openSUSE Security Update: kernel: security and bugfix update
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2014:0677-1
Rating:             important
References:         #733022 #811746 #833968 #837111 #851426 #852652 
                    #852967 #858233 #858638 #858869 #858870 #858872 
                    #860835 #862145 #863335 #864025 #866102 #868653 
                    #869414 #869898 #871148 #871252 #871325 #873717 
                    #875690 #875798 
Cross-References:   CVE-2013-4254 CVE-2013-4579 CVE-2013-6885
                    CVE-2014-0101 CVE-2014-0196 CVE-2014-0691
                    CVE-2014-1438 CVE-2014-1444 CVE-2014-1445
                    CVE-2014-1446 CVE-2014-1690 CVE-2014-1737
                    CVE-2014-1738 CVE-2014-1874 CVE-2014-2523
                    CVE-2014-2672
Affected Products:
                    openSUSE 12.3
______________________________________________________________________________

   An update that solves 16 vulnerabilities and has 10 fixes
   is now available.

Description:


   The Linux Kernel was updated to fix various security issues and bugs.

   Main security issues fixed:

   A security issue in the tty layer that was fixed that could be used by
   local attackers for code execution (CVE-2014-0196).

   Two security issues in the floppy driver were fixed that could be used by
   local attackers on machines with the floppy to crash the kernel or
   potentially execute code in the kernel (CVE-2014-1737 CVE-2014-1738).

   Other security issues and bugs that were fixed:
   - netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper
   (bnc#860835 CVE-2014-1690).

   - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH
   (bnc#866102, CVE-2014-0101).

   - n_tty: Fix a n_tty_write crash and code execution when echoing in raw
   mode (bnc#871252 bnc#875690 CVE-2014-0196).

   - netfilter: nf_ct_sip: support Cisco 7941/7945 IP phones (bnc#873717).

   - Update config files: re-enable twofish crypto support Software twofish
   crypto support was disabled in several architectures since openSUSE
   10.3. For i386 and x86_64 it was on purpose, because
   hardware-accelerated alternatives exist. However for all other
   architectures it was by accident. Re-enable software twofish crypto
   support in arm, ia64 and ppc configuration files, to guarantee that at
   least one implementation is always available (bnc#871325).

   - Update config files: disable CONFIG_TOUCHSCREEN_W90X900 The w90p910_ts
   driver only makes sense on the W90x900 architecture, which we do not
   support.

   - ath9k: protect tid->sched check (bnc#871148,CVE-2014-2672).

   - Fix dst_neigh_lookup/dst_neigh_lookup_skb return value handling bug
   (bnc#869898).

   - SELinux:  Fix kernel BUG on empty security contexts
   (bnc#863335,CVE-2014-1874).

   - hamradio/yam: fix info leak in ioctl (bnc#858872, CVE-2014-1446).

   - wanxl: fix info leak in ioctl (bnc#858870, CVE-2014-1445).

   - farsync: fix info leak in ioctl (bnc#858869, CVE-2014-1444).

   - ARM: 7809/1: perf: fix event validation for software group leaders   (CVE-2013-4254, bnc#837111).

   - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages
   (bnc#868653, CVE-2014-2523).

   - ath9k_htc: properly set MAC address and BSSID mask (bnc#851426,
   CVE-2013-4579).

   - drm/ttm: don't oops if no invalidate_caches() (bnc#869414).

   - Apply missing patches.fixes/drm-nouveau-hwmon-rename-fan0-to-fan1.patch

   - xfs: growfs: use uncached buffers for new headers (bnc#858233).

   - xfs: use btree block initialisation functions in growfs (bnc#858233).

   - Revert "Delete
   patches.fixes/xfs-fix-xfs_buf_find-oops-on-blocks-beyond-the-filesystem-end
   ." (bnc#858233) Put back again the patch
   patches.fixes/xfs-fix-xfs_buf_find-oops-on-blocks-beyond-the-filesystem-end
   back as there is a better fix than reverting the affecting patch.

   - Delete
   patches.fixes/xfs-fix-xfs_buf_find-oops-on-blocks-beyond-the-filesystem-end
   . It turned out that this patch causes regressions (bnc#858233) The
   upstream 3.7.x also reverted it in the end (commit c3793e0d94af2).

   - tcp: syncookies: reduce cookie lifetime to 128 seconds (bnc#833968).
   - tcp: syncookies: reduce mss table to four values (bnc#833968).

