openSUSE Security Update : Kernel (openSUSE-SU-2012:0812-1)

high Nessus Plugin ID 74661
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote openSUSE host is missing a security update.


This kernel update of the openSUSE 12.1 kernel brings various bug and security fixes.

Following issues were fixed :

- tcp: drop SYN+FIN messages (bnc#765102, CVE-2012-2663).

- net: sock: validate data_len before allocating skb in sock_alloc_send_pskb() (bnc#765320, CVE-2012-2136).

- thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE (bnc#762991).

- be2net: non-member vlan pkts not received in promiscous mode (bnc#732006 CVE-2011-3347).

- fcaps: clear the same personality flags as suid when fcaps are used (bnc#758260 CVE-2012-2123).

- macvtap: zerocopy: validate vectors before building skb (bnc#758243 CVE-2012-2119).

- macvtap: zerocopy: set SKBTX_DEV_ZEROCOPY only when skb is built successfully (bnc#758243 CVE-2012-2119).

- macvtap: zerocopy: put page when fail to get all requested user pages (bnc#758243 CVE-2012-2119).

- macvtap: zerocopy: fix offset calculation when building skb (bnc#758243 CVE-2012-2119).

- Avoid reading past buffer when calling GETACL (bnc#762992).

- Avoid beyond bounds copy while caching ACL (bnc#762992).

- Fix length of buffer copied in __nfs4_get_acl_uncached (bnc#762992).

- hfsplus: Fix potential buffer overflows (bnc#760902 CVE-2009-4020).

- usb/net: rndis: merge command codes. only net/hyperv part

- usb/net: rndis: remove ambiguous status codes. only net/hyperv part

- usb/net: rndis: break out <linux/rndis.h> defines. only net/hyperv part

- net/hyperv: Add flow control based on hi/low watermark.

- hv: fix return type of hv_post_message().

- Drivers: hv: util: Properly handle version negotiations.

- Drivers: hv: Get rid of an unnecessary check in vmbus_prep_negotiate_resp().

- HID: hyperv: Set the hid drvdata correctly.

- HID: hid-hyperv: Do not use hid_parse_report() directly.

- [SCSI] storvsc: Properly handle errors from the host (bnc#747404).

- Delete patches.suse/suse-hv-storvsc-ignore-ata_16.patch.

- patches.suse/suse-hv-pata_piix-ignore-disks.patch replace our version of this patch with upstream variant:
ata_piix: defer disks to the Hyper-V drivers by default libata: add a host flag to ignore detected ATA devices.

- mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race condition (bnc#762991 CVE-2012-2373).

- xfrm: take net hdr len into account for esp payload size calculation (bnc#759545).

- net/hyperv: Adding cancellation to ensure rndis filter is closed.

- xfs: Fix oops on IO error during xlog_recover_process_iunlinks() (bnc#761681).

- thp: reduce khugepaged freezing latency (bnc#760860).

- igb: fix rtnl race in PM resume path (bnc#748859).

- ixgbe: add missing rtnl_lock in PM resume path (bnc#748859).

- cdc_ether: Ignore bogus union descriptor for RNDIS devices (bnc#735362). Taking the fix from net-next

- Fix kABI breakage due to including proc_fs.h in kernel/fork.c modversion changed because of changes in struct proc_dir_entry (became defined) Refresh patches.fixes/procfs-namespace-pid_ns-fix-leakage-on-for k-failure.

- Disabled MMC_TEST (bnc#760077).

- Input: ALPS - add semi-MT support for v3 protocol (bnc#716996).

- Input: ALPS - add support for protocol versions 3 and 4 (bnc#716996).

- Input: ALPS - remove assumptions about packet size (bnc#716996).

- Input: ALPS - add protocol version field in alps_model_info (bnc#716996).

- Input: ALPS - move protocol information to Documentation (bnc#716996).

- sysctl/defaults: kernel.hung_task_timeout -> kernel.hung_task_timeout_secs (bnc#700174)

- btrfs: partial revert of truncation improvements (FATE#306586 bnc#748463 bnc#760279).

- libata: skip old error history when counting probe trials.

- procfs, namespace, pid_ns: fix leakage upon fork() failure (bnc#757783).

