Alerts This Week
Warning Icon 1 905
Alerts This Week
Warning Icon 1 905

openSUSE 12.1: Security Update Important Fixes for Kernel

opensuse
Calendar Grey May 31, 2013
Dist Opensuse Esm H88
The kernel upgrade in openSUSE 12.1 tackles a range of security flaws and important corrections to improve overall system safety.
An update that solves 7 vulnerabilities and has two fixes is now available.

Description

The openSUSE 12.1 kernel was updated to fix a severe

secrutiy issue and various bugs.

Security issues fixed: CVE-2013-2094: The perf_swevent_init

function in kernel/events/core.c in the Linux kernel used

an incorrect integer data type, which allowed local users to gain privileges via a crafted perf_event_open system

call.

CVE-2013-1774: The chase_port function in

drivers/usb/serial/io_ti.c in the Linux kernel allowed

local users to cause a denial of service (NULL pointer

dereference and system crash) via an attempted /dev/ttyUSB

read or write operation on a disconnected Edgeport USB

serial converter.

CVE-2013-1928: The do_video_set_spu_palette function in

fs/compat_ioctl.c in the Linux kernel lacked a certain

error check, which might have allowed local users to obtain

sensitive information from kernel stack memory via a

crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb

device.

CVE-2013-1796: The kvm_set_msr_common...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory kernel update bug fixes critical issues system security important fixes openSUSE

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 12.1:

zypper in -t patch openSUSE-2013-454

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 12.1 (i586 x86_64):

kernel-debug-3.1.10-1.23.1.g8645a72

kernel-debug-base-3.1.10-1.23.1.g8645a72

kernel-debug-base-debuginfo-3.1.10-1.23.1.g8645a72

kernel-debug-debuginfo-3.1.10-1.23.1.g8645a72

kernel-debug-debugsource-3.1.10-1.23.1.g8645a72

kernel-debug-devel-3.1.10-1.23.1.g8645a72

kernel-debug-devel-debuginfo-3.1.10-1.23.1.g8645a72

kernel-default-3.1.10-1.23.1.g8645a72

kernel-default-base-3.1.10-1.23.1.g8645a72

kernel-default-base-debuginfo-3.1.10-1.23.1.g8645a72

kernel-default-debuginfo-3.1.10-1.23.1.g8645a72

kernel-default-debugsource-3.1.10-1.23.1.g8645a72

kernel-default-devel-3.1.10-1.23.1.g8645a72

kernel-default-devel-debuginfo-3.1.10-1.23.1.g8645a72

kernel-desktop-3.1.10-1.23.1.g8645a72

kernel-desktop-base-3.1.10-1.23.1.g8645a72

kernel-desktop-base-debuginfo-3.1.10-1.23.1.g8645a72

kernel-desktop-debuginfo-3.1.10-1.23.1.g8645a72

kernel-desktop-debugsource-3.1.10-1.23.1.g8645a72

kernel-desktop-devel-3.1.10-1.23.1.g8645a72

kernel-desktop-devel-debuginfo-3.1.10-1.23.1.g8645a72

kernel-ec2-3.1....

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2013-0913.html

https://www.suse.com/security/cve/CVE-2013-1767.html

https://www.suse.com/security/cve/CVE-2013-1774.html

https://www.suse.com/security/cve/CVE-2013-1796.html

https://www.suse.com/security/cve/CVE-2013-1797.html

https://www.suse.com/security/cve/CVE-2013-1798.html

https://www.suse.com/security/cve/CVE-2013-2094.html

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2013:0847-1
Rating: important
Affected Products: openSUSE 12.1 le.

Topics%20covered

Topics Covered

security advisory kernel update bug fixes critical issues system security important fixes openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here