Alerts This Week
Warning Icon 1 664
Alerts This Week
Warning Icon 1 664

openSUSE 12.2: 2013:1042-1 Critical: Kernel Security Fix Issues

opensuse
Calendar Grey June 19, 2013
Dist Opensuse Esm H88
Fedora kernel enhancement resolves significant vulnerabilities and implements various improvements. Ensure your system's safety by applying this crucial update!
An update that solves three vulnerabilities and has 5 fixes is now available.

Description

The openSUSE 12.2 kernel was updated to fix security issue

and other bugs.

Security issues fixed: CVE-2013-2850: Incorrect strncpy

usage in the network listening part of the iscsi target

driver could have been used by remote attackers to crash

the kernel or execute code.

This required the iscsi target running on the machine and

the attacker able to make a network connection to it (aka

not filtered by firewalls).

CVE-2013-2094: The perf_swevent_init function in

kernel/events/core.c in the Linux kernel used an incorrect

integer data type, which allowed local users to gain

privileges via a crafted perf_event_open system call.

CVE-2013-0290: The __skb_recv_datagram function in

net/core/datagram.c in the Linux kernel did not properly

handle the MSG_PEEK flag with zero-length data, which

allowed local users to cause a denial of service (infinite

loop and system hang) via a crafted application.

Bugs fixed:

- reiserfs: fix...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service critical patch kernel fix system update bug fixes openSUSE

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 12.2:

zypper in -t patch openSUSE-2013-512

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 12.2 (i586 x86_64):

kernel-default-3.4.47-2.38.1

kernel-default-base-3.4.47-2.38.1

kernel-default-base-debuginfo-3.4.47-2.38.1

kernel-default-debuginfo-3.4.47-2.38.1

kernel-default-debugsource-3.4.47-2.38.1

kernel-default-devel-3.4.47-2.38.1

kernel-default-devel-debuginfo-3.4.47-2.38.1

kernel-syms-3.4.47-2.38.1

- openSUSE 12.2 (i686 x86_64):

kernel-debug-3.4.47-2.38.1

kernel-debug-base-3.4.47-2.38.1

kernel-debug-base-debuginfo-3.4.47-2.38.1

kernel-debug-debuginfo-3.4.47-2.38.1

kernel-debug-debugsource-3.4.47-2.38.1

kernel-debug-devel-3.4.47-2.38.1

kernel-debug-devel-debuginfo-3.4.47-2.38.1

kernel-desktop-3.4.47-2.38.1

kernel-desktop-base-3.4.47-2.38.1

kernel-desktop-base-debuginfo-3.4.47-2.38.1

kernel-desktop-debuginfo-3.4.47-2.38.1

kernel-desktop-debugsource-3.4.47-2.38.1

kernel-desktop-devel-3.4.47-2.38.1

kernel-desktop-devel-debuginfo-3.4.47-2.38.1

kernel-ec2-3.4.47-2.38.1

kernel-ec2-base-3.4.47-2.38.1

kernel-ec2-base-debuginfo-3.4.47-2.38.1

kernel-ec2-debuginfo-3.4.47-2.38.1

kernel-ec2-debugsource-...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2013-0290.html

https://www.suse.com/security/cve/CVE-2013-2094.html

https://www.suse.com/security/cve/CVE-2013-2850.html

--

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2013:1042-1
Rating: critical
Affected Products: openSUSE 12.2 le.

Topics%20covered

Topics Covered

security advisory denial of service critical patch kernel fix system update bug fixes openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here