openSUSE Security Update : kernel (openSUSE-SU-2014:0205-1)

high Nessus Plugin ID 75252
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote openSUSE host is missing a security update.


The Linux Kernel was updated to version 3.11.10, fixing security issues and bugs :

- floppy: bail out in open() if drive is not responding to block0 read (bnc#773058).

- compat_sys_recvmmsg X32 fix (bnc#860993 CVE-2014-0038).

- HID: usbhid: fix sis quirk (bnc#859804).

- hwmon: (coretemp) Fix truncated name of alarm attributes

- HID: usbhid: quirk for Synaptics Quad HD touchscreen (bnc#859804).

- HID: usbhid: quirk for Synaptics HD touchscreen (bnc#859804).

- HID: usbhid: merge the sis quirk (bnc#859804).

- HID: hid-multitouch: add support for SiS panels (bnc#859804).

- HID: usbhid: quirk for SiS Touchscreen (bnc#859804).

- HID: usbhid: quirk for Synaptics Large Touchccreen (bnc#859804).

- drivers: net: cpsw: fix dt probe for one port ethernet.

- drivers: net: cpsw: fix for cpsw crash when build as modules.

- dma: edma: Remove limits on number of slots.

- dma: edma: Leave linked to Null slot instead of DUMMY slot.

- dma: edma: Find missed events and issue them.

- dma: edma: Write out and handle MAX_NR_SG at a given time.

- dma: edma: Setup parameters to DMA MAX_NR_SG at a time.

- ARM: edma: Add function to manually trigger an EDMA channel.

- ARM: edma: Fix clearing of unused list for DT DMA resources.

- ACPI: Add Toshiba NB100 to Vista _OSI blacklist.

- ACPI: add missing win8 OSI comment to blacklist (bnc#856294).

- ACPI: update win8 OSI blacklist.

- ACPI: blacklist win8 OSI for buggy laptops.

- ACPI: blacklist win8 OSI for ASUS Zenbook Prime UX31A (bnc#856294).

- ACPI: Blacklist Win8 OSI for some HP laptop 2013 models (bnc#856294).

- floppy: bail out in open() if drive is not responding to block0 read (bnc#773058).

- ping: prevent NULL pointer dereference on write to msg_name (bnc#854175 CVE-2013-6432).

- x86/dumpstack: Fix printk_address for direct addresses (bnc#845621).

- Refresh patches.suse/stack-unwind.

- Refresh patches.xen/xen-x86_64-dump-user-pgt.

- KVM: x86: Convert vapic synchronization to _cached functions (CVE-2013-6368) (bnc#853052 CVE-2013-6368).

- KVM: x86: fix guest-initiated crash with x2apic (CVE-2013-6376) (bnc#853053 CVE-2013-6376).

- Build the KOTD against openSUSE:13.1:Update

- xencons: generalize use of add_preferred_console() (bnc#733022, bnc#852652).

- Update Xen patches to 3.11.10.

- Rename patches.xen/xen-pcpu-hotplug to patches.xen/xen-pcpu.

- KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) (bnc#853051 CVE-2013-6367).

- KVM: Improve create VCPU parameter (CVE-2013-4587) (bnc#853050 CVE-2013-4587).

- ipv6: fix headroom calculation in udp6_ufo_fragment (bnc#848042 CVE-2013-4563).

- net: rework recvmsg handler msg_name and msg_namelen logic (bnc#854722).

- patches.drivers/gpio-ucb1400-add-module_alias.patch:
Update upstream reference

- patches.drivers/ tch: Update upstream reference

- Delete patches.suse/ida-remove-warning-dump-stack.patch.
Already included in kernel 3.11 (WARN calls dump_stack.)

- xhci: Limit the spurious wakeup fix only to HP machines (bnc#852931).

- iscsi_target: race condition on shutdown (bnc#850072).

- Linux 3.11.10.

- Refresh patches.xen/xen3-patch-2.6.29.

- Delete patches.suse/btrfs-relocate-csums-properly-with-prealloc

- patches.drivers/xhci-Fix-spurious-wakeups-after-S5-on-Ha swell.patch: (bnc#852931).

- Build mei and mei_me as modules (bnc#852656)

- Linux 3.11.9.

- Linux 3.11.8 (CVE-2013-4511 bnc#846529 bnc#849021).

- Delete patches.drivers/ALSA-hda-Add-a-fixup-for-ASUS-N76VZ.

- Delete patches.fixes/Fix-a-few-incorrectly-checked-io_-remap_pf n_range-ca.patch.

- Add USB PHY support (needed to get USB and Ethernet working on beagle and panda boards) Add CONFIG_PINCTRL_SINGLE=y to be able to use Device tree (at least for beagle and panda boards) Add ARM SoC sound support Add SPI bus support Add user-space access to I2C and SPI

- patches.arch/iommu-vt-d-remove-stack-trace-from-broken-i rq-remapping-warning.patch: Fix forward porting, sorry.

- iommu: Remove stack trace from broken irq remapping warning (bnc#844513).

- gpio: ucb1400: Add MODULE_ALIAS.

- Allow NFSv4 username mapping to work properly (bnc#838024).

- nfs: check if gssd is running before attempting to use krb5i auth in SETCLIENTID call.

- sunrpc: replace sunrpc_net->gssd_running flag with a more reliable check.

- sunrpc: create a new dummy pipe for gssd to hold open.

- Set CONFIG_GPIO_TWL4030 as built-in (instead of module) as a requirement to boot on SD card on beagleboard xM

- armv6hl, armv7hl: Update config files. Set CONFIG_BATMAN_ADV_BLA=y as all other kernel configuration files have.

- Update config files :

- CONFIG_BATMAN_ADV_NC=y, because other BATMAN_ADV options are all enabled so why not this one.

- CONFIG_GPIO_SCH=m, CONFIG_GPIO_PCH=m, because we support all other features of these pieces of hardware.

- CONFIG_INTEL_POWERCLAMP=m, because this small driver might be useful in specific cases, and there's no obvious reason not to include it.

- Fix a few incorrectly checked [io_]remap_pfn_range() calls (bnc#849021, CVE-2013-4511).

- Linux 3.11.7.


Update the affected kernel packages.

See Also

Plugin Details

Severity: High

ID: 75252

File Name: openSUSE-2014-114.nasl

Version: 1.10

Type: local

Agent: unix

Published: 6/13/2014

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information


Risk Factor: Critical

Score: 9.7


Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debuginfo, p-cpe:/a:novell:opensuse:kernel-debug-debugsource, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debuginfo, p-cpe:/a:novell:opensuse:kernel-default-debugsource, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop, p-cpe:/a:novell:opensuse:kernel-desktop-base, p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo, p-cpe:/a:novell:opensuse:kernel-desktop-debugsource, p-cpe:/a:novell:opensuse:kernel-desktop-devel, p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-devel, p-cpe:/a:novell:opensuse:kernel-ec2, p-cpe:/a:novell:opensuse:kernel-ec2-base, p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo, p-cpe:/a:novell:opensuse:kernel-ec2-debugsource, p-cpe:/a:novell:opensuse:kernel-ec2-devel, p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debuginfo, p-cpe:/a:novell:opensuse:kernel-pae-debugsource, p-cpe:/a:novell:opensuse:kernel-pae-devel, p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-trace, p-cpe:/a:novell:opensuse:kernel-trace-base, p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debuginfo, p-cpe:/a:novell:opensuse:kernel-trace-debugsource, p-cpe:/a:novell:opensuse:kernel-trace-devel, p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo, p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debuginfo, p-cpe:/a:novell:opensuse:kernel-xen-debugsource, p-cpe:/a:novell:opensuse:kernel-xen-devel, p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo, cpe:/o:novell:opensuse:13.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/4/2014

Exploitable With


Core Impact

Metasploit (Linux Kernel recvmmsg Privilege Escalation)

Reference Information

CVE: CVE-2013-4511, CVE-2013-4563, CVE-2013-4587, CVE-2013-6367, CVE-2013-6368, CVE-2013-6376, CVE-2013-6432, CVE-2014-0038

BID: 63512, 63702, 64135, 64270, 64291, 64319, 64328, 65255