   - x86, cpu, amd: Add workaround for family 16h, erratum 793 (bnc#852967
   CVE-2013-6885).

   - cifs: ensure that uncached writes handle unmapped areas correctly
   (bnc#864025 CVE-2014-0691).

   - x86, fpu, amd: Clear exceptions in AMD FXSAVE workaround (bnc#858638
   CVE-2014-1438).

   - xencons: generalize use of add_preferred_console() (bnc#733022,
   bnc#852652).
   - balloon: don't crash in HVM-with-PoD guests.
   - hwmon: (coretemp) Fix truncated name of alarm attributes.

   - NFS: Avoid PUTROOTFH when managing leases (bnc#811746).

   - cifs: delay super block destruction until all cifsFileInfo objects are
   gone (bnc#862145).


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 12.3:

      zypper in -t patch openSUSE-2014-376

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 12.3 (i586 x86_64):

      kernel-default-3.7.10-1.32.1
      kernel-default-base-3.7.10-1.32.1
      kernel-default-base-debuginfo-3.7.10-1.32.1
      kernel-default-debuginfo-3.7.10-1.32.1
      kernel-default-debugsource-3.7.10-1.32.1
      kernel-default-devel-3.7.10-1.32.1
      kernel-default-devel-debuginfo-3.7.10-1.32.1
      kernel-syms-3.7.10-1.32.1

   - openSUSE 12.3 (i686 x86_64):

      kernel-debug-3.7.10-1.32.1
      kernel-debug-base-3.7.10-1.32.1
      kernel-debug-base-debuginfo-3.7.10-1.32.1
      kernel-debug-debuginfo-3.7.10-1.32.1
      kernel-debug-debugsource-3.7.10-1.32.1
      kernel-debug-devel-3.7.10-1.32.1
      kernel-debug-devel-debuginfo-3.7.10-1.32.1
      kernel-desktop-3.7.10-1.32.1
      kernel-desktop-base-3.7.10-1.32.1
      kernel-desktop-base-debuginfo-3.7.10-1.32.1
      kernel-desktop-debuginfo-3.7.10-1.32.1
      kernel-desktop-debugsource-3.7.10-1.32.1
      kernel-desktop-devel-3.7.10-1.32.1
      kernel-desktop-devel-debuginfo-3.7.10-1.32.1
      kernel-ec2-3.7.10-1.32.1
      kernel-ec2-base-3.7.10-1.32.1
      kernel-ec2-base-debuginfo-3.7.10-1.32.1
      kernel-ec2-debuginfo-3.7.10-1.32.1
      kernel-ec2-debugsource-3.7.10-1.32.1
      kernel-ec2-devel-3.7.10-1.32.1
      kernel-ec2-devel-debuginfo-3.7.10-1.32.1
      kernel-trace-3.7.10-1.32.1
      kernel-trace-base-3.7.10-1.32.1
      kernel-trace-base-debuginfo-3.7.10-1.32.1
      kernel-trace-debuginfo-3.7.10-1.32.1
      kernel-trace-debugsource-3.7.10-1.32.1
      kernel-trace-devel-3.7.10-1.32.1
      kernel-trace-devel-debuginfo-3.7.10-1.32.1
      kernel-vanilla-3.7.10-1.32.1
      kernel-vanilla-debuginfo-3.7.10-1.32.1
      kernel-vanilla-debugsource-3.7.10-1.32.1
      kernel-vanilla-devel-3.7.10-1.32.1
      kernel-vanilla-devel-debuginfo-3.7.10-1.32.1
      kernel-xen-3.7.10-1.32.1
      kernel-xen-base-3.7.10-1.32.1
      kernel-xen-base-debuginfo-3.7.10-1.32.1
      kernel-xen-debuginfo-3.7.10-1.32.1
      kernel-xen-debugsource-3.7.10-1.32.1
      kernel-xen-devel-3.7.10-1.32.1
      kernel-xen-devel-debuginfo-3.7.10-1.32.1

   - openSUSE 12.3 (noarch):

      kernel-devel-3.7.10-1.32.1
      kernel-docs-3.7.10-1.32.2
      kernel-source-3.7.10-1.32.1
      kernel-source-vanilla-3.7.10-1.32.1

