openSUSE Security Update: kernel: security and bugfix update.
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2012:0236-1
Rating:             important
References:         #676602 #679059 #681180 #681181 #681184 #681185 
                    #691052 #692498 #699709 #700879 #702037 #707288 
                    #709561 #709764 #710235 #713933 #723999 #726788 
                    #736149 
Cross-References:   CVE-2011-1080 CVE-2011-1170 CVE-2011-1171
                    CVE-2011-1172 CVE-2011-1173 CVE-2011-1770
                    CVE-2011-2203 CVE-2011-2213 CVE-2011-2534
                    CVE-2011-2699 CVE-2011-2723 CVE-2011-2898
                    CVE-2011-4081 CVE-2011-4087 CVE-2011-4604
                   
Affected Products:
                    openSUSE 11.4
______________________________________________________________________________

   An update that solves 15 vulnerabilities and has four fixes
   is now available. It includes one version update.

Description:

   The openSUSE 11.4 kernel was updated to fix bugs and
   security issues.

   Following security issues have been fixed: CVE-2011-4604:
   If root does read() on a specific socket, it's possible to
   corrupt (kernel) memory over network, with an ICMP packet,
   if the B.A.T.M.A.N. mesh protocol is used.

   CVE-2011-2699: Fernando Gont discovered that the IPv6 stack
   used predictable fragment identification numbers. A remote
   attacker could exploit this to exhaust network resources,
   leading to a denial of service.

   CVE-2011-1173: A kernel information leak via ip6_tables was
   fixed.

   CVE-2011-1172: A kernel information leak via ip6_tables
   netfilter was fixed.

   CVE-2011-1171: A kernel information leak via ip_tables was
   fixed.

   CVE-2011-1170: A kernel information leak via arp_tables was
   fixed.

   CVE-2011-1080: A kernel information leak via netfilter was
   fixed.

   CVE-2011-2213: The inet_diag_bc_audit function in
   net/ipv4/inet_diag.c in the Linux kernel did not properly
   audit INET_DIAG bytecode, which allowed local users to
   cause a denial of service (kernel infinite loop) via
   crafted INET_DIAG_REQ_BYTECODE instructions in a netlink
   message, as demonstrated by an INET_DIAG_BC_JMP instruction
   with a zero yes value, a different vulnerability than
   CVE-2010-3880.

   CVE-2011-2534: Buffer overflow in the clusterip_proc_write
   function in net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux
   kernel might have allowed local users to cause a denial of
   service or have unspecified other impact via a crafted
   write operation, related to string data that lacks a
   terminating '\0' character.

   CVE-2011-1770: Integer underflow in the dccp_parse_options
   function (net/dccp/options.c) in the Linux kernel allowed
   remote attackers to cause a denial of service via a
   Datagram Congestion Control Protocol (DCCP) packet with an
   invalid feature options length, which triggered a buffer
   over-read.

   CVE-2011-2723: The skb_gro_header_slow function in
   include/linux/netdevice.h in the Linux kernel, when Generic
   Receive Offload (GRO) is enabled, reset certain fields in
   incorrect situations, which allowed remote attackers to
   cause a denial of service (system crash) via crafted
   network traffic.

   CVE-2011-2898: A kernel information leak in the AF_PACKET
   protocol was fixed which might have allowed local attackers   to read kernel memory.

   CVE-2011-4087: A local denial of service when using bridged
   networking via a flood ping was fixed.

   CVE-2011-2203: A NULL ptr dereference on mounting corrupt
   hfs filesystems was fixed which could be used by local
   attackers to crash the kernel.

   CVE-2011-4081: Using the crypto interface a local user
   could Oops the kernel by writing to a AF_ALG socket.


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.4:

      zypper in -t patch kernel-5606

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 11.4 (i586 x86_64) [New Version: 2.6.37.6]:

      kernel-debug-2.6.37.6-0.11.1
      kernel-debug-base-2.6.37.6-0.11.1
      kernel-debug-devel-2.6.37.6-0.11.1
      kernel-default-2.6.37.6-0.11.1
      kernel-default-base-2.6.37.6-0.11.1
      kernel-default-devel-2.6.37.6-0.11.1
      kernel-desktop-2.6.37.6-0.11.1
      kernel-desktop-base-2.6.37.6-0.11.1
      kernel-desktop-devel-2.6.37.6-0.11.1
      kernel-ec2-2.6.37.6-0.11.1
      kernel-ec2-base-2.6.37.6-0.11.1
      kernel-ec2-devel-2.6.37.6-0.11.1
      kernel-ec2-extra-2.6.37.6-0.11.1
      kernel-syms-2.6.37.6-0.11.1
      kernel-trace-2.6.37.6-0.11.1
      kernel-trace-base-2.6.37.6-0.11.1
      kernel-trace-devel-2.6.37.6-0.11.1
      kernel-vanilla-2.6.37.6-0.11.1
      kernel-vanilla-base-2.6.37.6-0.11.1
      kernel-vanilla-devel-2.6.37.6-0.11.1
      kernel-xen-2.6.37.6-0.11.1
      kernel-xen-base-2.6.37.6-0.11.1
      kernel-xen-devel-2.6.37.6-0.11.1
      preload-kmp-default-1.2_k2.6.37.6_0.11-6.7.28
      preload-kmp-desktop-1.2_k2.6.37.6_0.11-6.7.28

