openSUSE Security Update: kernel: security and bugfix update
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2013:0951-1
Rating:             critical
References:         #803931 #813889 #815745 #818327 #818497 #819519 
                    #819789 #820048 
Cross-References:   CVE-2013-0290 CVE-2013-2094
Affected Products:
                    openSUSE 12.3
______________________________________________________________________________

   An update that solves two vulnerabilities and has 6 fixes
   is now available.

Description:


   The openSUSE 12.3 kernel was updated to fix a critical
   security issue, other security issues and several bugs.

   Security issues fixed: CVE-2013-2094: The perf_swevent_init
   function in kernel/events/core.c in the Linux kernel used
   an incorrect integer data type, which allowed local users   to gain privileges via a crafted perf_event_open system
   call.

   CVE-2013-0290: The __skb_recv_datagram function in
   net/core/datagram.c in the Linux kernel did not properly
   handle the MSG_PEEK flag with zero-length data, which
   allowed local users to cause a denial of service (infinite
   loop and system hang) via a crafted application.

   Bugs fixed:
   - qlge: fix dma map leak when the last chunk is not
   allocated (bnc#819519).

   - ACPI / thermal: do not always return
   THERMAL_TREND_RAISING for active trip points (bnc#820048).

   - perf: Treat attr.config as u64 in perf_swevent_init()
   (bnc#819789, CVE-2013-2094).

   - cxgb4: fix error recovery when t4_fw_hello returns a
   positive value (bnc#818497).

   - kabi/severities: Ignore drivers/mfd/ucb1400_core It
   provides internal exports to UCB1400 drivers, that we
   have just disabled.

   - Fix -devel package for armv7hl armv7hl kernel flavors in
   the non-multiplatform configuration (which is the default
   for our openSUSE 12.3 release), needs more header files
   from the machine specific directories to be included in
   kernel-devel.

   - Update config files: disable UCB1400 on all but ARM
   Currently UCB1400 is only used on ARM OMAP systems, and
   part of the code is dead code that can't even be
   modularized.
   - CONFIG_UCB1400_CORE=n
   - CONFIG_TOUCHSCREEN_UCB1400=n
   - CONFIG_GPIO_UCB1400=n

   - rpm/config.sh: Drop the ARM repository, the KOTD will
   build against the "ports" repository of openSUSE:12.3

   - mm/mmap: check for RLIMIT_AS before unmapping
   (bnc#818327).

   - rpm/kernel-spec-macros: Properly handle KOTD release
   numbers with .g suffix

   - rpm/kernel-spec-macros: Drop the %release_num macro We no
   longer put the -rcX tag into the release string.

   - xen-pciback: notify hypervisor about devices intended to
   be assigned to guests.

   - unix/stream: fix peeking with an offset larger than data
   in queue (bnc#803931 CVE-2013-0290).
   - unix/dgram: fix peeking with an offset larger than data
   in queue (bnc#803931 CVE-2013-0290).
   - unix/dgram: peek beyond 0-sized skbs (bnc#803931
   CVE-2013-0290).
   - net: fix infinite loop in __skb_recv_datagram()
   (bnc#803931 CVE-2013-0290).

   - TTY: fix atime/mtime regression (bnc#815745).

   - md/raid1,raid10: fix deadlock with freeze_array()
   (813889).
   - md: raid1,10: Handle REQ_WRITE_SAME flag in write bios
   (bnc#813889).

   - KMS: fix EDID detailed timing vsync parsing.
   - KMS: fix EDID detailed timing frame rate.