   - openSUSE 12.3 (i686):

      kernel-pae-3.7.10-1.32.1
      kernel-pae-base-3.7.10-1.32.1
      kernel-pae-base-debuginfo-3.7.10-1.32.1
      kernel-pae-debuginfo-3.7.10-1.32.1
      kernel-pae-debugsource-3.7.10-1.32.1
      kernel-pae-devel-3.7.10-1.32.1
      kernel-pae-devel-debuginfo-3.7.10-1.32.1


References:

   https://www.suse.com/security/cve/CVE-2013-4254.html
   https://www.suse.com/security/cve/CVE-2013-4579.html
   https://www.suse.com/security/cve/CVE-2013-6885.html
   https://www.suse.com/security/cve/CVE-2014-0101.html
   https://www.suse.com/security/cve/CVE-2014-0196.html
   https://www.suse.com/security/cve/CVE-2014-0691.html
   https://www.suse.com/security/cve/CVE-2014-1438.html
   https://www.suse.com/security/cve/CVE-2014-1444.html
   https://www.suse.com/security/cve/CVE-2014-1445.html
   https://www.suse.com/security/cve/CVE-2014-1446.html
   https://www.suse.com/security/cve/CVE-2014-1690.html
   https://www.suse.com/security/cve/CVE-2014-1737.html
   https://www.suse.com/security/cve/CVE-2014-1738.html
   https://www.suse.com/security/cve/CVE-2014-1874.html
   https://www.suse.com/security/cve/CVE-2014-2523.html
   https://www.suse.com/security/cve/CVE-2014-2672.html
   https://bugzilla.novell.com/733022
   https://bugzilla.novell.com/811746
   https://bugzilla.novell.com/833968
   https://bugzilla.novell.com/837111
   https://bugzilla.novell.com/851426
   https://bugzilla.novell.com/852652
   https://bugzilla.novell.com/852967
   https://bugzilla.novell.com/858233
   https://bugzilla.novell.com/858638
   https://bugzilla.novell.com/858869
   https://bugzilla.novell.com/858870
   https://bugzilla.novell.com/858872
   https://bugzilla.novell.com/860835
   https://bugzilla.novell.com/862145
   https://bugzilla.novell.com/863335
   https://bugzilla.novell.com/864025
   https://bugzilla.novell.com/866102
   https://bugzilla.novell.com/868653
   https://bugzilla.novell.com/869414
   https://bugzilla.novell.com/869898
   https://bugzilla.novell.com/871148
   https://bugzilla.novell.com/871252
   https://bugzilla.novell.com/871325
   https://bugzilla.novell.com/873717
   https://bugzilla.novell.com/875690
   https://bugzilla.novell.com/875798

openSUSE: 2014:0677-1: important: kernel

May 19, 2014
An update that solves 16 vulnerabilities and has 10 fixes An update that solves 16 vulnerabilities and has 10 fixes An update that solves 16 vulnerabilities and has 10 fixes is now...

Description

The Linux Kernel was updated to fix various security issues and bugs. Main security issues fixed: A security issue in the tty layer that was fixed that could be used by local attackers for code execution (CVE-2014-0196). Two security issues in the floppy driver were fixed that could be used by local attackers on machines with the floppy to crash the kernel or potentially execute code in the kernel (CVE-2014-1737 CVE-2014-1738). Other security issues and bugs that were fixed: - netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper (bnc#860835 CVE-2014-1690). - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH (bnc#866102, CVE-2014-0101). - n_tty: Fix a n_tty_write crash and code execution when echoing in raw mode (bnc#871252 bnc#875690 CVE-2014-0196). - netfilter: nf_ct_sip: support Cisco 7941/7945 IP phones (bnc#873717). - Update config files: re-enable twofish crypto support Software twofish crypto support was disabled in several architectures since openSUSE 10.3. For i386 and x86_64 it was on purpose, because hardware-accelerated alternatives exist. However for all other architectures it was by accident. Re-enable software twofish crypto support in arm, ia64 and ppc configuration files, to guarantee that at least one implementation is always available (bnc#871325). - Update config files: disable CONFIG_TOUCHSCREEN_W90X900 The w90p910_ts driver only makes sense on the W90x900 architecture, which we do not support. - ath9k: protect tid->sched check (bnc#871148,CVE-2014-2672). - Fix dst_neigh_lookup/dst_neigh_lookup_skb return value handling bug (bnc#869898). - SELinux: Fix kernel BUG on empty security contexts (bnc#863335,CVE-2014-1874). - hamradio/yam: fix info leak in ioctl (bnc#858872, CVE-2014-1446). - wanxl: fix info leak in ioctl (bnc#858870, CVE-2014-1445). - farsync: fix info leak in ioctl (bnc#858869, CVE-2014-1444). - ARM: 7809/1: perf: fix event validation for software group leaders (CVE-2013-4254, bnc#837111). - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (bnc#868653, CVE-2014-2523). - ath9k_htc: properly set MAC address and BSSID mask (bnc#851426, CVE-2013-4579). - drm/ttm: don't oops if no invalidate_caches() (bnc#869414). - Apply missing patches.fixes/drm-nouveau-hwmon-rename-fan0-to-fan1.patch - xfs: growfs: use uncached buffers for new headers (bnc#858233). - xfs: use btree block initialisation functions in growfs (bnc#858233). - Revert "Delete patches.fixes/xfs-fix-xfs_buf_find-oops-on-blocks-beyond-the-filesystem-end ." (bnc#858233) Put back again the patch patches.fixes/xfs-fix-xfs_buf_find-oops-on-blocks-beyond-the-filesystem-end back as there is a better fix than reverting the affecting patch. - Delete patches.fixes/xfs-fix-xfs_buf_find-oops-on-blocks-beyond-the-filesystem-end . It turned out that this patch causes regressions (bnc#858233) The upstream 3.7.x also reverted it in the end (commit c3793e0d94af2). - tcp: syncookies: reduce cookie lifetime to 128 seconds (bnc#833968). - tcp: syncookies: reduce mss table to four values (bnc#833968). - x86, cpu, amd: Add workaround for family 16h, erratum 793 (bnc#852967 CVE-2013-6885). - cifs: ensure that uncached writes handle unmapped areas correctly (bnc#864025 CVE-2014-0691). - x86, fpu, amd: Clear exceptions in AMD FXSAVE workaround (bnc#858638 CVE-2014-1438). - xencons: generalize use of add_preferred_console() (bnc#733022, bnc#852652). - balloon: don't crash in HVM-with-PoD guests. - hwmon: (coretemp) Fix truncated name of alarm attributes. - NFS: Avoid PUTROOTFH when managing leases (bnc#811746). - cifs: delay super block destruction until all cifsFileInfo objects are gone (bnc#862145).

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.3: zypper in -t patch openSUSE-2014-376 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE 12.3 (i586 x86_64): kernel-default-3.7.10-1.32.1 kernel-default-base-3.7.10-1.32.1 kernel-default-base-debuginfo-3.7.10-1.32.1 kernel-default-debuginfo-3.7.10-1.32.1 kernel-default-debugsource-3.7.10-1.32.1 kernel-default-devel-3.7.10-1.32.1 kernel-default-devel-debuginfo-3.7.10-1.32.1 kernel-syms-3.7.10-1.32.1 - openSUSE 12.3 (i686 x86_64): kernel-debug-3.7.10-1.32.1 kernel-debug-base-3.7.10-1.32.1 kernel-debug-base-debuginfo-3.7.10-1.32.1 kernel-debug-debuginfo-3.7.10-1.32.1 kernel-debug-debugsource-3.7.10-1.32.1 kernel-debug-devel-3.7.10-1.32.1 kernel-debug-devel-debuginfo-3.7.10-1.32.1 kernel-desktop-3.7.10-1.32.1 kernel-desktop-base-3.7.10-1.32.1 kernel-desktop-base-debuginfo-3.7.10-1.32.1 kernel-desktop-debuginfo-3.7.10-1.32.1 kernel-desktop-debugsource-3.7.10-1.32.1 kernel-desktop-devel-3.7.10-1.32.1 kernel-desktop-devel-debuginfo-3.7.10-1.32.1 kernel-ec2-3.7.10-1.32.1 kernel-ec2-base-3.7.10-1.32.1 kernel-ec2-base-debuginfo-3.7.10-1.32.1 kernel-ec2-debuginfo-3.7.10-1.32.1 kernel-ec2-debugsource-3.7.10-1.32.1 kernel-ec2-devel-3.7.10-1.32.1 kernel-ec2-devel-debuginfo-3.7.10-1.32.1 kernel-trace-3.7.10-1.32.1 kernel-trace-base-3.7.10-1.32.1 kernel-trace-base-debuginfo-3.7.10-1.32.1 kernel-trace-debuginfo-3.7.10-1.32.1 kernel-trace-debugsource-3.7.10-1.32.1 kernel-trace-devel-3.7.10-1.32.1 kernel-trace-devel-debuginfo-3.7.10-1.32.1 kernel-vanilla-3.7.10-1.32.1 kernel-vanilla-debuginfo-3.7.10-1.32.1 kernel-vanilla-debugsource-3.7.10-1.32.1 kernel-vanilla-devel-3.7.10-1.32.1 kernel-vanilla-devel-debuginfo-3.7.10-1.32.1 kernel-xen-3.7.10-1.32.1 kernel-xen-base-3.7.10-1.32.1 kernel-xen-base-debuginfo-3.7.10-1.32.1 kernel-xen-debuginfo-3.7.10-1.32.1 kernel-xen-debugsource-3.7.10-1.32.1 kernel-xen-devel-3.7.10-1.32.1 kernel-xen-devel-debuginfo-3.7.10-1.32.1 - openSUSE 12.3 (noarch): kernel-devel-3.7.10-1.32.1 kernel-docs-3.7.10-1.32.2 kernel-source-3.7.10-1.32.1 kernel-source-vanilla-3.7.10-1.32.1 - openSUSE 12.3 (i686): kernel-pae-3.7.10-1.32.1 kernel-pae-base-3.7.10-1.32.1 kernel-pae-base-debuginfo-3.7.10-1.32.1 kernel-pae-debuginfo-3.7.10-1.32.1 kernel-pae-debugsource-3.7.10-1.32.1 kernel-pae-devel-3.7.10-1.32.1 kernel-pae-devel-debuginfo-3.7.10-1.32.1


