openSUSE: 2014:0677-1 Important: Kernel Security Update
opensuse
May 19, 2014
An update that solves 16 vulnerabilities and has 10 fixes An update that solves 16 vulnerabilities and has 10 fixes An update that solves 16 vulnerabilities and has 10 fixes is now...
Description
The Linux Kernel was updated to fix various security issues and bugs.
Main security issues fixed:
A security issue in the tty layer that was fixed that could be used by
local attackers for code execution (CVE-2014-0196).
Two security issues in the floppy driver were fixed that could be used by
local attackers on machines with the floppy to crash the kernel or
potentially execute code in the kernel (CVE-2014-1737 CVE-2014-1738).
Other security issues and bugs that were fixed:
- netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper
(bnc#860835 CVE-2014-1690).
- net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH
(bnc#866102, CVE-2014-0101).
- n_tty: Fix a n_tty_write crash and code execution when echoing in raw
mode (bnc#871252 bnc#875690 CVE-2014-0196).
- netfilter: nf_ct_sip: support Cisco 7941/7945 IP phones (bnc#873717).
- Update config files: re-enable twofish crypto support Software twofish
...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 12.3:
zypper in -t patch openSUSE-2014-376
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 12.3 (i586 x86_64):
kernel-default-3.7.10-1.32.1
kernel-default-base-3.7.10-1.32.1
kernel-default-base-debuginfo-3.7.10-1.32.1
kernel-default-debuginfo-3.7.10-1.32.1
kernel-default-debugsource-3.7.10-1.32.1
kernel-default-devel-3.7.10-1.32.1
kernel-default-devel-debuginfo-3.7.10-1.32.1
kernel-syms-3.7.10-1.32.1
- openSUSE 12.3 (i686 x86_64):
kernel-debug-3.7.10-1.32.1
kernel-debug-base-3.7.10-1.32.1
kernel-debug-base-debuginfo-3.7.10-1.32.1
kernel-debug-debuginfo-3.7.10-1.32.1
kernel-debug-debugsource-3.7.10-1.32.1
kernel-debug-devel-3.7.10-1.32.1
kernel-debug-devel-debuginfo-3.7.10-1.32.1
kernel-desktop-3.7.10-1.32.1
kernel-desktop-base-3.7.10-1.32.1
kernel-desktop-base-debuginfo-3.7.10-1.32.1
kernel-desktop-debuginfo-3.7.10-1.32.1
kernel-desktop-debugsource-3.7.10-1.32.1
kernel-desktop-devel-3.7.10-1.32.1
kernel-desktop-devel-debuginfo-3.7.10-1.32.1
kernel-ec2-3.7.10-1.32.1
kernel-ec2-base-3.7.10-1.32.1
kernel-ec2-base-debuginfo-3.7.10-1.32.1
kernel-ec2-debuginfo-3.7.10-1.32.1
kernel-ec2-debugsource-...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2013-4254.html
https://www.suse.com/security/cve/CVE-2013-4579.html
https://www.suse.com/security/cve/CVE-2013-6885.html
https://www.suse.com/security/cve/CVE-2014-0101.html
https://www.suse.com/security/cve/CVE-2014-0196.html
https://www.suse.com/security/cve/CVE-2014-0691.html
https://www.suse.com/security/cve/CVE-2014-1438.html
https://www.suse.com/security/cve/CVE-2014-1444.html
https://www.suse.com/security/cve/CVE-2014-1445.html
https://www.suse.com/security/cve/CVE-2014-1446.html
https://www.suse.com/security/cve/CVE-2014-1690.html
https://www.suse.com/security/cve/CVE-2014-1737.html
https://www.suse.com/security/cve/CVE-2014-1738.html
https://www.suse.com/security/cve/CVE-2014-1874.html
https://www.suse.com/security/cve/CVE-2014-2523.html
https://www.suse.com/security/cve/CVE-2014-2672.html
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2014:0677-1
Rating: important
Affected Products:
openSUSE 12.3
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!