SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 8587)
Medium Nessus Plugin ID 66782
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionThe SUSE Linux Enterprise 10 SP4 kernel has been updated to fix various bugs and security issues.
Security issues fixed :
- The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel allowed remote attackers to bypass intended network restrictions via overlapping IPv6 fragments. (CVE-2012-4444)
- The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel lacked a certain error check, which might have allowed local users to obtain sensitive information from kernel stack memory via a crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb device. (CVE-2013-1928)
Also the following bugs have been fixed :
- hugetlb: Fix regression introduced by the original patch. (bnc#790236, bnc#819403)
- NFSv3/v2: Fix data corruption with NFS short reads.
- Fix package descriptions in specfiles. (bnc#817666)
- TTY: fix atime/mtime regression. (bnc#815745)
- virtio_net: ensure big packets are 64k. (bnc#760753)
- virtio_net: refill rx buffers when oom occurs.
- qeth: fix qeth_wait_for_threads() deadlock for OSN devices (bnc#812317, LTC#90910).
- nfsd: remove unnecessary NULL checks from nfsd_cross_mnt. (bnc#810628)
- knfsd: Fixed problem with NFS exporting directories which are mounted on. (bnc#810628)
SolutionApply ZYPP patch number 8587.