openSUSE Security Update : Kernel (openSUSE-SU-2012:0812-1)

high Nessus Plugin ID 74661

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote openSUSE host is missing a security update.

Description

This kernel update of the openSUSE 12.1 kernel brings various bug and security fixes.

Following issues were fixed :

 - tcp: drop SYN+FIN messages (bnc#765102, CVE-2012-2663).

 - net: sock: validate data_len before allocating skb in sock_alloc_send_pskb() (bnc#765320, CVE-2012-2136).

 - thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE (bnc#762991).

 - be2net: non-member vlan pkts not received in promiscous mode (bnc#732006 CVE-2011-3347).

 - fcaps: clear the same personality flags as suid when fcaps are used (bnc#758260 CVE-2012-2123).

 - macvtap: zerocopy: validate vectors before building skb (bnc#758243 CVE-2012-2119).

 - macvtap: zerocopy: set SKBTX_DEV_ZEROCOPY only when skb is built successfully (bnc#758243 CVE-2012-2119).

 - macvtap: zerocopy: put page when fail to get all requested user pages (bnc#758243 CVE-2012-2119).

 - macvtap: zerocopy: fix offset calculation when building skb (bnc#758243 CVE-2012-2119).

 - Avoid reading past buffer when calling GETACL (bnc#762992).

 - Avoid beyond bounds copy while caching ACL (bnc#762992).

 - Fix length of buffer copied in __nfs4_get_acl_uncached (bnc#762992).

 - hfsplus: Fix potential buffer overflows (bnc#760902 CVE-2009-4020).

 - usb/net: rndis: merge command codes. only net/hyperv part

 - usb/net: rndis: remove ambiguous status codes. only net/hyperv part

 - usb/net: rndis: break out <linux/rndis.h> defines. only net/hyperv part

 - net/hyperv: Add flow control based on hi/low watermark.

 - hv: fix return type of hv_post_message().

 - Drivers: hv: util: Properly handle version negotiations.

 - Drivers: hv: Get rid of an unnecessary check in vmbus_prep_negotiate_resp().

 - HID: hyperv: Set the hid drvdata correctly.

 - HID: hid-hyperv: Do not use hid_parse_report() directly.

 - [SCSI] storvsc: Properly handle errors from the host (bnc#747404).

 - Delete patches.suse/suse-hv-storvsc-ignore-ata_16.patch.

 - patches.suse/suse-hv-pata_piix-ignore-disks.patch replace our version of this patch with upstream variant:
 ata_piix: defer disks to the Hyper-V drivers by default libata: add a host flag to ignore detected ATA devices.

 - mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race condition (bnc#762991 CVE-2012-2373).

 - xfrm: take net hdr len into account for esp payload size calculation (bnc#759545).

 - net/hyperv: Adding cancellation to ensure rndis filter is closed.

 - xfs: Fix oops on IO error during xlog_recover_process_iunlinks() (bnc#761681).

 - thp: reduce khugepaged freezing latency (bnc#760860).

 - igb: fix rtnl race in PM resume path (bnc#748859).

 - ixgbe: add missing rtnl_lock in PM resume path (bnc#748859).

 - cdc_ether: Ignore bogus union descriptor for RNDIS devices (bnc#735362). Taking the fix from net-next

 - Fix kABI breakage due to including proc_fs.h in kernel/fork.c modversion changed because of changes in struct proc_dir_entry (became defined) Refresh patches.fixes/procfs-namespace-pid_ns-fix-leakage-on-for k-failure.

 - Disabled MMC_TEST (bnc#760077).

 - Input: ALPS - add semi-MT support for v3 protocol (bnc#716996).

 - Input: ALPS - add support for protocol versions 3 and 4 (bnc#716996).

 - Input: ALPS - remove assumptions about packet size (bnc#716996).

 - Input: ALPS - add protocol version field in alps_model_info (bnc#716996).

 - Input: ALPS - move protocol information to Documentation (bnc#716996).

 - sysctl/defaults: kernel.hung_task_timeout -> kernel.hung_task_timeout_secs (bnc#700174)

 - btrfs: partial revert of truncation improvements (FATE#306586 bnc#748463 bnc#760279).

 - libata: skip old error history when counting probe trials.

 - procfs, namespace, pid_ns: fix leakage upon fork() failure (bnc#757783).

 - cdc-wdm: fix race leading leading to memory corruption (bnc#759554). This patch fixes a race whereby a pointer to a buffer would be overwritten while the buffer was in use leading to a double free and a memory leak. This causes crashes. This bug was introduced in 2.6.34

 - netfront: delay gARP until backend switches to Connected.

 - xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX.

 - xenbus: check availability of XS_RESET_WATCHES command.

 - xenbus_dev: add missing error checks to watch handling.

 - drivers/xen/: use strlcpy() instead of strncpy().

 - blkfront: properly fail packet requests (bnc#745929).

 - Linux 3.1.10.

 - Update Xen config files.

 - Refresh other Xen patches.

 - tlan: add cast needed for proper 64 bit operation (bnc#756840).

 - dl2k: Tighten ioctl permissions (bnc#758813).

 - mqueue: fix a vfsmount longterm reference leak (bnc#757783).

 - cciss: Add IRQF_SHARED back in for the non-MSI(X) interrupt handler (bnc#757789).

 - procfs: fix a vfsmount longterm reference leak (bnc#757783).

 - uwb: fix error handling (bnc#731720). This fixes a kernel error on unplugging an uwb dongle

 - uwb: fix use of del_timer_sync() in interrupt (bnc#731720). This fixes a kernel warning on plugging in an uwb dongle

 - acer-wmi: Detect communication hot key number.

