Articles / SuSE: New Linux kernel pack…

SuSE: New Linux kernel packages fix security vulnerabilities

This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. A USB string descriptor overflow in the auerwald USB driver was fixed, which could be used by physically proximate attackers to cause a kernel crash. Always check the path in CIFS mounts to avoid interesting filesystem path interaction issues and potential crashes. A malicious CIFS server could cause a integer overflow on the local machine on directory index operations, in turn causing memory corruption. The is_gpt_valid function did not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allowed physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device. Updated packages are available from download.opensuse.org.

  SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:1195-1
Rating:             important
References:         #616256 #628343 #635880 #683101 #692784 #694315 
                   #699354 #699355 #701355 #701550 #706375 #707439 
                   #709213 #709369 #712009 #713876 #714001 #717126 
                   #717421 #717585 #718028 #721830 #724947 
Cross-References:   CVE-2009-4067 CVE-2011-1776 CVE-2011-3191
                   CVE-2011-3363
Affected Products:
                   SUSE Linux Enterprise Server 10 SP4
                   SUSE Linux Enterprise Desktop 10 SP4
                   SLE SDK 10 SP4
______________________________________________________________________________

  An update that solves four vulnerabilities and has 19 fixes
  is now available.

Description:


  This Linux kernel update fixes various security issues and
  bugs in the SUSE  Linux Enterprise 10 SP4 kernel.

  The following security issues have been fixed:

  * CVE-2009-4067: A USB string descriptor overflow in
  the auerwald USB driver was fixed, which could be used by
  physically proximate attackers to cause a kernel crash.
  * CVE-2011-3363: Always check the path in CIFS mounts
  to avoid interesting filesystem path interaction issues and
  potential crashes.
  * CVE-2011-3191: A malicious CIFS server could cause a
  integer overflow on the local machine on directory index
  operations, in turn causing memory corruption.
  * CVE-2011-1776: The is_gpt_valid function in
  fs/partitions/efi.c in the Linux kernel did not check the
  size of an Extensible Firmware Interface (EFI) GUID
  Partition Table (GPT) entry, which allowed physically
  proximate attackers to cause a denial of service
  (heap-based buffer overflow and OOPS) or obtain sensitive
  information from kernel heap memory by connecting a crafted
  GPT storage device, a different vulnerability than
  CVE-2011-1577.

  The following non-security issues have been fixed:

  * md: fix deadlock in md/raid1 and md/raid10 when
  handling a read error (bnc#628343).
  * md: fix possible raid1/raid10 deadlock on read error
  during resync (bnc#628343).
  * Add timeo parameter to /proc/mounts for nfs
  filesystems (bnc#616256).
  * virtio: indirect ring entries
  (VIRTIO_RING_F_INDIRECT_DESC) (bnc#713876).
  * virtio: teach virtio_has_feature() about transport
  features (bnc#713876).
  * nf_nat: do not add NAT extension for confirmed
  conntracks (bnc#709213).
  * 8250: Oxford Semiconductor Devices (bnc#717126).
  * 8250_pci: Add support for the Digi/IBM PCIe 2-port
  Adapter (bnc#717126).
  * 8250: Fix capabilities when changing the port type
  (bnc#717126).
  * 8250: Add EEH support (bnc#717126).
  * xfs: fix memory reclaim recursion deadlock on locked
  inode buffer (bnc#699355 bnc#699354 bnc#721830).
  * ipmi: do not grab locks in run-to-completion mode
  (bnc#717421).
  * cifs: add fallback in is_path_accessible for old
  servers (bnc#718028).
  * cciss: do not attempt to read from a write-only
  register (bnc#683101).
  * s390: kernel: System hang if hangcheck timer expires
  (bnc#712009,LTC#74157).
  * s390: kernel: NSS creation with initrd fails
  (bnc#712009,LTC#74207).
  * s390: kernel: remove code to handle topology
  interrupts (bnc#712009,LTC#74440).
  * xen: Added 1083-kbdfront-absolute-coordinates.patch
  (bnc#717585).
  * acpi: Use a spinlock instead of mutex to guard
  gbl_lock access (bnc#707439).
  * Allow balance_dirty_pages to help other filesystems
  (bnc#709369).
  * nfs: fix congestion control (bnc#709369).
  * NFS: Separate metadata and page cache revalidation
  mechanisms (bnc#709369).
  * jbd: Fix oops in journal_remove_journal_head()
  (bnc#694315).
  * xen/blkfront: avoid NULL de-reference in CDROM ioctl
  handling (bnc#701355).
  * xen/x86: replace order-based range checking of M2P
  table by linear one.
  * xen/x86: use dynamically adjusted upper bound for
  contiguous regions (bnc#635880).
  * Fix type in
  patches.fixes/libiscsi-dont-run-scsi-eh-if-iscsi-task-is-mak
  ing-progress.
  * s390: cio: Add timeouts for internal IO
  (bnc#701550,LTC#72691).
  * s390: kernel: first time swap use results in heavy
  swapping (bnc#701550,LTC#73132).
  * s390: qeth: wrong number of output queues for
  HiperSockets (bnc#701550,LTC#73814).

  Security Issue references:

  * CVE-2009-4067
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4067

  * CVE-2011-3363
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3363

  * CVE-2011-3191
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3191

  * CVE-2011-1776
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776


Indications:

  Everyone using the Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

  Please reboot the system after installing this update.


Package List:

  - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

     kernel-default-2.6.16.60-0.91.1
     kernel-source-2.6.16.60-0.91.1
     kernel-syms-2.6.16.60-0.91.1

  - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 x86_64):

     kernel-debug-2.6.16.60-0.91.1

  - SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64):

     kernel-kdump-2.6.16.60-0.91.1

  - SUSE Linux Enterprise Server 10 SP4 (i586 x86_64):

     kernel-smp-2.6.16.60-0.91.1
     kernel-xen-2.6.16.60-0.91.1

  - SUSE Linux Enterprise Server 10 SP4 (i586):

     kernel-bigsmp-2.6.16.60-0.91.1
     kernel-kdumppae-2.6.16.60-0.91.1
     kernel-vmi-2.6.16.60-0.91.1
     kernel-vmipae-2.6.16.60-0.91.1
     kernel-xenpae-2.6.16.60-0.91.1

  - SUSE Linux Enterprise Server 10 SP4 (ppc):

     kernel-iseries64-2.6.16.60-0.91.1
     kernel-ppc64-2.6.16.60-0.91.1

  - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

     kernel-default-2.6.16.60-0.91.1
     kernel-smp-2.6.16.60-0.91.1
     kernel-source-2.6.16.60-0.91.1
     kernel-syms-2.6.16.60-0.91.1
     kernel-xen-2.6.16.60-0.91.1

  - SUSE Linux Enterprise Desktop 10 SP4 (i586):

     kernel-bigsmp-2.6.16.60-0.91.1
     kernel-xenpae-2.6.16.60-0.91.1

  - SLE SDK 10 SP4 (i586 ia64 x86_64):

     kernel-debug-2.6.16.60-0.91.1

  - SLE SDK 10 SP4 (i586 ppc x86_64):

     kernel-kdump-2.6.16.60-0.91.1

  - SLE SDK 10 SP4 (i586 x86_64):

     kernel-xen-2.6.16.60-0.91.1

  - SLE SDK 10 SP4 (i586):

     kernel-xenpae-2.6.16.60-0.91.1


References:

  http://support.novell.com/security/cve/CVE-2009-4067.html
  http://support.novell.com/security/cve/CVE-2011-1776.html
  http://support.novell.com/security/cve/CVE-2011-3191.html
  http://support.novell.com/security/cve/CVE-2011-3363.html
  https://bugzilla.novell.com/616256
  https://bugzilla.novell.com/628343
  https://bugzilla.novell.com/635880
  https://bugzilla.novell.com/683101
  https://bugzilla.novell.com/692784
  https://bugzilla.novell.com/694315
  https://bugzilla.novell.com/699354
  https://bugzilla.novell.com/699355
  https://bugzilla.novell.com/701355
  https://bugzilla.novell.com/701550
  https://bugzilla.novell.com/706375
  https://bugzilla.novell.com/707439
  https://bugzilla.novell.com/709213
  https://bugzilla.novell.com/709369
  https://bugzilla.novell.com/712009
  https://bugzilla.novell.com/713876
  https://bugzilla.novell.com/714001
  https://bugzilla.novell.com/717126
  https://bugzilla.novell.com/717421
  https://bugzilla.novell.com/717585
  https://bugzilla.novell.com/718028
  https://bugzilla.novell.com/721830
  https://bugzilla.novell.com/724947
  http://download.novell.com/patch/finder/?keywords=169bd714365eb7c38e38540921171d06
  http://download.novell.com/patch/finder/?keywords=6253a90635c740c154fb5e3cc64612f2
  http://download.novell.com/patch/finder/?keywords=b1201574824e860419470a1e97bdba2c
  http://download.novell.com/patch/finder/?keywords=be6b41cc85222e68513448b61b7af786
  http://download.novell.com/patch/finder/?keywords=c4377326fa8f6c8c833ef411e531a291
Screenshot

Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.

Screenshot

Project Spotlight

Kid3

An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.