SUSE: 2012:1391-1 Important: Kernel Security Issues Resolved

suse

October 24, 2012

An update that solves 6 vulnerabilities and has 20 fixes is An update that solves 6 vulnerabilities and has 20 fixes is An update that solves 6 vulnerabilities and has 20 fixes is ...

Summary

This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed: * CVE-2011-2494: kernel/taskstats.c in the Linux kernel allowed local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another users password (a side channel attack). * CVE-2012-2744: net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel, when the nf_conntrack_ipv6 module is enabled, allowed remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets. * CVE-2012-3510: Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux

Topics Covered

security advisory denial of service kernel system update security issues SUSE Linux

References

#674284 #703156 #734056 #738400 #738528 #747576

#755546 #758985 #760974 #762581 #763526 #765102

#765320 #767277 #767504 #767766 #767939 #769784

#770507 #770697 #772409 #773272 #773831 #776888

#777575 #783058

Cross- CVE-2011-1044 CVE-2011-4110 CVE-2012-2136

CVE-2012-2663 CVE-2012-2744 CVE-2012-3510

Affected Products:

SUSE Linux Enterprise Server 10 SP4

SUSE Linux Enterprise Desktop 10 SP4

SLE SDK 10 SP4

https://www.suse.com/security/cve/CVE-2011-1044.html

https://www.suse.com/security/cve/CVE-2011-4110.html

https://www.suse.com/security/cve/CVE-2012-2136.html

https://www.suse.com/security/cve/CVE-2012-2663.html

https://www.suse.com/security/cve/CVE-2012-2744.html

https://www.suse.com/security/cve/CVE-2012-3510.html

...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2012:1391-1

Rating: important

Topics Covered

security advisory denial of service kernel system update security issues SUSE Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2012:1391-1 Important: Kernel Security Issues Resolved

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2012:1391-1 Important: Kernel Security Issues Resolved

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!