SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 6641 / 6643 / 6648)

high Nessus Plugin ID 64178

Language:

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.38, fixing various bugs and security issues.

The following security issues have been fixed :

- Several buffer overread and overwrite errors in the UDF logical volume descriptor code have been fixed that might have have allowed local attackers able to mount UDF volumes to crash the kernel or potentially gain privileges. (CVE-2012-3400)

- A denial of service (crash) in epoll has been fixed. The three NTP leapsecond issues were fixed and are contained in Linux Kernel stable 3.0.38. (CVE-2012-3375)

The Libceph/ceph/rbd framework was imported for later Cloud storage usage.

Various bug and security fixes were integrated from the Linux stable kernel 3.0.34-3.0.38 upgrade and are not explicitly listed here.

The following other non-security issues have been fixed :

S/390

- dasd: Use correct queue for aborting requests.

- dasd: Abort requests from correct queue.

- [S390] Do not clobber personality flags on exec.
(bnc#770034)

- dasd: Kick tasklet instead of processing the request_queue directly.

- s390/kernel: CPU idle vs CPU hotplug (bnc#772407,LTC#83468).

- lgr: Make lgr_page static (bnc#772407,LTC#83520).

- s390/kernel: incorrect task size after fork of a 31 bit process (bnc#772407,LTC#83674).

- dasd: Abort all requests on the request_queue, too.
(bnc#768084)

- DASD: Add timeout attribute. (bnc#771361)

- dasd: Fixup typo in debugging message.

- patches.suse/dasd-fail-all-requests-after-timeout.patch:
Fixup handling of failfast requests. (bnc#768084)

- s390: allow zcrypt to /dev/random feeding to be resumed.
(bnc#718910)

- s390/hypfs: Missing files and directories (bnc#769407,LTC#82838).

- dasd: Fail all requests after timeout. (bnc#768084)

- s390/kernel: Add z/VM LGR detection (bnc#767281,LTC#RAS1203). BTRFS fixes (3.3-3.5+)

- Btrfs: avoid sleeping in verify_parent_transid while atomic

- Btrfs: fix btrfs_release_extent_buffer_page with the right usage of num_extent_pages

- Btrfs: do not check delalloc when updating disk_i_size

- Btrfs: look into the extent during find_all_leafs

- Btrfs: do not set for_cow parameter for tree block functions

- Btrfs: fix defrag regression

- Btrfs: fix missing inherited flag in rename

- Btrfs: do not resize a seeding device

- Btrfs: cast devid to unsigned long long for printk %llu

- Btrfs: add a missing spin_lock

- Btrfs: restore restriper state on all mounts

- Btrfs: resume balance on rw (re)mounts properly

- Btrfs: fix tree log remove space corner case

- Btrfs: hold a ref on the inode during writepages

- Btrfs: do not return EINVAL instead of ENOMEM from open_ctree()

- Btrfs: do not ignore errors from btrfs_cleanup_fs_roots() when mounting

- Btrfs: fix error handling in __add_reloc_root()

- Btrfs: return error of btrfs_update_inode() to caller

- Btrfs: fix typo in cow_file_range_async and async_cow_submit

- Btrfs: fix btrfs_is_free_space_inode to recognize btree inode

- Btrfs: kill root from btrfs_is_free_space_inode

- Btrfs: zero unused bytes in inode item

- disable patches.suse/btrfs-8052-fix-wrong-information-of-the-dir ectory-in-the-.patch. (bnc#757059)

XEN

- Refresh Xen patches (bnc#772831, add spinlock.nopoll option).

- Update Xen patches to 3.0.35.

- xen/thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE. (bnc#762991)

- Update Xen config files (CONFIG_XEN_SPINLOCK_ACQUIRE_NESTING=1). MD

- md: Do not truncate size at 4TB for RAID0 and Linear

- md/bitmap: Do not write bitmap while earlier writes might be in-fligh. (bnc#771398)

- md: Fixup blktrace information.

- md: Abort pending request for RAID10. (bnc#773251)

- md: add raid10 tracepoints. (bnc#768084)

- md: wakeup thread upon rdev_dec_pending(). (bnc#771398)

- md: Correctly register error code on failure.

- md: Do not take mddev lock when reading rdev attributes from sysfs. (bnc#772420)

- md: unblock SET_DISK_FAULTY ioctl (bnc#768084). Hyper-V

- net/hyperv: Use wait_event on outstanding sends during device removal.

- Tools: hv: verify origin of netlink connector message.

- hyperv: Add support for setting MAC from within guests.

- Drivers: hv: Change the hex constant to a decimal constant.

- hyperv: Add error handling to rndis_filter_device_add().

- hyperv: Add a check for ring_size value.

- Drivers: hv: Cleanup the guest ID computation.

