What Are You Looking For?

Sign Up
   SUSE Security Update: Security update for Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2014:0775-1
Rating:             critical
References:         #880892 
Cross-References:   CVE-2014-3153
Affected Products:
                    SUSE Linux Enterprise Server 11 SP3 for VMware
                    SUSE Linux Enterprise Server 11 SP3
                    SUSE Linux Enterprise High Availability Extension 11 SP3
                    SUSE Linux Enterprise Desktop 11 SP3
                    SLE 11 SERVER Unsupported Extras
______________________________________________________________________________

   An update that fixes one vulnerability is now available. It
   includes one version update.

Description:


   The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix a
   critical privilege escalation security issue:

       * CVE-2014-3153: The futex acquisition code in kernel/futex.c can be
         used to gain ring0 access via the futex syscall. This could be used
         for privilege escalation by non-root users. (bnc#880892)

   Security Issue reference:

       * CVE-2014-3153
         

Indications:

   Everyone using the Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11 SP3 for VMware:

      zypper in -t patch slessp3-kernel-9328 slessp3-kernel-9329

   - SUSE Linux Enterprise Server 11 SP3:

      zypper in -t patch slessp3-kernel-9328 slessp3-kernel-9329 slessp3-kernel-9330 slessp3-kernel-9331 slessp3-kernel-9346

   - SUSE Linux Enterprise High Availability Extension 11 SP3:

      zypper in -t patch slehasp3-kernel-9328 slehasp3-kernel-9329 slehasp3-kernel-9330 slehasp3-kernel-9331 slehasp3-kernel-9346

   - SUSE Linux Enterprise Desktop 11 SP3:

      zypper in -t patch sledsp3-kernel-9328 sledsp3-kernel-9329

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 3.0.101]:

      kernel-default-3.0.101-0.31.1
      kernel-default-base-3.0.101-0.31.1
      kernel-default-devel-3.0.101-0.31.1
      kernel-source-3.0.101-0.31.1
      kernel-syms-3.0.101-0.31.1
      kernel-trace-3.0.101-0.31.1
      kernel-trace-base-3.0.101-0.31.1
      kernel-trace-devel-3.0.101-0.31.1
      kernel-xen-devel-3.0.101-0.31.1

   - SUSE Linux Enterprise Server 11 SP3 for VMware (i586) [New Version: 3.0.101]:

      kernel-pae-3.0.101-0.31.1
      kernel-pae-base-3.0.101-0.31.1
      kernel-pae-devel-3.0.101-0.31.1

   - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.101]:

      kernel-default-3.0.101-0.31.1
      kernel-default-base-3.0.101-0.31.1
      kernel-default-devel-3.0.101-0.31.1
      kernel-source-3.0.101-0.31.1
      kernel-syms-3.0.101-0.31.1
      kernel-trace-3.0.101-0.31.1
      kernel-trace-base-3.0.101-0.31.1
      kernel-trace-devel-3.0.101-0.31.1

   - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64) [New Version: 3.0.101]:

      kernel-ec2-3.0.101-0.31.1
      kernel-ec2-base-3.0.101-0.31.1
      kernel-ec2-devel-3.0.101-0.31.1
      kernel-xen-3.0.101-0.31.1
      kernel-xen-base-3.0.101-0.31.1
      kernel-xen-devel-3.0.101-0.31.1
      xen-kmp-default-4.2.4_02_3.0.101_0.31-0.7.33

   - SUSE Linux Enterprise Server 11 SP3 (s390x) [New Version: 3.0.101]:

      kernel-default-man-3.0.101-0.31.1

   - SUSE Linux Enterprise Server 11 SP3 (ppc64) [New Version: 3.0.101]:

      kernel-ppc64-3.0.101-0.31.1
      kernel-ppc64-base-3.0.101-0.31.1
      kernel-ppc64-devel-3.0.101-0.31.1

   - SUSE Linux Enterprise Server 11 SP3 (i586) [New Version: 3.0.101]:

      kernel-pae-3.0.101-0.31.1
      kernel-pae-base-3.0.101-0.31.1
      kernel-pae-devel-3.0.101-0.31.1
      xen-kmp-pae-4.2.4_02_3.0.101_0.31-0.7.33

   - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64):

      cluster-network-kmp-default-1.4_3.0.101_0.31-2.27.69
      cluster-network-kmp-trace-1.4_3.0.101_0.31-2.27.69
      gfs2-kmp-default-2_3.0.101_0.31-0.16.75
      gfs2-kmp-trace-2_3.0.101_0.31-0.16.75
      ocfs2-kmp-default-1.6_3.0.101_0.31-0.20.69
      ocfs2-kmp-trace-1.6_3.0.101_0.31-0.20.69

   - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 x86_64):

      cluster-network-kmp-xen-1.4_3.0.101_0.31-2.27.69
      gfs2-kmp-xen-2_3.0.101_0.31-0.16.75
      ocfs2-kmp-xen-1.6_3.0.101_0.31-0.20.69

   - SUSE Linux Enterprise High Availability Extension 11 SP3 (ppc64):

      cluster-network-kmp-ppc64-1.4_3.0.101_0.31-2.27.69
      gfs2-kmp-ppc64-2_3.0.101_0.31-0.16.75
      ocfs2-kmp-ppc64-1.6_3.0.101_0.31-0.20.69

   - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586):

      cluster-network-kmp-pae-1.4_3.0.101_0.31-2.27.69
      gfs2-kmp-pae-2_3.0.101_0.31-0.16.75
      ocfs2-kmp-pae-1.6_3.0.101_0.31-0.20.69

   - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 3.0.101]:

      kernel-default-3.0.101-0.31.1
      kernel-default-base-3.0.101-0.31.1
      kernel-default-devel-3.0.101-0.31.1
      kernel-default-extra-3.0.101-0.31.1
      kernel-source-3.0.101-0.31.1
      kernel-syms-3.0.101-0.31.1
      kernel-trace-devel-3.0.101-0.31.1
      kernel-xen-3.0.101-0.31.1
      kernel-xen-base-3.0.101-0.31.1
      kernel-xen-devel-3.0.101-0.31.1
      kernel-xen-extra-3.0.101-0.31.1
      xen-kmp-default-4.2.4_02_3.0.101_0.31-0.7.33

   - SUSE Linux Enterprise Desktop 11 SP3 (i586) [New Version: 3.0.101]:

      kernel-pae-3.0.101-0.31.1
      kernel-pae-base-3.0.101-0.31.1
      kernel-pae-devel-3.0.101-0.31.1
      kernel-pae-extra-3.0.101-0.31.1
      xen-kmp-pae-4.2.4_02_3.0.101_0.31-0.7.33

   - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):

      kernel-default-extra-3.0.101-0.31.1

   - SLE 11 SERVER Unsupported Extras (i586 x86_64):

      kernel-xen-extra-3.0.101-0.31.1

   - SLE 11 SERVER Unsupported Extras (ppc64):

      kernel-ppc64-extra-3.0.101-0.31.1

   - SLE 11 SERVER Unsupported Extras (i586):

      kernel-pae-extra-3.0.101-0.31.1


References:

   http://support.novell.com/security/cve/CVE-2014-3153.html
   https://bugzilla.novell.com/880892
   http://download.suse.com/patch/finder/?keywords=0cdcfea3b263f03fc7b11c9e27c68106
   http://download.suse.com/patch/finder/?keywords=2394b6ce8b434732566fe3cbf2a956f7
   http://download.suse.com/patch/finder/?keywords=5d5df6a9a600dbe5fe09c19d8dc24b0e
   http://download.suse.com/patch/finder/?keywords=8a869bd2122273831bd282fab2377076
   http://download.suse.com/patch/finder/?keywords=a8f8feb5552e1da3b52f48f677f467cf
   http://download.suse.com/patch/finder/?keywords=a9d9490d68822582cd43af9c0c2aa6d7
   http://download.suse.com/patch/finder/?keywords=c905f5237a7e0ae4f9fdf0c325c0dbb2
   http://download.suse.com/patch/finder/?keywords=f6e7ea94e8ad3ddbdf3d897e2a3ff6b8
   http://download.suse.com/patch/finder/?keywords=fab06fd0fffc9ae59673101aeace943a
   http://download.suse.com/patch/finder/?keywords=fd1bf222c9f9ff4cc32dae8bac451528

SuSE: 2014:0775-1: critical: Linux Kernel

June 11, 2014
An update that fixes one vulnerability is now available

Summary

The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix a critical privilege escalation security issue: * CVE-2014-3153: The futex acquisition code in kernel/futex.c can be used to gain ring0 access via the futex syscall. This could be used for privilege escalation by non-root users. (bnc#880892) Security Issue reference: * CVE-2014-3153 Indications: Everyone using the Linux Kernel on x86_64 architecture should update.

References

#880892

Cross- CVE-2014-3153

Affected Products:

SUSE Linux Enterprise Server 11 SP3 for VMware

SUSE Linux Enterprise Server 11 SP3

SUSE Linux Enterprise High Availability Extension 11 SP3

SUSE Linux Enterprise Desktop 11 SP3

SLE 11 SERVER Unsupported Extras

http://support.novell.com/security/cve/CVE-2014-3153.html

https://bugzilla.novell.com/880892

http://download.suse.com/patch/finder/?keywords=0cdcfea3b263f03fc7b11c9e27c68106

http://download.suse.com/patch/finder/?keywords=2394b6ce8b434732566fe3cbf2a956f7

http://download.suse.com/patch/finder/?keywords=5d5df6a9a600dbe5fe09c19d8dc24b0e

http://download.suse.com/patch/finder/?keywords=8a869bd2122273831bd282fab2377076

http://download.suse.com/patch/finder/?keywords=a8f8feb5552e1da3b52f48f677f467cf

http://download.suse.com/patch/finder/?keywords=a9d9490d68822582cd43af9c0c2aa6d7

http://download.suse.com/patch/finder/?keywords=c905f5237a7e0ae4f9fdf0c325c0dbb2

http://download.suse.com/patch/finder/?keywords=f6e7ea94e8ad3ddbdf3d897e2a3ff6b8

http://download.suse.com/patch/finder/?keywords=fab06fd0fffc9ae59673101aeace943a

http://download.suse.com/patch/finder/?keywords=fd1bf222c9f9ff4cc32dae8bac451528

Severity
Announcement ID: SUSE-SU-2014:0775-1
Rating: critical

Related News

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

Critical Bluetooth Flaw Exposes Android, Apple & Linux Devices to Takeover

Dec 7, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Nov 25, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo