openSUSE Security Update : kernel (openSUSE-SU-2014:0204-1)
high Nessus Plugin ID 75251
Language:
New! Plugin Severity Now Using CVSS v3
The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Synopsis
The remote openSUSE host is missing a security update.Description
The Linux kernel was updated to fix various bugs and security issues :- mm/page-writeback.c: do not count anon pages as dirtyable memory (reclaim stalls).
- mm/page-writeback.c: fix dirty_balance_reserve subtraction from dirtyable memory (reclaim stalls).
- compat_sys_recvmmsg X32 fix (bnc#860993 CVE-2014-0038).
- hwmon: (coretemp) Fix truncated name of alarm attributes
- net: fib: fib6_add: fix potential NULL pointer dereference (bnc#854173 CVE-2013-6431).
- keys: fix race with concurrent install_user_keyrings() (bnc#808358)(CVE-2013-1792).
- KVM: x86: Convert vapic synchronization to _cached functions (CVE-2013-6368) (bnc#853052 CVE-2013-6368).
- wireless: radiotap: fix parsing buffer overrun (bnc#854634 CVE-2013-7027).
- KVM: x86: fix guest-initiated crash with x2apic (CVE-2013-6376) (bnc#853053 CVE-2013-6376).
- KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) (bnc#853051 CVE-2013-6367).
- KVM: Improve create VCPU parameter (CVE-2013-4587) (bnc#853050 CVE-2013-4587).
- staging: ozwpan: prevent overflow in oz_cdev_write() (bnc#849023 CVE-2013-4513).
- perf/x86: Fix offcore_rsp valid mask for SNB/IVB (bnc#825006).
- perf/x86: Add Intel IvyBridge event scheduling constraints (bnc#825006).
- libertas: potential oops in debugfs (bnc#852559 CVE-2013-6378).
- aacraid: prevent invalid pointer dereference (bnc#852373 CVE-2013-6380).
- staging: wlags49_h2: buffer overflow setting station name (bnc#849029 CVE-2013-4514).
- net: flow_dissector: fail on evil iph->ihl (bnc#848079 CVE-2013-4348).
- Staging: bcm: info leak in ioctl (bnc#849034 CVE-2013-4515).
- Refresh patches.fixes/net-rework-recvmsg-handler-msg_name-and-ms g_namelen-logic.patch.
- ipv6: remove max_addresses check from ipv6_create_tempaddr (bnc#805226, CVE-2013-0343).
- net: rework recvmsg handler msg_name and msg_namelen logic (bnc#854722).
- crypto: ansi_cprng - Fix off by one error in non-block size request (bnc#840226).
- x6: Fix reserve_initrd so that acpi_initrd_override is reached (bnc#831836).
- Refresh other Xen patches.
- aacraid: missing capable() check in compat ioctl (bnc#852558).
- patches.fixes/gpio-ich-fix-ichx_gpio_check_available-ret urn.patch: Update upstream reference
- perf/ftrace: Fix paranoid level for enabling function tracer (bnc#849362).
- xhci: fix NULL pointer dereference on ring_doorbell_for_active_rings (bnc#848255).
- xhci: Fix oops happening after address device timeout (bnc#848255).
- xhci: Ensure a command structure points to the correct trb on the command ring (bnc#848255).
- patches.arch/iommu-vt-d-remove-stack-trace-from-broken-i rq-remapping-warning.patch: Update upstream reference.
- Allow NFSv4 username mapping to work properly (bnc#838024).
- Refresh btrfs attribute publishing patchset to match openSUSE-13.1 No user-visible changes, but uses kobj_sysfs_ops and better kobject lifetime management.
- Fix a few incorrectly checked [io_]remap_pfn_range() calls (bnc#849021, CVE-2013-4511).
- drm/radeon: don't set hpd, afmt interrupts when interrupts are disabled.
- patches.fixes/cifs-fill-TRANS2_QUERY_FILE_INFO-ByteCount
-fields.patch: Fix TRANS2_QUERY_FILE_INFO ByteCount fields (bnc#804950).
- iommu: Remove stack trace from broken irq remapping warning (bnc#844513).
- Disable patches related to bnc#840656 patches.suse/btrfs-cleanup-don-t-check-the-same-thing-tw ice patches.suse/btrfs-0220-fix-for-patch-cleanup-don-t-chec k-the-same-thi.patch
- btrfs: use feature attribute names to print better error messages.
- btrfs: add ability to change features via sysfs.
- btrfs: add publishing of unknown features in sysfs.
- btrfs: publish per-super features to sysfs.
- btrfs: add per-super attributes to sysfs.
- btrfs: export supported featured to sysfs.
- kobject: introduce kobj_completion.
- btrfs: add ioctls to query/change feature bits online.
- btrfs: use btrfs_commit_transaction when setting fslabel.
- x86/iommu/vt-d: Expand interrupt remapping quirk to cover x58 chipset (bnc#844513).
- NFSv4: Fix issues in nfs4_discover_server_trunking (bnc#811746).
- iommu/vt-d: add quirk for broken interrupt remapping on 55XX chipsets (bnc#844513).
Solution
Update the affected kernel packages.See Also
https://bugzilla.novell.com/show_bug.cgi?id=804950
https://bugzilla.novell.com/show_bug.cgi?id=805226
https://bugzilla.novell.com/show_bug.cgi?id=808358
https://bugzilla.novell.com/show_bug.cgi?id=811746
https://bugzilla.novell.com/show_bug.cgi?id=825006
https://bugzilla.novell.com/show_bug.cgi?id=831836
https://bugzilla.novell.com/show_bug.cgi?id=838024
https://bugzilla.novell.com/show_bug.cgi?id=840226
https://bugzilla.novell.com/show_bug.cgi?id=840656
https://bugzilla.novell.com/show_bug.cgi?id=844513
https://bugzilla.novell.com/show_bug.cgi?id=848079
https://bugzilla.novell.com/show_bug.cgi?id=848255
https://bugzilla.novell.com/show_bug.cgi?id=849021
https://bugzilla.novell.com/show_bug.cgi?id=849023
https://bugzilla.novell.com/show_bug.cgi?id=849029
https://bugzilla.novell.com/show_bug.cgi?id=849034
https://bugzilla.novell.com/show_bug.cgi?id=849362
https://bugzilla.novell.com/show_bug.cgi?id=852373
https://bugzilla.novell.com/show_bug.cgi?id=852558
https://bugzilla.novell.com/show_bug.cgi?id=852559
https://bugzilla.novell.com/show_bug.cgi?id=853050
https://bugzilla.novell.com/show_bug.cgi?id=853051
https://bugzilla.novell.com/show_bug.cgi?id=853052
https://bugzilla.novell.com/show_bug.cgi?id=853053
https://bugzilla.novell.com/show_bug.cgi?id=854173
https://bugzilla.novell.com/show_bug.cgi?id=854634
https://bugzilla.novell.com/show_bug.cgi?id=854722
https://bugzilla.novell.com/show_bug.cgi?id=860993
https://lists.opensuse.org/opensuse-updates/2014-02/msg00021.html
Plugin Details
Severity: High
ID: 75251
File Name: openSUSE-2014-113.nasl
Version: 1.11
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 6/13/2014
Updated: 1/19/2021
Dependencies: ssh_get_info.nasl
Risk Information
VPR
Risk Factor: Critical
Score: 9.5
CVSS v2
Risk Factor: High
Base Score: 7.2
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop, p-cpe:/a:novell:opensuse:kernel-desktop-base, p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debugsource, p-cpe:/a:novell:opensuse:kernel-desktop-devel, p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-ec2, p-cpe:/a:novell:opensuse:kernel-ec2-base, p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debugsource, p-cpe:/a:novell:opensuse:kernel-ec2-devel, p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debugsource, p-cpe:/a:novell:opensuse:kernel-pae-devel, p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-trace, p-cpe:/a:novell:opensuse:kernel-trace-base, p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debugsource, p-cpe:/a:novell:opensuse:kernel-trace-devel, p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debugsource, p-cpe:/a:novell:opensuse:kernel-xen-devel, p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo, cpe:/o:novell:opensuse:12.3
Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 2/4/2014
Exploitable With
CANVAS (CANVAS)
Core Impact
Metasploit (Linux Kernel recvmmsg Privilege Escalation)
Reference Information
CVE: CVE-2013-0343, CVE-2013-1792, CVE-2013-4348, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6378, CVE-2013-6380, CVE-2013-6431, CVE-2013-7027, CVE-2014-0038