openSUSE Security Update : kernel (openSUSE-SU-2013:0923-1)

High Nessus Plugin ID 74985

Synopsis

The remote openSUSE host is missing a security update.

Description

The openSUSE 12.3 kernel was updated to fix various security issues and bugs :

- config.conf: Disable armv7hl/u8500 until it builds again

- patches.fixes/ocfs2-Fix-oops-in-ocfs2_fast_symlink_readp age: ocfs2: Fix oops in ocfs2_fast_symlink_readpage() code path

- drm/nouveau: Fix typo in init_idx_addr_latched() (bnc#800686).

- rtl28xxu: Add USB ID for MaxMedia HU394-T (bnc#812113).

- rtl28xxu: Add USB IDs for Compro VideoMate U620F (bnc#812113).

- Support Digivox Mini HD (rtl2832) (bnc#812113).

- rtl28xxu: correct some device names (bnc#812113).

- rtl28xxu: add Gigabyte U7300 DVB-T Dongle (bnc#812113).

- rtl28xxu: [1b80:d3a8] ASUS My Cinema-U3100Mini Plus V2 (bnc#812113).

- rtl28xxu: add NOXON DAB/DAB+ USB dongle rev 2 (bnc#812113).

- drm: correctly restore mappings if drm_open fails (bnc#807850).

- Drivers: hv: vmbus: Fix a bug in hv_need_to_signal() (bnc#811417).

- svcrpc: fix rpc server shutdown races (bnc#802812).

- Update patches to what was accepted upstream.

- Refresh patches.arch/kvm-convert-msr_kvm_system_time-to-use-gfn_ to_hva_cache_init.patch.

- Refresh patches.arch/kvm-fix-for-buffer-overflow-in-handling-of- msr_kvm_system_time.patch.

- KVM: Convert MSR_KVM_SYSTEM_TIME to use gfn_to_hva_cache_init (bnc#806980 CVE-2013-1797).

- KVM: Fix bounds checking in ioapic indirect register read (bnc#806980 CVE-2013-1798).

- KVM: Fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (bnc#806980 CVE-2013-1796).

- kabi/severities: Allow kvm abi changes - kvm modules are self consistent

- loopdev: fix a deadlock (bnc#809748).

- block: use i_size_write() in bd_set_size() (bnc#809748).

- drm/i915: bounds check execbuffer relocation count (bnc#808829,CVE-2013-0913).

- TTY: do not reset master's packet mode (bnc#809330).

- Update patches.fixes/ext3-Fix-format-string-issues.patch (bnc#809155 CVE-2013-1848).

- ext3: Fix format string issues (bnc#809155).

- Drivers: hv: balloon: Do not request completion notification (fate#314663).

- e1000e: fix runtime power management transitions (bnc#806966).

- e1000e: fix pci-device enable-counter balance (bnc#806966).

- e1000e: fix accessing to suspended device (bnc#806966).

- gpio-ich: Fix ichx_gpio_check_available() return what callers expect.

- gpio/ich: Add missing spinlock init.

- Refresh patches.suse/SUSE-bootsplash-mgadrmfb-workaround. Add the same w/a for ast and cirrus KMS, too (bnc#806990).

- Fix broken VT1 output with mgadrmfb (bnc#806990).

- PCI/PM: Clear state_saved during suspend (bnc#806966).

Solution

Update the affected kernel packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=800686

https://bugzilla.novell.com/show_bug.cgi?id=802812

https://bugzilla.novell.com/show_bug.cgi?id=806966

https://bugzilla.novell.com/show_bug.cgi?id=806980

https://bugzilla.novell.com/show_bug.cgi?id=806990

https://bugzilla.novell.com/show_bug.cgi?id=807850

https://bugzilla.novell.com/show_bug.cgi?id=808829

https://bugzilla.novell.com/show_bug.cgi?id=809155

https://bugzilla.novell.com/show_bug.cgi?id=809330

https://bugzilla.novell.com/show_bug.cgi?id=809748

https://bugzilla.novell.com/show_bug.cgi?id=811417

https://bugzilla.novell.com/show_bug.cgi?id=812113

https://lists.opensuse.org/opensuse-updates/2013-06/msg00059.html

Plugin Details

Severity: High

ID: 74985

File Name: openSUSE-2013-398.nasl

Version: 1.2

Type: local

Agent: unix

Published: 2014/06/13

Updated: 2018/11/10

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop, p-cpe:/a:novell:opensuse:kernel-desktop-base, p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debugsource, p-cpe:/a:novell:opensuse:kernel-desktop-devel, p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-ec2, p-cpe:/a:novell:opensuse:kernel-ec2-base, p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debugsource, p-cpe:/a:novell:opensuse:kernel-ec2-devel, p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debugsource, p-cpe:/a:novell:opensuse:kernel-pae-devel, p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-trace, p-cpe:/a:novell:opensuse:kernel-trace-base, p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debugsource, p-cpe:/a:novell:opensuse:kernel-trace-devel, p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debugsource, p-cpe:/a:novell:opensuse:kernel-xen-devel, p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo, cpe:/o:novell:opensuse:12.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2013/04/23

Reference Information

CVE: CVE-2013-0913, CVE-2013-1796, CVE-2013-1797, CVE-2013-1798, CVE-2013-1848