security/cve/CVE-2011-4086.html

http://support.novell.com/security/cve/CVE-2011-4622.html

http://support.novell.com/security/cve/CVE-2012-0045.html

http://support.novell.com/security/cve/CVE-2012-0879.html

http://support.novell.com/security/cve/CVE-2012-1090.html

http://support.novell.com/security/cve/CVE-2012-1097.html

http://support.novell.com/security/cve/CVE-2012-2133.html

Plugin Details

Severity: High

ID: 64173

File Name: suse_11_kernel-120428.nasl

Version: Revision: 1.3

Type: local

Agent: unix

Published: 2013/01/25

Updated: 2014/08/20

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:btrfs-kmp-default, p-cpe:/a:novell:suse_linux:11:btrfs-kmp-pae, p-cpe:/a:novell:suse_linux:11:btrfs-kmp-xen, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-trace, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen, p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-default, p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-pae, p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-trace, p-cpe:/a:novell:suse_linux:11:kernel-default, p-cpe:/a:novell:suse_linux:11:kernel-default-base, p-cpe:/a:novell:suse_linux:11:kernel-default-devel, p-cpe:/a:novell:suse_linux:11:kernel-default-extra, p-cpe:/a:novell:suse_linux:11:kernel-default-man, p-cpe:/a:novell:suse_linux:11:kernel-desktop-devel, p-cpe:/a:novell:suse_linux:11:kernel-ec2, p-cpe:/a:novell:suse_linux:11:kernel-ec2-base, p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel, p-cpe:/a:novell:suse_linux:11:kernel-pae, p-cpe:/a:novell:suse_linux:11:kernel-pae-base, p-cpe:/a:novell:suse_linux:11:kernel-pae-devel, p-cpe:/a:novell:suse_linux:11:kernel-pae-extra, p-cpe:/a:novell:suse_linux:11:kernel-source, p-cpe:/a:novell:suse_linux:11:kernel-syms, p-cpe:/a:novell:suse_linux:11:kernel-trace, p-cpe:/a:novell:suse_linux:11:kernel-trace-base, p-cpe:/a:novell:suse_linux:11:kernel-trace-devel, p-cpe:/a:novell:suse_linux:11:kernel-xen, p-cpe:/a:novell:suse_linux:11:kernel-xen-base, p-cpe:/a:novell:suse_linux:11:kernel-xen-devel, p-cpe:/a:novell:suse_linux:11:kernel-xen-extra, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2012/04/28

Reference Information

CVE: CVE-2011-1083, CVE-2011-4086, CVE-2011-4622, CVE-2012-0045, CVE-2012-0879, CVE-2012-1090, CVE-2012-1097, CVE-2012-2133