   - Add Netfilter/ebtables support Those modues are needed
   for proper OpenStack support on ARM, and are also enabled
   on x86(_64)


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 12.3:

      zypper in -t patch openSUSE-2013-452

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 12.3 (i586 x86_64):

      kernel-default-3.7.10-1.11.1
      kernel-default-base-3.7.10-1.11.1
      kernel-default-devel-3.7.10-1.11.1
      kernel-syms-3.7.10-1.11.1

   - openSUSE 12.3 (i686 x86_64):

      kernel-debug-3.7.10-1.11.1
      kernel-debug-base-3.7.10-1.11.1
      kernel-debug-devel-3.7.10-1.11.1
      kernel-desktop-3.7.10-1.11.1
      kernel-desktop-base-3.7.10-1.11.1
      kernel-desktop-devel-3.7.10-1.11.1
      kernel-ec2-3.7.10-1.11.1
      kernel-ec2-base-3.7.10-1.11.1
      kernel-ec2-base-debuginfo-3.7.10-1.11.1
      kernel-ec2-debuginfo-3.7.10-1.11.1
      kernel-ec2-debugsource-3.7.10-1.11.1
      kernel-ec2-devel-3.7.10-1.11.1
      kernel-ec2-devel-debuginfo-3.7.10-1.11.1
      kernel-trace-3.7.10-1.11.1
      kernel-trace-base-3.7.10-1.11.1
      kernel-trace-devel-3.7.10-1.11.1
      kernel-vanilla-3.7.10-1.11.1
      kernel-vanilla-devel-3.7.10-1.11.1
      kernel-xen-3.7.10-1.11.1
      kernel-xen-base-3.7.10-1.11.1
      kernel-xen-devel-3.7.10-1.11.1

   - openSUSE 12.3 (noarch):

      kernel-devel-3.7.10-1.11.1
      kernel-docs-3.7.10-1.11.1
      kernel-source-3.7.10-1.11.1
      kernel-source-vanilla-3.7.10-1.11.1

   - openSUSE 12.3 (i686):

      kernel-debug-base-debuginfo-3.7.10-1.11.1
      kernel-debug-debuginfo-3.7.10-1.11.1
      kernel-debug-debugsource-3.7.10-1.11.1
      kernel-debug-devel-debuginfo-3.7.10-1.11.1
      kernel-desktop-base-debuginfo-3.7.10-1.11.1
      kernel-desktop-debuginfo-3.7.10-1.11.1
      kernel-desktop-debugsource-3.7.10-1.11.1
      kernel-desktop-devel-debuginfo-3.7.10-1.11.1
      kernel-pae-3.7.10-1.11.1
      kernel-pae-base-3.7.10-1.11.1
      kernel-pae-base-debuginfo-3.7.10-1.11.1
      kernel-pae-debuginfo-3.7.10-1.11.1
      kernel-pae-debugsource-3.7.10-1.11.1
      kernel-pae-devel-3.7.10-1.11.1
      kernel-pae-devel-debuginfo-3.7.10-1.11.1
      kernel-trace-base-debuginfo-3.7.10-1.11.1
      kernel-trace-debuginfo-3.7.10-1.11.1
      kernel-trace-debugsource-3.7.10-1.11.1
      kernel-trace-devel-debuginfo-3.7.10-1.11.1
      kernel-vanilla-debuginfo-3.7.10-1.11.1
      kernel-vanilla-debugsource-3.7.10-1.11.1
      kernel-vanilla-devel-debuginfo-3.7.10-1.11.1
      kernel-xen-base-debuginfo-3.7.10-1.11.1
      kernel-xen-debuginfo-3.7.10-1.11.1
      kernel-xen-debugsource-3.7.10-1.11.1
      kernel-xen-devel-debuginfo-3.7.10-1.11.1

   - openSUSE 12.3 (i586):

      kernel-default-base-debuginfo-3.7.10-1.11.1
      kernel-default-debuginfo-3.7.10-1.11.1
      kernel-default-debugsource-3.7.10-1.11.1
      kernel-default-devel-debuginfo-3.7.10-1.11.1


References:

   https://www.suse.com/security/cve/CVE-2013-0290.html
   https://www.suse.com/security/cve/CVE-2013-2094.html
   https://bugzilla.novell.com/803931
   https://bugzilla.novell.com/813889
   https://bugzilla.novell.com/815745
   https://bugzilla.novell.com/818327
   https://bugzilla.novell.com/818497
   https://bugzilla.novell.com/819519
   https://bugzilla.novell.com/819789
   https://bugzilla.novell.com/820048

--