openSUSE 11.4 Kernel Update: 2013:1187-1 Critical: Multiple Security Fixes
opensuse
July 12, 2013
An update that solves 13 vulnerabilities and has 35 fixes An update that solves 13 vulnerabilities and has 35 fixes An update that solves 13 vulnerabilities and has 35 fixes is now...
Description
The kernel was updated to Linux kernel 3.0.80, fixing
various bugs and security issues.
Following security issues were fixed: CVE-2013-0160:
Timing side channel on attacks were possible on /dev/ptmx
that could allow local attackers to predict keypresses like
e.g. passwords. This has been fixed again by updating
accessed/modified time on the pty devices in resolution of
8 seconds, so that idle time detection can still work.
CVE-2013-3222: The vcc_recvmsg function in
net/atm/common.c in the Linux kernel did not initialize a
certain length variable, which allowed local users to
obtain sensitive information from kernel stack memory via a
crafted recvmsg or recvfrom system call.
CVE-2013-3223: The ax25_recvmsg function in
net/ax25/af_ax25.c in the Linux kernel did not initialize a
certain data structure, which allowed local users to obtain
sensitive information from kernel stack memory via a
crafted recvmsg or recvfrom system call.
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch 2013-109
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 11.4 (i586 x86_64):
kernel-debug-3.0.80-52.1
kernel-debug-base-3.0.80-52.1
kernel-debug-base-debuginfo-3.0.80-52.1
kernel-debug-debuginfo-3.0.80-52.1
kernel-debug-debugsource-3.0.80-52.1
kernel-debug-devel-3.0.80-52.1
kernel-debug-devel-debuginfo-3.0.80-52.1
kernel-debug-hmac-3.0.80-52.1
kernel-default-3.0.80-52.1
kernel-default-base-3.0.80-52.1
kernel-default-base-debuginfo-3.0.80-52.1
kernel-default-debuginfo-3.0.80-52.1
kernel-default-debugsource-3.0.80-52.1
kernel-default-devel-3.0.80-52.1
kernel-default-devel-debuginfo-3.0.80-52.1
kernel-default-hmac-3.0.80-52.1
kernel-desktop-3.0.80-52.1
kernel-desktop-base-3.0.80-52.1
kernel-desktop-base-debuginfo-3.0.80-52.1
kernel-desktop-debuginfo-3.0.80-52.1
kernel-desktop-debugsource-3.0.80-52.1
kernel-desktop-devel-3.0.80-52.1
kernel-desktop-devel-debuginfo-3.0.80-52.1
kernel-desktop-hmac-3.0.80-52.1
kernel-ec2-3.0.80-52.1
kernel-ec2-base-3.0.80-52.1
kernel-ec2-base-debuginfo-3.0.80-52.1
kernel-ec2-debuginfo-3.0.80-52.1
kernel-ec2-debugsource-3.0.80-52.1
ker...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2012-6548.html
https://www.suse.com/security/cve/CVE-2012-6549.html
https://www.suse.com/security/cve/CVE-2013-0160.html
https://www.suse.com/security/cve/CVE-2013-0268.html
https://www.suse.com/security/cve/CVE-2013-0311.html
https://www.suse.com/security/cve/CVE-2013-0914.html
https://www.suse.com/security/cve/CVE-2013-1772.html
https://www.suse.com/security/cve/CVE-2013-1792.html
https://www.suse.com/security/cve/CVE-2013-1796.html
https://www.suse.com/security/cve/CVE-2013-1797.html
https://www.suse.com/security/cve/CVE-2013-1798.html
https://www.suse.com/security/cve/CVE-2013-2634.html
https://www.suse.com/security/cve/CVE-2013-2635.html
https://login.microfocus.com/nidp/app/login?sid=0
https://login.microfocus.com/nidp/app/login?sid=0
https://login.microfocus.com/nidp/app/login?sid=0
https://login.microfocus.com/nidp/app/login?sid=0
https://login.microfocus.com/nidp/app/login?sid=0
https://login.microfocus.com/nidp/app/login?sid=0
https://login.microfocus.com/n...
Read the Full Advisory
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2013:1187-1
Rating: important
Affected Products:
openSUSE 11.4
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!