   - openSUSE 11.4 (noarch) [New Version: 2.6.37.6]:

      kernel-devel-2.6.37.6-0.11.1
      kernel-docs-2.6.37.6-0.11.1
      kernel-source-2.6.37.6-0.11.1
      kernel-source-vanilla-2.6.37.6-0.11.1

   - openSUSE 11.4 (i586) [New Version: 2.6.37.6]:

      kernel-pae-2.6.37.6-0.11.1
      kernel-pae-base-2.6.37.6-0.11.1
      kernel-pae-devel-2.6.37.6-0.11.1
      kernel-vmi-2.6.37.6-0.11.1
      kernel-vmi-base-2.6.37.6-0.11.1
      kernel-vmi-devel-2.6.37.6-0.11.1


References:

   https://www.suse.com/security/cve/CVE-2011-1080.html
   https://www.suse.com/security/cve/CVE-2011-1170.html
   https://www.suse.com/security/cve/CVE-2011-1171.html
   https://www.suse.com/security/cve/CVE-2011-1172.html
   https://www.suse.com/security/cve/CVE-2011-1173.html
   https://www.suse.com/security/cve/CVE-2011-1770.html
   https://www.suse.com/security/cve/CVE-2011-2203.html
   https://www.suse.com/security/cve/CVE-2011-2213.html
   https://www.suse.com/security/cve/CVE-2011-2534.html
   https://www.suse.com/security/cve/CVE-2011-2699.html
   https://www.suse.com/security/cve/CVE-2011-2723.html
   https://www.suse.com/security/cve/CVE-2011-2898.html
   https://www.suse.com/security/cve/CVE-2011-4081.html
   https://www.suse.com/security/cve/CVE-2011-4087.html
   https://www.suse.com/security/cve/CVE-2011-4604.html
   https://bugzilla.novell.com/676602
   https://bugzilla.novell.com/679059
   https://bugzilla.novell.com/681180
   https://bugzilla.novell.com/681181
   https://bugzilla.novell.com/681184
   https://bugzilla.novell.com/681185
   https://bugzilla.novell.com/691052
   https://bugzilla.novell.com/692498
   https://bugzilla.novell.com/699709
   https://bugzilla.novell.com/700879
   https://bugzilla.novell.com/702037
   https://bugzilla.novell.com/707288
   https://bugzilla.novell.com/709561
   https://bugzilla.novell.com/709764
   https://bugzilla.novell.com/710235
   https://bugzilla.novell.com/713933
   https://bugzilla.novell.com/723999
   https://bugzilla.novell.com/726788
   https://bugzilla.novell.com/736149

openSUSE: 2012:0236-1: important: kernel

February 9, 2012
An update that solves 15 vulnerabilities and has four fixes An update that solves 15 vulnerabilities and has four fixes An update that solves 15 vulnerabilities and has four fixes ...

Description

The openSUSE 11.4 kernel was updated to fix bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read() on a specific socket, it's possible to corrupt (kernel) memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used. CVE-2011-2699: Fernando Gont discovered that the IPv6 stack used predictable fragment identification numbers. A remote attacker could exploit this to exhaust network resources, leading to a denial of service. CVE-2011-1173: A kernel information leak via ip6_tables was fixed. CVE-2011-1172: A kernel information leak via ip6_tables netfilter was fixed. CVE-2011-1171: A kernel information leak via ip_tables was fixed. CVE-2011-1170: A kernel information leak via arp_tables was fixed. CVE-2011-1080: A kernel information leak via netfilter was fixed. CVE-2011-2213: The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel did not properly audit INET_DIAG bytecode, which allowed local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880. CVE-2011-2534: Buffer overflow in the clusterip_proc_write function in net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux kernel might have allowed local users to cause a denial of service or have unspecified other impact via a crafted write operation, related to string data that lacks a terminating '\0' character. CVE-2011-1770: Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel allowed remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggered a buffer over-read. CVE-2011-2723: The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel, when Generic Receive Offload (GRO) is enabled, reset certain fields in incorrect situations, which allowed remote attackers to cause a denial of service (system crash) via crafted network traffic. CVE-2011-2898: A kernel information leak in the AF_PACKET protocol was fixed which might have allowed local attackers to read kernel memory. CVE-2011-4087: A local denial of service when using bridged networking via a flood ping was fixed. CVE-2011-2203: A NULL ptr dereference on mounting corrupt hfs filesystems was fixed which could be used by local attackers to crash the kernel. CVE-2011-4081: Using the crypto interface a local user could Oops the kernel by writing to a AF_ALG socket. Special Instructions and Notes: Please reboot the system after installing this update.