- hv: add RNDIS_OID_GEN_RNDIS_CONFIG_PARAMETER. Scheduler

- sched: Make sure to not re-read variables after validation. (bnc#769685)

- sched: Only queue remote wakeups when crossing cache boundaries part2. (bnc#754690)

- sched: really revert latency defaults to SP1 values.
(bnc#754690)

- sched: optimize latency defaults. (bnc#754690)

- sched: Save some hrtick_start_fair cycles. (bnc#754690)

- sched: use rt.nr_cpus_allowed to recover select_task_rq() cycles. (bnc#754690)

- sched: Set skip_clock_update in yield_task_fair().
(bnc#754690)

- sched: Do not call task_group() too many times in set_task_rq(). (bnc#754690)

- sched: ratelimit nohz. (bnc#754690)

- sched: Wrap scheduler p->cpus_allowed access.
(bnc#754690)

- sched: Avoid SMT siblings in select_idle_sibling() if possible. (bnc#754690)

- sched: Clean up domain traversal in select_idle_sibling(). (bnc#754690)

- sched: Remove rcu_read_lock/unlock() from select_idle_sibling(). (bnc#754690)

- sched: Fix the sched group node allocation for SD_OVERLAP domains. (bnc#754690)

- sched: add SD_SHARE_PKG_RESOURCES domain flags proc handler. (bnc#754690)

- sched: fix select_idle_sibling() induced bouncing (bnc#754690). Other fixes

- rt2800: add chipset revision RT5390R support.
(bnc#772566)

- reiserfs: fix deadlocks with quotas. (bnc#774285)

- VFS: avoid prepend_path warning about d_obtain_alias aliases. (bnc#773006)

- ntp: avoid printk under xtime_lock. (bnc#767684)

- kvm: kvmclock: apply kvmclock offset to guest wall clock time. (bnc#766445)

- bonding: allow all slave speeds. (bnc#771428)

- mm: hugetlbfs: Close race during teardown of hugetlbfs shared page tables.

- mm: hugetlbfs: Correctly detect if page tables have just been shared.

- patches.fixes/mm-hugetlb-decrement-mapcount-under-page_t able_lock.patch: Delete. (Fix bad PMD message displayed while using hugetlbfs (bnc#762366)).

- ALSA: hda - Evaluate gpio_led hints at the right moment.
(bnc#773878)

- proc: stats: Use arch_idle_time for idle and iowait times if available. (bnc#772893)

- tcp: perform DMA to userspace only if there is a task waiting for it. (bnc#773606)

- rt2x00: fix rt3290 resuming failed. (bnc#771778)

- patches.suse/SUSE-bootsplash: Refresh. (Fix wrong vfree() (bnc#773406))

- vhost: do not forget to schedule(). (bnc#767983)

- powerpc, kabi: reintroduce __cputime_msec_factor.
(bnc#771242)

- powerpc: Fix wrong divisor in usecs_to_cputime.
(bnc#771242)

- mm: use cpu_chill() in spin_trylock_page() and cancel on immediately RT. (bnc#768470)

- be2net: Fix EEH error reset before a flash dump completes. (bnc#755546)

- st: Fix adding of tape link from device directory.
(bnc#771102)

- idr: Fix locking of minor idr during failure-case removal and add freeing of minor idr during device removal.

- add firmware update for Atheros 0cf3:311f. (bnc#761775)

- Unset CONFIG_WATCHDOG_NOWAYOUT to prevent reboot of openais on service stop. (bnc#756585)

- Update config files: Enable CONFIG_RT2800PCI_RT3290.

- ida: simplified functions for id allocation.
(bnc#749291)

- ida: make ida_simple_get/put() IRQ safe. (bnc#749291)

- virtio-blk: use ida to allocate disk index. (bnc#749291)

- USB: option: Add USB ID for Novatel Ovation MC551.
(bnc#770269)

- USB: option: add id for Cellient MEN-200. (bnc#770269)

- Fix the position of SUSE logo on text screen.
(bnc#770238)

- enable Atheros 0cf3:311e for firmware upload.
(bnc#766733)

- scsi_dh_alua: Improve error handling. (bnc#715635)

- scsi: remove an unhandled error code message.
(bnc#715635)

- Add to support Ralink ROMA wifi chip. (bnc#758703)

- x86_64, UV: Update NMI handler for UV1000/2000 systems.
(bnc#746509, bnc#744655)

- kdb: Fix merge error in original kdb x86 patch.
(bnc#746509)

- udf: Avoid run away loop when partition table length is corrupted. (bnc#769784)

- udf: Fortify loading of sparing table. (bnc#769784)

- udf: Use ret instead of abusing i in udf_load_logicalvol(). (bnc#769784)

- intel_ips: blacklist HP ProBook laptops. (bnc#720946)

- drm: edid: Do not add inferred modes with higher resolution. (bnc#753172)

- init: mm: Reschedule when initialising large numbers of memory sections. (bnc#755620).

- x86/apic: Use x2apic physical mode based on FADT setting. (bnc#768052)

- acpiphp: add dmi info to acpiphp module. (bnc#754391)

- ntp: fix leap second hrtimer deadlock. (bnc#768632)

- ntp: avoid printk under xtime_lock. (bnc#767684)

- nohz: Fix update_ts_time_stat idle accounting.
(bnc#767469, bnc#705551)

- nohz: Make idle/iowait counter update conditional.
(bnc#767469, bnc#705551)

- bug: introduce BUILD_BUG_ON_INVALID() macro

- bug: completely remove code generated by disabled. (VM Performance).

- mm: call cond_resched in putback_lru_pages. (bnc#763968)

- Update x84-64 Xen config file (CONFIG_ACPI_PROCESSOR_AGGREGATOR=m).

- ia64 is odd man out, CONFIG_SCHED_HRTICK is not set, fix build failure due to missing hrtick_enabled() in that case.

- drm: Add poll blacklist for Dell Latitude E5420.
(bnc#756276)

- supported.conf: mark libceph and rbd as unsupported.

- drm/i915: Fix eDP blank screen after S3 resume on HP desktops. (bnc#752352)

- mm: hugetlb: Decrement mapcount under page table lock (Consistent mapcount decrementing under lock (bnc#762366)).

- mm: hugetlb: flush_tlb_range() needs page_table_lock when mmap_sem is not held (Consistent locking for TLB flush of hugetlb pages (bnc#762366)).

- mm/hugetlb.c: undo change to page mapcount in fault handler (Handle potential leaks in hugetlbfs error paths (bnc#762366)).

- drm/i915: Not all systems expose a firmware or platform mechanism for changing the backlight intensity on i915, so add native driver support. (bnc#752352)

- i915: do not setup intel_backlight twice. (bnc#752352)

- drm/i915: enable vdd when switching off the eDP panel.
(bnc#752352)

- Add missing definition blk_queue_dead().

- Backport patches from mainline to fix SCSI crash under heavy load (bnc#738284) :

- block: add blk_queue_dead(). (bnc#738284)

- block: add missing blk_queue_dead() checks. (bnc#738284)

- block: Fix race on request.end_io invocations.
(bnc#738284)

- fc class: fix scanning when devs are offline.
(bnc#738284)

- scsi: Fix device removal NULL pointer dereference.
(bnc#738284)

- fix DID_TARGET_FAILURE and DID_NEXUS_FAILURE host byte settings. (bnc#738284)

- scsi: Stop accepting SCSI requests before removing a device. (bnc#738284)

- Delete preliminary patch.

- Provide obsoleted KMPs (bnc#753353), fix ath3k obsoletes.

- mm: filemap: Optimise file-backed page faulting by emulating an adaptive sleeping spinlock. (bnc#762414)

- Add yet another product ID for HP cert machines.
(bnc#764339)

- x86: check for valid irq_cfg pointer in smp_irq_move_cleanup_interrupt. (bnc#763754)

- backing-dev: use synchronize_rcu_expedited instead of synchronize_rcu. (bnc#766027)

- sysfs: count subdirectories. (bnc#766027)

- kABI fix for sysfs-count-subdirectories. (bnc#766027)

- block: Introduce blk_set_stacking_limits function.
(bnc#763026)

Solution

Apply SAT patch number 6641 / 6643 / 6648 as appropriate.

Plugin Details

Severity: High

ID: 64178

File Name: suse_11_kernel-120805.nasl

Version: 1.4

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 1/25/2013

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:kernel-default, p-cpe:/a:novell:suse_linux:11:kernel-default-base, p-cpe:/a:novell:suse_linux:11:kernel-default-devel, p-cpe:/a:novell:suse_linux:11:kernel-default-extra, p-cpe:/a:novell:suse_linux:11:kernel-default-man, p-cpe:/a:novell:suse_linux:11:kernel-ec2, p-cpe:/a:novell:suse_linux:11:kernel-ec2-base, p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel, p-cpe:/a:novell:suse_linux:11:kernel-pae, p-cpe:/a:novell:suse_linux:11:kernel-pae-base, p-cpe:/a:novell:suse_linux:11:kernel-pae-devel, p-cpe:/a:novell:suse_linux:11:kernel-pae-extra, p-cpe:/a:novell:suse_linux:11:kernel-source, p-cpe:/a:novell:suse_linux:11:kernel-syms, p-cpe:/a:novell:suse_linux:11:kernel-trace, p-cpe:/a:novell:suse_linux:11:kernel-trace-base, p-cpe:/a:novell:suse_linux:11:kernel-trace-devel, p-cpe:/a:novell:suse_linux:11:kernel-trace-extra, p-cpe:/a:novell:suse_linux:11:kernel-xen, p-cpe:/a:novell:suse_linux:11:kernel-xen-base, p-cpe:/a:novell:suse_linux:11:kernel-xen-devel, p-cpe:/a:novell:suse_linux:11:kernel-xen-extra, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 8/5/2012

Reference Information

CVE: CVE-2012-3375, CVE-2012-3400

Detections

Analytics