 - acer-wmi: replaced the hard coded bitmap by the communication devices bitmap from SMBIOS.

 - acer-wmi: add ACER_WMID_v2 interface flag to represent new notebooks.

 - acer-wmi: No wifi rfkill on Sony machines.

 - acer-wmi: No wifi rfkill on Lenovo machines.

 - [media] cx22702: Fix signal strength.

 - fs: cachefiles: Add support for large files in filesystem caching (bnc#747038).

 - Drivers: scsi: storvsc: Account for in-transit packets in the RESET path.

 - CPU hotplug, cpusets, suspend: Don't touch cpusets during suspend/resume (bnc#752460).

 - net: fix a potential rcu_read_lock() imbalance in rt6_fill_node() (bnc#754186, bnc#736268).

 - This commit fixes suspend to ram breakage reported in bnc#764864. Remove dud patch. The problem it addressed is being respun upstream, is in tip, but not yet mainlined. See bnc#752460 for details regarding the problem the now removed patch fixed while breaking S2R.
 Delete patches.fixes/cpusets-Dont-touch-cpusets-during-suspend- or-resume.patch.

 - Remove dud patch. The problem it addressed is being respun upstream, is in tip, but not yet mainlined.
 Delete patches.fixes/cpusets-Dont-touch-cpusets-during-suspend- or-resume.patch.

 - fix VM_FOREIGN users after c/s 878:eba6fe6d8d53 (bnc#760974).

 - gntdev: fix multi-page slot allocation (bnc#760974).

 - mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populateSMP race condition (bnc#762991 CVE-2012-2373).

 - thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE (bnc#762991).

 - sym53c8xx: Fix NULL pointer dereference in slave_destroy (bnc#767786).

 - sky2: fix regression on Yukon Optima (bnc#731537).

Solution

Update the affected Kernel packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=700174

https://bugzilla.novell.com/show_bug.cgi?id=716996

https://bugzilla.novell.com/show_bug.cgi?id=731537

https://bugzilla.novell.com/show_bug.cgi?id=731720

https://bugzilla.novell.com/show_bug.cgi?id=732006

https://bugzilla.novell.com/show_bug.cgi?id=735362

https://bugzilla.novell.com/show_bug.cgi?id=736268

https://bugzilla.novell.com/show_bug.cgi?id=745929

https://bugzilla.novell.com/show_bug.cgi?id=747038

https://bugzilla.novell.com/show_bug.cgi?id=747404

https://bugzilla.novell.com/show_bug.cgi?id=748463

https://bugzilla.novell.com/show_bug.cgi?id=748859

https://bugzilla.novell.com/show_bug.cgi?id=752460

https://bugzilla.novell.com/show_bug.cgi?id=754186

https://bugzilla.novell.com/show_bug.cgi?id=756840

https://bugzilla.novell.com/show_bug.cgi?id=757783

https://bugzilla.novell.com/show_bug.cgi?id=757789

https://bugzilla.novell.com/show_bug.cgi?id=758243

https://bugzilla.novell.com/show_bug.cgi?id=758260

https://bugzilla.novell.com/show_bug.cgi?id=758813

https://bugzilla.novell.com/show_bug.cgi?id=759545

https://bugzilla.novell.com/show_bug.cgi?id=759554

https://bugzilla.novell.com/show_bug.cgi?id=760077

https://bugzilla.novell.com/show_bug.cgi?id=760279

https://bugzilla.novell.com/show_bug.cgi?id=760860

https://bugzilla.novell.com/show_bug.cgi?id=760902

https://bugzilla.novell.com/show_bug.cgi?id=760974

https://bugzilla.novell.com/show_bug.cgi?id=761681

https://bugzilla.novell.com/show_bug.cgi?id=762991

https://bugzilla.novell.com/show_bug.cgi?id=762992

https://bugzilla.novell.com/show_bug.cgi?id=764864

https://bugzilla.novell.com/show_bug.cgi?id=765102

https://bugzilla.novell.com/show_bug.cgi?id=765320

https://bugzilla.novell.com/show_bug.cgi?id=767786

https://lists.opensuse.org/opensuse-updates/2012-07/msg00002.html

Plugin Details

Severity: High

ID: 74661

File Name: openSUSE-2012-357.nasl

Version: 1.11

Type: local

Agent: unix

Published: 6/13/2014

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop, p-cpe:/a:novell:opensuse:kernel-desktop-base, p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debugsource, p-cpe:/a:novell:opensuse:kernel-desktop-devel, p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-ec2, p-cpe:/a:novell:opensuse:kernel-ec2-base, p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debugsource, p-cpe:/a:novell:opensuse:kernel-ec2-devel, p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-extra, p-cpe:/a:novell:opensuse:kernel-ec2-extra-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debugsource, p-cpe:/a:novell:opensuse:kernel-pae-devel, p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-trace, p-cpe:/a:novell:opensuse:kernel-trace-base, p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debugsource, p-cpe:/a:novell:opensuse:kernel-trace-devel, p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-base, p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debugsource, p-cpe:/a:novell:opensuse:kernel-xen-devel, p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo, cpe:/o:novell:opensuse:12.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 6/27/2012

Reference Information

CVE: CVE-2009-4020, CVE-2011-3347, CVE-2012-2119, CVE-2012-2123, CVE-2012-2136, CVE-2012-2373, CVE-2012-2663

CWE: 119