References

https://www.suse.com/security/cve/CVE-2013-4254.html https://www.suse.com/security/cve/CVE-2013-4579.html https://www.suse.com/security/cve/CVE-2013-6885.html https://www.suse.com/security/cve/CVE-2014-0101.html https://www.suse.com/security/cve/CVE-2014-0196.html https://www.suse.com/security/cve/CVE-2014-0691.html https://www.suse.com/security/cve/CVE-2014-1438.html https://www.suse.com/security/cve/CVE-2014-1444.html https://www.suse.com/security/cve/CVE-2014-1445.html https://www.suse.com/security/cve/CVE-2014-1446.html https://www.suse.com/security/cve/CVE-2014-1690.html https://www.suse.com/security/cve/CVE-2014-1737.html https://www.suse.com/security/cve/CVE-2014-1738.html https://www.suse.com/security/cve/CVE-2014-1874.html https://www.suse.com/security/cve/CVE-2014-2523.html https://www.suse.com/security/cve/CVE-2014-2672.html https://bugzilla.novell.com/733022 https://bugzilla.novell.com/811746 https://bugzilla.novell.com/833968 https://bugzilla.novell.com/837111 https://bugzilla.novell.com/851426 https://bugzilla.novell.com/852652 https://bugzilla.novell.com/852967 https://bugzilla.novell.com/858233 https://bugzilla.novell.com/858638 https://bugzilla.novell.com/858869 https://bugzilla.novell.com/858870 https://bugzilla.novell.com/858872 https://bugzilla.novell.com/860835 https://bugzilla.novell.com/862145 https://bugzilla.novell.com/863335 https://bugzilla.novell.com/864025 https://bugzilla.novell.com/866102 https://bugzilla.novell.com/868653 https://bugzilla.novell.com/869414 https://bugzilla.novell.com/869898 https://bugzilla.novell.com/871148 https://bugzilla.novell.com/871252 https://bugzilla.novell.com/871325 https://bugzilla.novell.com/873717 https://bugzilla.novell.com/875690 https://bugzilla.novell.com/875798


Severity
Announcement ID: openSUSE-SU-2014:0677-1
Rating: important
Affected Products: openSUSE 12.3

Related News

Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered
Open Source Strategies for Enhancing Security in Digital Business Operations
5 - 9 min read
Digital transformation, powered by the principles of open-source security , is vital for businesses looking to excel in today's technology-driven
Microsoft Update Mayhem: Rescuing Linux Dual-Boot Systems from Secure Boot Woes
2 - 4 min read
Microsoft's recent patch, intended to strengthen Secure Boot defenses, has resulted in an unexpected setback for Linux-Windows dual-boot setups

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved