SUSE: 2011:0984-3 Important Kernel Update - Fixes 6 Issues

Warning: Undefined array key "advisoryid" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3820775_1edcd913e2b52798c5b9126b8927230e on line 19

   SUSE Security Update: kernel update for SLE11 SP1
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:0984-3
Rating:             important
References:         #225091 #602150 #635880 #649625 #663678 #685226 
                    #692784 #693513 #694315 #699354 #699916 #701355 
                    #703155 #703786 #704361 #704957 #705433 #705903 
                    #706696 #707332 #707644 #708160 #708376 #708730 
                    #710352 #711752 #711941 #712316 #712366 
Cross-References:   CVE-2010-3881 CVE-2011-1776 CVE-2011-2495
                    CVE-2011-2700 CVE-2011-2909 CVE-2011-2918
                   
Affected Products:
                    SLE 11 SERVER Unsupported Extras
______________________________________________________________________________

   An update that solves 6 vulnerabilities and has 23 fixes is
   now available.

Description:

   The SUSE Linux Enterprise 11 Service Pack 1 kernel was
   updated to 2.6.32.45 and fixes various bugs and security
   issues.

   Following security issues were fixed: CVE-2011-1776: Timo
   Warns reported an issue in the Linux implementation for
   GUID partitions. Users with physical access could gain
   access to sensitive kernel memory by adding a storage
   device with a specially crafted corrupted invalid partition
   table.

   CVE-2010-3881: The second part of this fix was not yet
   applied to our kernel: arch/x86/kvm/x86.c in the Linux
   kernel before 2.6.36.2 does not initialize certain
   structure members, which allows local users to obtain
   potentially sensitive information from kernel stack memory
   via read operations on the /dev/kvm device.

   CVE-2011-2495: The /proc/PID/io interface could be used by
   local attackers to gain information on other processes like
   number of password characters typed or similar.

   CVE-2011-2700: A small buffer overflow in the radio driver
   si4713-i2c was fixed that could potentially used by local
   attackers to crash the kernel or potentially execute code.

   CVE-2011-2909: A kernel information leak in the comedi
   driver from kernel to userspace was fixed.

   CVE-2011-2918: In the perf framework software event
   overflows could deadlock or delete an uninitialized timer.


Special Instructions and Notes:

   Please reboot the system after installing this update.


Package List:

   - SLE 11 SERVER Unsupported Extras (s390x):

      kernel-default-extra-2.6.32.45-0.3.1


References:

   https://www.suse.com/security/cve/CVE-2010-3881.html
   https://www.suse.com/security/cve/CVE-2011-1776.html
   https://www.suse.com/security/cve/CVE-2011-2495.html
   https://www.suse.com/security/cve/CVE-2011-2700.html
   https://www.suse.com/security/cve/CVE-2011-2909.html
   https://www.suse.com/security/cve/CVE-2011-2918.html