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch kernel-5606 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE 11.4 (i586 x86_64) [New Version: 2.6.37.6]: kernel-debug-2.6.37.6-0.11.1 kernel-debug-base-2.6.37.6-0.11.1 kernel-debug-devel-2.6.37.6-0.11.1 kernel-default-2.6.37.6-0.11.1 kernel-default-base-2.6.37.6-0.11.1 kernel-default-devel-2.6.37.6-0.11.1 kernel-desktop-2.6.37.6-0.11.1 kernel-desktop-base-2.6.37.6-0.11.1 kernel-desktop-devel-2.6.37.6-0.11.1 kernel-ec2-2.6.37.6-0.11.1 kernel-ec2-base-2.6.37.6-0.11.1 kernel-ec2-devel-2.6.37.6-0.11.1 kernel-ec2-extra-2.6.37.6-0.11.1 kernel-syms-2.6.37.6-0.11.1 kernel-trace-2.6.37.6-0.11.1 kernel-trace-base-2.6.37.6-0.11.1 kernel-trace-devel-2.6.37.6-0.11.1 kernel-vanilla-2.6.37.6-0.11.1 kernel-vanilla-base-2.6.37.6-0.11.1 kernel-vanilla-devel-2.6.37.6-0.11.1 kernel-xen-2.6.37.6-0.11.1 kernel-xen-base-2.6.37.6-0.11.1 kernel-xen-devel-2.6.37.6-0.11.1 preload-kmp-default-1.2_k2.6.37.6_0.11-6.7.28 preload-kmp-desktop-1.2_k2.6.37.6_0.11-6.7.28 - openSUSE 11.4 (noarch) [New Version: 2.6.37.6]: kernel-devel-2.6.37.6-0.11.1 kernel-docs-2.6.37.6-0.11.1 kernel-source-2.6.37.6-0.11.1 kernel-source-vanilla-2.6.37.6-0.11.1 - openSUSE 11.4 (i586) [New Version: 2.6.37.6]: kernel-pae-2.6.37.6-0.11.1 kernel-pae-base-2.6.37.6-0.11.1 kernel-pae-devel-2.6.37.6-0.11.1 kernel-vmi-2.6.37.6-0.11.1 kernel-vmi-base-2.6.37.6-0.11.1 kernel-vmi-devel-2.6.37.6-0.11.1


References

https://www.suse.com/security/cve/CVE-2011-1080.html https://www.suse.com/security/cve/CVE-2011-1170.html https://www.suse.com/security/cve/CVE-2011-1171.html https://www.suse.com/security/cve/CVE-2011-1172.html https://www.suse.com/security/cve/CVE-2011-1173.html https://www.suse.com/security/cve/CVE-2011-1770.html https://www.suse.com/security/cve/CVE-2011-2203.html https://www.suse.com/security/cve/CVE-2011-2213.html https://www.suse.com/security/cve/CVE-2011-2534.html https://www.suse.com/security/cve/CVE-2011-2699.html https://www.suse.com/security/cve/CVE-2011-2723.html https://www.suse.com/security/cve/CVE-2011-2898.html https://www.suse.com/security/cve/CVE-2011-4081.html https://www.suse.com/security/cve/CVE-2011-4087.html https://www.suse.com/security/cve/CVE-2011-4604.html https://bugzilla.novell.com/676602 https://bugzilla.novell.com/679059 https://bugzilla.novell.com/681180 https://bugzilla.novell.com/681181 https://bugzilla.novell.com/681184 https://bugzilla.novell.com/681185 https://bugzilla.novell.com/691052 https://bugzilla.novell.com/692498 https://bugzilla.novell.com/699709 https://bugzilla.novell.com/700879 https://bugzilla.novell.com/702037 https://bugzilla.novell.com/707288 https://bugzilla.novell.com/709561 https://bugzilla.novell.com/709764 https://bugzilla.novell.com/710235 https://bugzilla.novell.com/713933 https://bugzilla.novell.com/723999 https://bugzilla.novell.com/726788 https://bugzilla.novell.com/736149


Severity
Announcement ID: openSUSE-SU-2012:0236-1
Rating: important
Affected Products: openSUSE 11.4

Related News

Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered
Open Source Strategies for Enhancing Security in Digital Business Operations
5 - 9 min read
Digital transformation, powered by the principles of open-source security , is vital for businesses looking to excel in today's technology-driven
Microsoft Update Mayhem: Rescuing Linux Dual-Boot Systems from Secure Boot Woes
2 - 4 min read
Microsoft's recent patch, intended to strengthen Secure Boot defenses, has resulted in an unexpected setback for Linux-Windows dual-boot setups

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved