openSUSE 12.3: SUSE: 2014:1669-1 important: Kernel Security Update
opensuse
December 19, 2014
An update that solves 22 vulnerabilities and has 5 fixes is now available.
Description
The openSUSE 12.3 kernel was updated to fix security issues:
This will be the final kernel update for openSUSE 13.2 during its
lifetime, which ends January 4th 2015.
CVE-2014-9322: A local privilege escalation in the x86_64 32bit
compatibility signal handling was fixed, which could be used by local
attackers to crash the machine or execute code.
CVE-2014-9090: The do_double_fault function in arch/x86/kernel/traps.c in
the Linux kernel did not properly handle faults associated with the Stack
Segment (SS) segment register, which allowed local users to cause a denial
of service (panic) via a modify_ldt system call, as demonstrated by
sigreturn_32 in the linux-clock-tests test suite.
CVE-2014-8133: Insufficient validation of TLS register usage could leak
information from the kernel stack to userspace.
CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel on 32-bit
x86 platforms, when syscall auditing is enabled and the sep CPU...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 12.3:
zypper in -t patch openSUSE-2014-791
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 12.3 (i586 x86_64):
kernel-default-3.7.10-1.45.1
kernel-default-base-3.7.10-1.45.1
kernel-default-base-debuginfo-3.7.10-1.45.1
kernel-default-debuginfo-3.7.10-1.45.1
kernel-default-debugsource-3.7.10-1.45.1
kernel-default-devel-3.7.10-1.45.1
kernel-default-devel-debuginfo-3.7.10-1.45.1
kernel-syms-3.7.10-1.45.1
- openSUSE 12.3 (i686 x86_64):
kernel-debug-3.7.10-1.45.1
kernel-debug-base-3.7.10-1.45.1
kernel-debug-base-debuginfo-3.7.10-1.45.1
kernel-debug-debuginfo-3.7.10-1.45.1
kernel-debug-debugsource-3.7.10-1.45.1
kernel-debug-devel-3.7.10-1.45.1
kernel-debug-devel-debuginfo-3.7.10-1.45.1
kernel-desktop-3.7.10-1.45.1
kernel-desktop-base-3.7.10-1.45.1
kernel-desktop-base-debuginfo-3.7.10-1.45.1
kernel-desktop-debuginfo-3.7.10-1.45.1
kernel-desktop-debugsource-3.7.10-1.45.1
kernel-desktop-devel-3.7.10-1.45.1
kernel-desktop-devel-debuginfo-3.7.10-1.45.1
kernel-ec2-3.7.10-1.45.1
kernel-ec2-base-3.7.10-1.45.1
kernel-ec2-base-debuginfo-3.7.10-1.45.1
kernel-ec2-debuginfo-3.7.10-1.45.1
kernel-ec2-debugsource-...
Read the Full AdvisoryReferences
https://www.suse.com/security/cve/CVE-2013-2889.html
https://www.suse.com/security/cve/CVE-2013-2891.html
https://www.suse.com/security/cve/CVE-2014-3181.html
https://www.suse.com/security/cve/CVE-2014-3182.html
https://www.suse.com/security/cve/CVE-2014-3184.html
https://www.suse.com/security/cve/CVE-2014-3185.html
https://www.suse.com/security/cve/CVE-2014-3186.html
https://www.suse.com/security/cve/CVE-2014-4171.html
https://www.suse.com/security/cve/CVE-2014-4508.html
https://www.suse.com/security/cve/CVE-2014-4608.html
https://www.suse.com/security/cve/CVE-2014-4943.html
https://www.suse.com/security/cve/CVE-2014-5077.html
https://www.suse.com/security/cve/CVE-2014-5471.html
https://www.suse.com/security/cve/CVE-2014-5472.html
https://www.suse.com/security/cve/CVE-2014-6410.html
https://www.suse.com/security/cve/CVE-2014-7826.html
https://www.suse.com/security/cve/CVE-2014-7841.html
https://www.suse.com/security/cve/CVE-2014-8133.html
https://www.suse.com/security/cve/CVE-2014-8709.html
https://www....
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2014:1669-1
Rating: important
Affected Products:
openSUSE 12.3
le.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!