openSUSE Security Update : kernel (openSUSE-SU-2014:0204-1)

High Nessus Plugin ID 75251

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 9

Synopsis

The remote openSUSE host is missing a security update.

Description

The Linux kernel was updated to fix various bugs and security issues :

- mm/page-writeback.c: do not count anon pages as dirtyable memory (reclaim stalls).

- mm/page-writeback.c: fix dirty_balance_reserve subtraction from dirtyable memory (reclaim stalls).

- compat_sys_recvmmsg X32 fix (bnc#860993 CVE-2014-0038).

- hwmon: (coretemp) Fix truncated name of alarm attributes

- net: fib: fib6_add: fix potential NULL pointer dereference (bnc#854173 CVE-2013-6431).

- keys: fix race with concurrent install_user_keyrings() (bnc#808358)(CVE-2013-1792).

- KVM: x86: Convert vapic synchronization to _cached functions (CVE-2013-6368) (bnc#853052 CVE-2013-6368).

- wireless: radiotap: fix parsing buffer overrun (bnc#854634 CVE-2013-7027).

- KVM: x86: fix guest-initiated crash with x2apic (CVE-2013-6376) (bnc#853053 CVE-2013-6376).

- KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) (bnc#853051 CVE-2013-6367).

- KVM: Improve create VCPU parameter (CVE-2013-4587) (bnc#853050 CVE-2013-4587).

- staging: ozwpan: prevent overflow in oz_cdev_write() (bnc#849023 CVE-2013-4513).

- perf/x86: Fix offcore_rsp valid mask for SNB/IVB (bnc#825006).

- perf/x86: Add Intel IvyBridge event scheduling constraints (bnc#825006).

- libertas: potential oops in debugfs (bnc#852559 CVE-2013-6378).

- aacraid: prevent invalid pointer dereference (bnc#852373 CVE-2013-6380).

- staging: wlags49_h2: buffer overflow setting station name (bnc#849029 CVE-2013-4514).

- net: flow_dissector: fail on evil iph->ihl (bnc#848079 CVE-2013-4348).

- Staging: bcm: info leak in ioctl (bnc#849034 CVE-2013-4515).

- Refresh patches.fixes/net-rework-recvmsg-handler-msg_name-and-ms g_namelen-logic.patch.

- ipv6: remove max_addresses check from ipv6_create_tempaddr (bnc#805226, CVE-2013-0343).

- net: rework recvmsg handler msg_name and msg_namelen logic (bnc#854722).

- crypto: ansi_cprng - Fix off by one error in non-block size request (bnc#840226).

- x6: Fix reserve_initrd so that acpi_initrd_override is reached (bnc#831836).

- Refresh other Xen patches.

- aacraid: missing capable() check in compat ioctl (bnc#852558).

- patches.fixes/gpio-ich-fix-ichx_gpio_check_available-ret urn.patch: Update upstream reference

- perf/ftrace: Fix paranoid level for enabling function tracer (bnc#849362).

- xhci: fix NULL pointer dereference on ring_doorbell_for_active_rings (bnc#848255).

- xhci: Fix oops happening after address device timeout (bnc#848255).

- xhci: Ensure a command structure points to the correct trb on the command ring (bnc#848255).

- patches.arch/iommu-vt-d-remove-stack-trace-from-broken-i rq-remapping-warning.patch: Update upstream reference.

- Allow NFSv4 username mapping to work properly (bnc#838024).

- Refresh btrfs attribute publishing patchset to match openSUSE-13.1 No user-visible changes, but uses kobj_sysfs_ops and better kobject lifetime management.

- Fix a few incorrectly checked [io_]remap_pfn_range() calls (bnc#849021, CVE-2013-4511).

- drm/radeon: don't set hpd, afmt interrupts when interrupts are disabled.

- patches.fixes/cifs-fill-TRANS2_QUERY_FILE_INFO-ByteCount
-fields.patch: Fix TRANS2_QUERY_FILE_INFO ByteCount fields (bnc#804950).

- iommu: Remove stack trace from broken irq remapping warning (bnc#844513).

- Disable patches related to bnc#840656 patches.suse/btrfs-cleanup-don-t-check-the-same-thing-tw ice patches.suse/btrfs-0220-fix-for-patch-cleanup-don-t-chec k-the-same-thi.patch

- btrfs: use feature attribute names to print better error messages.

- btrfs: add ability to change features via sysfs.

- btrfs: add publishing of unknown features in sysfs.

- btrfs: publish per-super features to sysfs.

- btrfs: add per-super attributes to sysfs.

- btrfs: export supported featured to sysfs.

- kobject: introduce kobj_completion.

- btrfs: add ioctls to query/change feature bits online.

- btrfs: use btrfs_commit_transaction when setting fslabel.

- x86/iommu/vt-d: Expand interrupt remapping quirk to cover x58 chipset (bnc#844513).

- NFSv4: Fix issues in nfs4_discover_server_trunking (bnc#811746).

- iommu/vt-d: add quirk for broken interrupt remapping on 55XX chipsets (bnc#844513).

Solution

Update the affected kernel packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=804950

https://bugzilla.novell.com/show_bug.cgi?id=805226

https://bugzilla.novell.com/show_bug.cgi?id=808358

https://bugzilla.novell.com/show_bug.cgi?id=811746

https://bugzilla.novell.com/show_bug.cgi?id=825006

https://bugzilla.novell.com/show_bug.cgi?id=831836

https://bugzilla.novell.com/show_bug.cgi?id=838024

https://bugzilla.novell.com/show_bug.cgi?id=840226

https://bugzilla.novell.com/show_bug.cgi?id=840656

https://bugzilla.novell.com/show_bug.cgi?id=844513

https://bugzilla.novell.com/show_bug.cgi?id=848079

https://bugzilla.novell.com/show_bug.cgi?id=848255

https://bugzilla.novell.com/show_bug.cgi?id=849021

https://bugzilla.novell.com/show_bug.cgi?id=849023

https://bugzilla.novell.com/show_bug.cgi?id=849029

https://bugzilla.novell.com/show_bug.cgi?id=849034

https://bugzilla.novell.com/show_bug.cgi?id=849362

https://bugzilla.novell.com/show_bug.cgi?id=852373

https://bugzilla.novell.com/show_bug.cgi?id=852558

https://bugzilla.novell.com/show_bug.cgi?id=852559

https://bugzilla.novell.com/show_bug.cgi?id=853050

https://bugzilla.novell.com/show_bug.cgi?id=853051

https://bugzilla.novell.com/show_bug.cgi?id=853052

https://bugzilla.novell.com/show_bug.cgi?id=853053

https://bugzilla.novell.com/show_bug.cgi?id=854173

https://bugzilla.novell.com/show_bug.cgi?id=854634

https://bugzilla.novell.com/show_bug.cgi?id=854722

https://bugzilla.novell.com/show_bug.cgi?id=860993

https://lists.opensuse.org/opensuse-updates/2014-02/msg00021.html

Plugin Details

Severity: High

ID: 75251

File Name: openSUSE-2014-113.nasl

Version: 1.10

Type: local

Agent: unix

Published: 2014/06/13

Updated: 2020/06/04

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 9

CVSS v2.0

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop, p-cpe:/a:novell:opensuse:kernel-desktop-base, p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debugsource, p-cpe:/a:novell:opensuse:kernel-desktop-devel, p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-ec2, p-cpe:/a:novell:opensuse:kernel-ec2-base, p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debugsource, p-cpe:/a:novell:opensuse:kernel-ec2-devel, p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debugsource, p-cpe:/a:novell:opensuse:kernel-pae-devel, p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-trace, p-cpe:/a:novell:opensuse:kernel-trace-base, p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debugsource, p-cpe:/a:novell:opensuse:kernel-trace-devel, p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debugsource, p-cpe:/a:novell:opensuse:kernel-xen-devel, p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo, cpe:/o:novell:opensuse:12.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/02/04

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Linux Kernel recvmmsg Privilege Escalation)

Reference Information

CVE: CVE-2013-0343, CVE-2013-1792, CVE-2013-4348, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6378, CVE-2013-6380, CVE-2013-6431, CVE-2013-7027, CVE-2014-0038