openSUSE Security Update : kernel (openSUSE-SU-2013:0923-1)

High Nessus Plugin ID 74985

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6

Synopsis

The remote openSUSE host is missing a security update.

Description

The openSUSE 12.3 kernel was updated to fix various security issues and bugs :

- config.conf: Disable armv7hl/u8500 until it builds again

- patches.fixes/ocfs2-Fix-oops-in-ocfs2_fast_symlink_readp age: ocfs2: Fix oops in ocfs2_fast_symlink_readpage() code path

- drm/nouveau: Fix typo in init_idx_addr_latched() (bnc#800686).

- rtl28xxu: Add USB ID for MaxMedia HU394-T (bnc#812113).

- rtl28xxu: Add USB IDs for Compro VideoMate U620F (bnc#812113).

- Support Digivox Mini HD (rtl2832) (bnc#812113).

- rtl28xxu: correct some device names (bnc#812113).

- rtl28xxu: add Gigabyte U7300 DVB-T Dongle (bnc#812113).

- rtl28xxu: [1b80:d3a8] ASUS My Cinema-U3100Mini Plus V2 (bnc#812113).

- rtl28xxu: add NOXON DAB/DAB+ USB dongle rev 2 (bnc#812113).

- drm: correctly restore mappings if drm_open fails (bnc#807850).

- Drivers: hv: vmbus: Fix a bug in hv_need_to_signal() (bnc#811417).

- svcrpc: fix rpc server shutdown races (bnc#802812).

- Update patches to what was accepted upstream.

- Refresh patches.arch/kvm-convert-msr_kvm_system_time-to-use-gfn_ to_hva_cache_init.patch.

- Refresh patches.arch/kvm-fix-for-buffer-overflow-in-handling-of- msr_kvm_system_time.patch.

- KVM: Convert MSR_KVM_SYSTEM_TIME to use gfn_to_hva_cache_init (bnc#806980 CVE-2013-1797).

- KVM: Fix bounds checking in ioapic indirect register read (bnc#806980 CVE-2013-1798).

- KVM: Fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (bnc#806980 CVE-2013-1796).

- kabi/severities: Allow kvm abi changes - kvm modules are self consistent

- loopdev: fix a deadlock (bnc#809748).

- block: use i_size_write() in bd_set_size() (bnc#809748).

- drm/i915: bounds check execbuffer relocation count (bnc#808829,CVE-2013-0913).

- TTY: do not reset master's packet mode (bnc#809330).

- Update patches.fixes/ext3-Fix-format-string-issues.patch (bnc#809155 CVE-2013-1848).

- ext3: Fix format string issues (bnc#809155).

- Drivers: hv: balloon: Do not request completion notification (fate#314663).

- e1000e: fix runtime power management transitions (bnc#806966).

- e1000e: fix pci-device enable-counter balance (bnc#806966).

- e1000e: fix accessing to suspended device (bnc#806966).

- gpio-ich: Fix ichx_gpio_check_available() return what callers expect.

- gpio/ich: Add missing spinlock init.

- Refresh patches.suse/SUSE-bootsplash-mgadrmfb-workaround. Add the same w/a for ast and cirrus KMS, too (bnc#806990).

- Fix broken VT1 output with mgadrmfb (bnc#806990).

- PCI/PM: Clear state_saved during suspend (bnc#806966).

Solution

Update the affected kernel packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=800686

https://bugzilla.novell.com/show_bug.cgi?id=802812

https://bugzilla.novell.com/show_bug.cgi?id=806966

https://bugzilla.novell.com/show_bug.cgi?id=806980

https://bugzilla.novell.com/show_bug.cgi?id=806990

https://bugzilla.novell.com/show_bug.cgi?id=807850

https://bugzilla.novell.com/show_bug.cgi?id=808829

https://bugzilla.novell.com/show_bug.cgi?id=809155

https://bugzilla.novell.com/show_bug.cgi?id=809330

https://bugzilla.novell.com/show_bug.cgi?id=809748

https://bugzilla.novell.com/show_bug.cgi?id=811417

https://bugzilla.novell.com/show_bug.cgi?id=812113

https://lists.opensuse.org/opensuse-updates/2013-06/msg00059.html

Plugin Details

Severity: High

ID: 74985

File Name: openSUSE-2013-398.nasl

Version: 1.3

Type: local

Agent: unix

Published: 2014/06/13

Updated: 2020/06/04

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 6

CVSS v2.0

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop, p-cpe:/a:novell:opensuse:kernel-desktop-base, p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debugsource, p-cpe:/a:novell:opensuse:kernel-desktop-devel, p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-ec2, p-cpe:/a:novell:opensuse:kernel-ec2-base, p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debugsource, p-cpe:/a:novell:opensuse:kernel-ec2-devel, p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debugsource, p-cpe:/a:novell:opensuse:kernel-pae-devel, p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-trace, p-cpe:/a:novell:opensuse:kernel-trace-base, p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debugsource, p-cpe:/a:novell:opensuse:kernel-trace-devel, p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debugsource, p-cpe:/a:novell:opensuse:kernel-xen-devel, p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo, cpe:/o:novell:opensuse:12.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2013/04/23

Reference Information

CVE: CVE-2013-0913, CVE-2013-1796, CVE-2013-1797, CVE-2013-1798, CVE-2013-1848