- cdc-wdm: fix race leading leading to memory corruption (bnc#759554). This patch fixes a race whereby a pointer to a buffer would be overwritten while the buffer was in use leading to a double free and a memory leak. This causes crashes. This bug was introduced in 2.6.34

- netfront: delay gARP until backend switches to Connected.

- xenbus: Reject replies with payload > XENSTORE_PAYLOAD_MAX.

- xenbus: check availability of XS_RESET_WATCHES command.

- xenbus_dev: add missing error checks to watch handling.

- drivers/xen/: use strlcpy() instead of strncpy().

- blkfront: properly fail packet requests (bnc#745929).

- Linux 3.1.10.

- Update Xen config files.

- Refresh other Xen patches.

- tlan: add cast needed for proper 64 bit operation (bnc#756840).

- dl2k: Tighten ioctl permissions (bnc#758813).

- mqueue: fix a vfsmount longterm reference leak (bnc#757783).

- cciss: Add IRQF_SHARED back in for the non-MSI(X) interrupt handler (bnc#757789).

- procfs: fix a vfsmount longterm reference leak (bnc#757783).

- uwb: fix error handling (bnc#731720). This fixes a kernel error on unplugging an uwb dongle

- uwb: fix use of del_timer_sync() in interrupt (bnc#731720). This fixes a kernel warning on plugging in an uwb dongle

- acer-wmi: Detect communication hot key number.

- acer-wmi: replaced the hard coded bitmap by the communication devices bitmap from SMBIOS.

- acer-wmi: add ACER_WMID_v2 interface flag to represent new notebooks.

- acer-wmi: No wifi rfkill on Sony machines.

- acer-wmi: No wifi rfkill on Lenovo machines.

- [media] cx22702: Fix signal strength.

- fs: cachefiles: Add support for large files in filesystem caching (bnc#747038).

- Drivers: scsi: storvsc: Account for in-transit packets in the RESET path.

- CPU hotplug, cpusets, suspend: Don't touch cpusets during suspend/resume (bnc#752460).

- net: fix a potential rcu_read_lock() imbalance in rt6_fill_node() (bnc#754186, bnc#736268).

- This commit fixes suspend to ram breakage reported in bnc#764864. Remove dud patch. The problem it addressed is being respun upstream, is in tip, but not yet mainlined. See bnc#752460 for details regarding the problem the now removed patch fixed while breaking S2R.
Delete patches.fixes/cpusets-Dont-touch-cpusets-during-suspend- or-resume.patch.

- Remove dud patch. The problem it addressed is being respun upstream, is in tip, but not yet mainlined.
Delete patches.fixes/cpusets-Dont-touch-cpusets-during-suspend- or-resume.patch.

- fix VM_FOREIGN users after c/s 878:eba6fe6d8d53 (bnc#760974).

- gntdev: fix multi-page slot allocation (bnc#760974).

- mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populateSMP race condition (bnc#762991 CVE-2012-2373).

- thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE (bnc#762991).

- sym53c8xx: Fix NULL pointer dereference in slave_destroy (bnc#767786).

- sky2: fix regression on Yukon Optima (bnc#731537).


Update the affected Kernel packages.

See Also

Plugin Details

Severity: High

ID: 74661

File Name: openSUSE-2012-357.nasl

Version: 1.11

Type: local

Agent: unix

Published: 6/13/2014

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information


Risk Factor: Medium

Score: 5.9


Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop, p-cpe:/a:novell:opensuse:kernel-desktop-base, p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debugsource, p-cpe:/a:novell:opensuse:kernel-desktop-devel, p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-ec2, p-cpe:/a:novell:opensuse:kernel-ec2-base, p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debugsource, p-cpe:/a:novell:opensuse:kernel-ec2-devel, p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-extra, p-cpe:/a:novell:opensuse:kernel-ec2-extra-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debugsource, p-cpe:/a:novell:opensuse:kernel-pae-devel, p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-trace, p-cpe:/a:novell:opensuse:kernel-trace-base, p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debugsource, p-cpe:/a:novell:opensuse:kernel-trace-devel, p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-base, p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debugsource, p-cpe:/a:novell:opensuse:kernel-xen-devel, p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo, cpe:/o:novell:opensuse:12.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 6/27/2012

Reference Information

CVE: CVE-2009-4020, CVE-2011-3347, CVE-2012-2119, CVE-2012-2123, CVE-2012-2136, CVE-2012-2373, CVE-2012-2663

CWE: 119