openSUSE 12.1: 2013:0396-1 Important: Kernel Denial Of Service Issues
opensuse
March 5, 2013
An update that solves 10 vulnerabilities and has 25 fixes An update that solves 10 vulnerabilities and has 25 fixes An update that solves 10 vulnerabilities and has 25 fixes is now...
Description
The Linux kernel was updated to fix various bugs and
security issues:
CVE-2013-0871: Race condition in the ptrace functionality
in the Linux kernel allowed local users to gain privileges
via a PTRACE_SETREGS ptrace system call in a crafted
application, as demonstrated by ptrace_death.
CVE-2013-0160: Avoid a side channel attack on /dev/ptmx
(keyboard input timing).
CVE-2012-5374: Fixed a local denial of service in the BTRFS
hashing code.
CVE-2013-0309: arch/x86/include/asm/pgtable.h in the Linux
kernel, when transparent huge pages are used, does not
properly support PROT_NONE memory regions, which allows
local users to cause a denial of service (system crash) via
a crafted application.
CVE-2013-0268: The msr_open function in
arch/x86/kernel/msr.c in the Linux kernel allowed local
users to bypass intended capability restrictions by
executing a crafted application as root, as demonstrated by
msr32.c.
CVE-2012-0957:...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 12.1:
zypper in -t patch openSUSE-2013-176
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 12.1 (i586 x86_64):
kernel-debug-3.1.10-1.19.1
kernel-debug-base-3.1.10-1.19.1
kernel-debug-base-debuginfo-3.1.10-1.19.1
kernel-debug-debuginfo-3.1.10-1.19.1
kernel-debug-debugsource-3.1.10-1.19.1
kernel-debug-devel-3.1.10-1.19.1
kernel-debug-devel-debuginfo-3.1.10-1.19.1
kernel-default-3.1.10-1.19.1
kernel-default-base-3.1.10-1.19.1
kernel-default-base-debuginfo-3.1.10-1.19.1
kernel-default-debuginfo-3.1.10-1.19.1
kernel-default-debugsource-3.1.10-1.19.1
kernel-default-devel-3.1.10-1.19.1
kernel-default-devel-debuginfo-3.1.10-1.19.1
kernel-desktop-3.1.10-1.19.1
kernel-desktop-base-3.1.10-1.19.1
kernel-desktop-base-debuginfo-3.1.10-1.19.1
kernel-desktop-debuginfo-3.1.10-1.19.1
kernel-desktop-debugsource-3.1.10-1.19.1
kernel-desktop-devel-3.1.10-1.19.1
kernel-desktop-devel-debuginfo-3.1.10-1.19.1
kernel-ec2-3.1.10-1.19.1
kernel-ec2-base-3.1.10-1.19.1
kernel-ec2-base-debuginfo-3.1.10-1.19.1
kernel-ec2-debuginfo-3.1.10-1.19.1
kernel-ec2-debugsource-3.1.10-1.19.1
kernel-ec2-devel-3.1.10-1.19.1
kernel-ec2-d...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2012-0957.html
https://www.suse.com/security/cve/CVE-2012-2745.html
https://www.suse.com/security/cve/CVE-2012-3412.html
https://www.suse.com/security/cve/CVE-2012-4530.html
https://www.suse.com/security/cve/CVE-2013-0160.html
https://www.suse.com/security/cve/CVE-2013-0216.html
https://www.suse.com/security/cve/CVE-2013-0231.html
https://www.suse.com/security/cve/CVE-2013-0268.html
https://www.suse.com/security/cve/CVE-2013-0309.html
https://www.suse.com/security/cve/CVE-2013-0871.html
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2013:0396-1
Rating: important
Affected Products:
openSUSE 12.1
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!