SUSE-SU-2013:0759-2: important: Security update for Linux kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue May 7 21:04:22 MDT 2013


   SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:0759-2
Rating:             important
References:         #578046 #651219 #714604 #722398 #730117 #736149 
                    #738210 #744692 #753371 #754583 #754898 #758040 
                    #758243 #761849 #762424 #763494 #767612 #768052 
                    #773577 #776787 #777616 #777746 #779577 #780977 
                    #786150 #786814 #786900 #787821 #788826 #789235 
                    #789311 #789359 #790867 #792674 #792793 #793139 
                    #793671 #794513 #794529 #794805 #795269 #795928 
                    #795957 #795961 #796412 #796418 #796823 #797042 
                    #797175 #798921 #799197 #799209 #799270 #799275 
                    #799578 #799926 #800280 #800701 #801038 #801178 
                    #801713 #801717 #801720 #801782 #802153 #802353 
                    #802445 #802642 #802712 #803056 #803067 #803394 
                    #803674 #803712 #804154 #804220 #804609 #804656 
                    #805227 #805823 #806138 #806238 #806395 #806404 
                    #806431 #806466 #806469 #806492 #806631 #806825 
                    #806847 #806908 #806976 #806980 #807431 #807517 
                    #807560 #807853 #808166 #808307 #808358 #808827 
                    #808829 #808966 #808991 #809155 #809166 #809375 
                    #809493 #809748 #809902 #809903 #810473 #812281 
                    #812315 #813963 #816443 
Cross-References:   CVE-2012-2137 CVE-2012-6548 CVE-2012-6549
                    CVE-2013-0160 CVE-2013-0216 CVE-2013-0231
                    CVE-2013-0268 CVE-2013-0311 CVE-2013-0349
                    CVE-2013-0913 CVE-2013-0914 CVE-2013-1767
                    CVE-2013-1772 CVE-2013-1774 CVE-2013-1792
                    CVE-2013-1796 CVE-2013-1797 CVE-2013-1798
                    CVE-2013-1848 CVE-2013-1860 CVE-2013-2634
                    CVE-2013-2635
Affected Products:
                    SUSE Linux Enterprise Server 11 SP2 for VMware
                    SUSE Linux Enterprise Server 11 SP2
                    SUSE Linux Enterprise High Availability Extension 11 SP2
                    SUSE Linux Enterprise Desktop 11 SP2
______________________________________________________________________________

   An update that solves 22 vulnerabilities and has 95 fixes
   is now available. It includes one version update.

Description:


   The SUSE Linux Enterprise 11 SP2 kernel has been updated to
   3.0.74 fix  various security issues and bugs:

   This update brings some features:

   * Updated HD-audio drivers for Nvidia/AMD HDMI and
   Haswell audio (FATE#314311 FATE#313695)
   * Lustre enablement patches were added (FATE#314679).
   * SGI UV (Ultraviolet) platform support. (FATE#306952)

   Security issues fixed in this update:

   * CVE-2013-0349: The hidp_setup_hid function in
   net/bluetooth/hidp/core.c in the Linux kernel did not
   properly copy a certain name field, which allowed local
   users to obtain sensitive information from kernel memory by
   setting a long name and making an HIDPCONNADD ioctl call.
   * CVE-2012-2137: Buffer overflow in virt/kvm/irq_comm.c
   in the KVM subsystem in the Linux kernel allowed local
   users to cause a denial of service (crash) and to possibly
   execute arbitrary code via vectors related to Message
   Signaled Interrupts (MSI), irq routing entries, and an
   incorrect check by the setup_routing_entry function before
   invoking the kvm_set_irq function.
   * CVE-2012-6549: The isofs_export_encode_fh function in
   fs/isofs/export.c in the Linux kernel did not initialize a
   certain structure member, which allowed local users to
   obtain sensitive information from kernel heap memory via a
   crafted application.
   * CVE-2012-6548: The udf_encode_fh function in
   fs/udf/namei.c in the Linux kernel did not initialize a
   certain structure member, which allowed local users to
   obtain sensitive information from kernel heap memory via a
   crafted application.
   * CVE-2013-0160: Timing side channel on attacks were
   possible on /dev/ptmx that could allow local attackers to
   predict keypresses like e.g. passwords. This has been fixed
   by not updating accessed/modified time on the pty devices.
   Note that this might break pty idle detection, so it might
   get reverted again.
   * CVE-2013-0216: The Xen netback functionality in the
   Linux kernel allowed guest OS users to cause a denial of
   service (loop) by triggering ring pointer corruption.
   * CVE-2013-0231: The pciback_enable_msi function in the
   PCI backend driver
   (drivers/xen/pciback/conf_space_capability_msi.c) in Xen
   for the Linux allowed guest OS users with PCI device access
   to cause a denial of service via a large number of kernel
   log messages.
   * CVE-2013-0311: The translate_desc function in
   drivers/vhost/vhost.c in the Linux kernel did not properly
   handle cross-region descriptors, which allowed guest OS
   users to obtain host OS privileges by leveraging KVM guest
   OS privileges.
   * CVE-2013-0913: Integer overflow in
   drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915
   driver in the Direct Rendering Manager (DRM) subsystem in
   the Linux kernel allowed local users to cause a denial of
   service (heap-based buffer overflow) or possibly have
   unspecified other impact via a crafted application that
   triggers many relocation copies, and potentially leads to a
   race condition.
   * CVE-2013-0914: The flush_signal_handlers function in
   kernel/signal.c in the Linux kernel preserved the value of
   the sa_restorer field across an exec operation, which makes
   it easier for local users to bypass the ASLR protection
   mechanism via a crafted application containing a sigaction
   system call.
   * CVE-2013-1767: Use-after-free vulnerability in the
   shmem_remount_fs function in mm/shmem.c in the Linux kernel
   allowed local users to gain privileges or to cause a denial
   of service (system crash) by remounting a tmpfs filesystem
   without specifying a required mpol (aka mempolicy) mount
   option.
   * CVE-2013-1772: The log_prefix function in
   kernel/printk.c in the Linux kernel 3.x did not properly
   remove a prefix string from a syslog header, which allowed
   local users to cause a denial of service (buffer overflow
   and system crash) by leveraging /dev/kmsg write access and
   triggering a call_console_drivers function call.
   * CVE-2013-1774: The chase_port function in
   drivers/usb/serial/io_ti.c in the Linux kernel allowed
   local users to cause a denial of service (NULL pointer
   dereference and system crash) via an attempted /dev/ttyUSB
   read or write operation on a disconnected Edgeport USB
   serial converter.
   * CVE-2013-1792: Race condition in the
   install_user_keyrings function in
   security/keys/process_keys.c in the Linux kernel allowed
   local users to cause a denial of service (NULL pointer
   dereference and system crash) via crafted keyctl system
   calls that trigger keyring operations in simultaneous
   threads.
   * CVE-2013-1796: The kvm_set_msr_common function in
   arch/x86/kvm/x86.c in the Linux kernel did not ensure a
   required time_page alignment during an MSR_KVM_SYSTEM_TIME
   operation, which allowed guest OS users to cause a denial
   of service (buffer overflow and host OS memory corruption)
   or possibly have unspecified other impact via a crafted
   application.
   * CVE-2013-1797: Use-after-free vulnerability in
   arch/x86/kvm/x86.c in the Linux kernel allowed guest OS
   users to cause a denial of service (host OS memory
   corruption) or possibly have unspecified other impact via a
   crafted application that triggers use of a guest physical
   address (GPA) in (1) movable or (2) removable memory during
   an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.
   * CVE-2013-1798: The ioapic_read_indirect function in
   virt/kvm/ioapic.c in the Linux kernel did not properly
   handle a certain combination of invalid IOAPIC_REG_SELECT
   and IOAPIC_REG_WINDOW operations, which allows guest OS
   users to obtain sensitive information from host OS memory
   or cause a denial of service (host OS OOPS) via a crafted
   application.
   * CVE-2013-1848: fs/ext3/super.c in the Linux kernel
   used incorrect arguments to functions in certain
   circumstances related to printk input, which allowed local
   users to conduct format-string attacks and possibly gain
   privileges via a crafted application.
   * CVE-2013-1860: Heap-based buffer overflow in the
   wdm_in_callback function in drivers/usb/class/cdc-wdm.c in
   the Linux kernel allowed physically proximate attackers to
   cause a denial of service (system crash) or to possibly
   execute arbitrary code via a crafted cdc-wdm USB device.
   * CVE-2013-2634: net/dcb/dcbnl.c in the Linux kernel
   did not initialize certain structures, which allowed local
   users to obtain sensitive information from kernel stack
   memory via a crafted application.
   * CVE-2013-2635: The rtnl_fill_ifinfo function in
   net/core/rtnetlink.c in the Linux kernel did not initialize
   a certain structure member, which allowed local users to
   obtain sensitive information from kernel stack memory via a
   crafted application.
   * CVE-2013-0268: The msr_open function in
   arch/x86/kernel/msr.c in the Linux kernel allowed local
   users to bypass intended capability restrictions by
   executing a crafted application as root, as demonstrated by
   msr32.c.

   Bugs fixed in this update:

   BTRFS:

   * btrfs: do not try to notify udev about missing
   devices.
   * btrfs: add cancellation points to defrag.
   * btrfs: define BTRFS_MAGIC as a u64 value.
   * btrfs: make sure NODATACOW also gets NODATASUM set.
   * btrfs: enforce min_bytes parameter during extent
   allocation.
   * btrfs: build up error handling for merge_reloc_roots.
   * btrfs: free all recorded tree blocks on error .
   * btrfs: do not BUG_ON in prepare_to_reloc .
   * btrfs: do not BUG_ON on aborted situation .
   * btrfs: handle a bogus chunk tree nicely .
   * btrfs: do not drop path when printing out tree errors
   in scrub .
   * btrfs: make subvol creation/deletion killable in the
   early stages.
   * btrfs: abort unlink trans in missed error case.
   * btrfs: fix reada debug code compilation.
   * btrfs: return error when we specify wrong start to
   defrag.
   * btrfs: do not force pages under writeback to finish
   when aborting.

   USB:

   * USB: move usb_translate_errors to 1/usb (bnc#806908).
   * USB: add EOPNOTSUPP to usb_translate_errors
   (bnc#806908).
   * USB: cdc-wdm: sanitize error returns (bnc#806908).
   * USB: cdc-wdm: cleanup error codes (bnc#806908).
   * USB: cdc-wdm: add helper to preserve kABI
   (bnc#806908).
   * USB: Do not use EHCI port sempahore for USB 3.0 hubs
   (bnc#807560).
   * USB: Prepare for refactoring by adding extra udev
   checks (bnc#807560).
   * USB: Rip out recursive call on warm port reset
   (bnc#807560).
   * USB: Fix connected device switch to Inactive state
   (bnc#807560).
   * USB: modify hub to detect unplugs in all states
   (bnc#807560).
   * USB: io_ti: Fix NULL dereference in chase_port()
   (bnc#806976, CVE-2013-1774).
   * USB: cdc-wdm: fix buffer overflow (bnc#806431).
   * USB: cdc-wdm: cannot use dev_printk when device is
   gone (bnc#806469).
   * USB: cdc-wdm: fix memory leak (bnc#806466).
   * elousb: really long delays for broken devices
   (bnc#795269).
   * xhci: Fix conditional check in bandwidth calculation
   (bnc#795961).
   * xHCI: Fix TD Size calculation on 1.0 hosts
   (bnc#795957).
   * xhci: avoid dead ports, add roothub port polling
   (bnc#799197).
   * USB: Handle warm reset failure on empty port
   (bnc#799926).
   * USB: Ignore port state until reset completes
   (bnc#799926).
   * Allow USB 3.0 ports to be disabled (bnc#799926).
   * USB: Ignore xHCI Reset Device status (bnc#799926).
   * USB: Handle auto-transition from hot to warm reset
   (bnc#799926).

   S/390:

   * ipl: Implement diag308 loop for zfcpdump (bnc#801720,
   LTC#88197).
   * zcore: Add hsa file (bnc#801720, LTC#88198).
   * kernel: support physical memory > 4TB (bnc#801720,
   LTC#88787).
   * mm: Fix crst upgrade of mmap with MAP_FIXED
   (bnc#801720, LTC#88797).
   * Update patches.suse/zcrypt-feed-hwrandom
   (bnc#806825). Allow zcrypt module unload even when the
   thread is blocked writing to a full random pool.
   * dca: check against empty dca_domains list before
   unregister provider fix.
   * s390/kvm: Fix store status for ACRS/FPRS fix.
   * series.conf: disabled
   patches.arch/s390-64-03-kernel-inc-phys-mem.patch due to
   excessive kabi break. (bnc#801720)

   ALSA:

   *
   patches.drivers/alsa-sp3-pre-695-Yet-another-fix-for-broken-
   HSW-HDMI-pin: Refresh. Fix the invalid PCI SSID check
   (bnc#806404)
   * ALSA: hda - Support mute LED on HP AiO buttons
   (bnc#808991).
   * ALSA: hda: Allow multple SPDIF controls per codec
   (bnc#780977).
   * ALSA: hda: Virtualize SPDIF out controls (bnc#780977).
   * ALSA: hda: Separate generic and non-generic
   implementations.
   * ALSA: hda: hdmi_eld_update_pcm_info: update a stream
   in place.
   * ALSA: hda: HDMI: Support codecs with fewer cvts than
   pins.
   * ALSA: hda - Add snd_hda_get_conn_list() helper
   function.
   * ALSA: hda - Add snd_hda_override_conn_list() helper
   function.
   * ALSA: hda - Increase the max number of coverters/pins
   in patch_hdmi.c (bnc#780977).
   * ALSA: hda - Check non-snoop in a single place
   (bnc#801713).
   * ALSA: HDA: Use LPIB Position fix for Intel SCH
   Poulsbo (bnc#801713).
   * ALSA: hda_intel: Add Oaktrail identifiers
   (bnc#801713).
   * ALSA: HDA: Use LPIB position fix for Oaktrail
   (bnc#801713).
   * ALSA: hda - add id for Atom Cedar Trail HDMI codec
   (bnc#801713).
   * ALSA: hda - Fix detection of Creative SoundCore3D
   controllers (bnc#762424).
   * ALSA: hda - add power states information in proc
   (bnc#801713).
   * ALSA: hda - Show D3cold state in proc files
   (bnc#801713).
   * ALSA: hda - check supported power states (bnc#801713).
   * ALSA: hda - reduce msleep time if EPSS power states
   supported (bnc#801713).
   * ALSA: hda - check proper return value (bnc#801713).
   * ALSA: hda - power setting error check (bnc#801713).
   * ALSA: hda - Add DeviceID for Haswell HDA (bnc#801713).
   * ALSA: hda - add Haswell HDMI codec id (bnc#801713).
   * ALSA: hda - Fix driver type of Haswell controller to
   AZX_DRIVER_SCH.
   * ALSA: hda - Add new GPU codec ID to snd-hda
   (bnc#780977).
   * ALSA: HDMI - Fix channel_allocation array wrong order
   (bnc#801713).
   * ALSA: hda - Avoid BDL position workaround when
   no_period_wakeup is set (bnc#801713).
   * ALSA: hda - Allow to pass position_fix=0 explicitly
   (bnc#801713).
   * ALSA: hda - Add another pci id for Haswell board.
   * ALSA: hda - force use of SSYNC bits (bnc#801713).
   * ALSA: hda - use LPIB for delay estimation
   (bnc#801713).
   * ALSA: hda - add PCI identifier for Intel 5
   Series/3400 (bnc#801713).
   * ALSA: hda - Add workaround for conflicting IEC958
   controls (FATE#314311).
   * ALSA: hda - Stop LPIB delay counting on broken
   hardware (FATE#313695).
   * ALSA: hda - Always turn on pins for HDMI/DP
   (FATE#313695).
   * ALSA: hda - bug fix for invalid connection list of
   Haswell HDMI codec pins (FATE#313695).
   * ALSA - HDA: New PCI ID for Haswell ULT (bnc#801713).
   * ALSA: hda - Release assigned pin/cvt at error path of
   hdmi_pcm_open() (bnc#801713).
   * ALSA: hda - Support rereading widgets under the
   function group (bnc#801713).
   * ALSA: hda - Add fixup for Haswell to enable all pin
   and convertor widgets (bnc#801713).
   * ALSA: hda - Yet another fix for broken HSW HDMI pin
   connections (bnc#801713).
   * patches.kabi/alsa-spdif-update-kabi-fixes: Fix kABI
   breakage due to HD-audio HDMI updates (bnc#780977).
   * ALSA: hda - Fix non-snoop page handling (bnc#800701).
   * ALSA: hda - Apply mic-mute LED fixup for new HP
   laptops (bnc#796418).
   *
   patches.drivers/alsa-sp3-pre-695-Yet-another-fix-for-broken-
   HSW-HDMI-pin: Refresh. Fix a superfluous incremental
   leading to the double array size (bnc#808966)

   XEN:

   * pciback: notify hypervisor about devices intended to
   be assigned to guests.
   * patches.xen/xen-clockevents: Update (bnc#803712).
   * patches.xen/xen-ipi-per-cpu-irq: Update (bnc#803712).
   * patches.xen/xen3-patch-2.6.19: Update (bnc#809166).
   * Update Xen patches to 3.0.68.
   * Update Xen patches to 3.0.63.
   * netback: fix netbk_count_requests().
   * x86/mm: Check if PUD is large when validating a
   kerneladdress (bnc#794805).

   OTHER:

   * Revert dmi_scan: fix missing check for _DMI_
   signature in smbios_present().
   * Revert drivers/firmware/dmi_scan.c: fetch dmi version
   from SMBIOS if it exists.
   * Revert drivers/firmware/dmi_scan.c: check dmi version
   when get system uuid.
   * sysfs: Revert sysfs: fix race between readdir and
   lseek (bnc#816443).
   * 8021q: Revert 8021q: fix a potential use-after-free.
   * /dev/urandom returning EOF: trim down revert to not
   change kabi. (bnc#789359).
   * tun: reserves space for network in skb (bnc#803394).
   * Fixed /dev/urandom returning EOF (bnc#789359).
   * mm: Make snapshotting pages for stable writes a
   per-bio operation
   * fs: Only enable stable page writes when necessary
   (bnc#807517).
   *
   patches.drivers/ixgbe-Address-fact-that-RSC-was-not-setting-
   GSO-size.patch: Fix bnc#802712
   * Fix build error without CONFIG_BOOTSPLASH
   * Fix bootsplash breakage due to 3.0.67 stable fix
   (bnc#813963)
   * drivers/base/memory.c: fix memory_dev_init() long
   delay (bnc#804609).
   * mtd: drop physmap_configure (bnc#809375).
   * Bluetooth: btusb: hide more usb_submit_urb errors
   (bnc#812281).
   * o2dlm: fix NULL pointer dereference in
   o2dlm_blocking_ast_wrapper (bnc#806492)
   * qeth: fix qeth_wait_for_threads() deadlock for OSN
   devices (bnc#812315, LTC#90910).
   * Fix NULL pointer dereference in
   o2dlm_blocking_ast_wrapper (bnc#806492)
   * mm: fix ALLOC_WMARK_MASK check (bnc#808166)
   * pciehp: Fix dmi match table definition and missing
   space in printk (bnc#796412).
   * fnic: Fix SGEs limit (bnc#807431).
   * pciehp: Ignore missing surprise bit on some hosts
   (bnc#796412).
   * ipv6: Queue fragments per interface for
   multicast/link-local addresses (bnc#804220).
   * netfilter: send ICMPv6 message on fragment reassembly
   timeout (bnc#773577).
   * netfilter: fix sending ICMPv6 on netfilter reassembly
   timeout (bnc#773577).
   * jbd: clear revoked flag on buffers before a new
   transaction started (bnc#806395).
   * xfrm6: count extension headers into payload length
   (bnc#794513).
   * mm: page_alloc: Avoid marking zones full prematurely
   after zone_reclaim() (Evict inactive pages when
   zone_reclaim is enabled (bnc#808166)).
   * st: Take additional queue ref in st_probe
   (bnc#801038, bnc#788826).
   * drivers: xhci: fix incorrect bit test (bnc#714604).
   * xfrm: remove unused xfrm4_policy_fini() (bnc#801717).
   * xfrm: make gc_thresh configurable in all namespaces
   (bnc#801717).
   * kabi: use net_generic to avoid changes in struct net
   (bnc#801717).
   * xfs: Fix WARN_ON(delalloc) in xfs_vm_releasepage()
   (bnc#806631).
   *
   patches.drivers/alsa-sp2-hda-033-Support-mute-LED-on-HP-AiO-
   buttons: Refresh tags.
   * block: use i_size_write() in bd_set_size()
   (bnc#809748).
   * loopdev: fix a deadlock (bnc#809748).
   * patches.suse/supported-flag: fix mis-reported
   supported status (bnc#809493).
   * patches.suse/supported-flag-enterprise: Refresh.
   * KVM: Convert MSR_KVM_SYSTEM_TIME to use
   gfn_to_hva_cache_init (bnc#806980 CVE-2013-1797).
   * KVM: Fix bounds checking in ioapic indirect register
   read (bnc#806980 CVE-2013-1798).
   * KVM: Fix for buffer overflow in handling of
   MSR_KVM_SYSTEM_TIME (bnc#806980 CVE-2013-1796).
   * KVM: introduce kvm_read_guest_cached (bnc#806980).
   * x86/numa: Add constraints check for nid parameters
   (Cope with negative SRAT distances (bnc#807853)).
   * drm/i915: Periodically sanity check power management
   (bnc#808307).
   * drm/i915: bounds check execbuffer relocation count
   (bnc#808829,CVE-2013-0913).
   * ext3: Fix format string issues (bnc#809155,
   CVE-2013-1848).
   * x86-64: Fix memset() to support sizes of 4Gb and
   above (Properly initialise memmap on large machines
   (bnc#802353)).
   * bdi: allow block devices to say that they require
   stable page writes
   * mm: only enforce stable page writes if the backing
   device requires it
   * block: optionally snapshot page contents to provide
   stable pages during write
   * 9pfs: fix filesystem to wait for stable page writeback
   * ocfs2: wait for page writeback to provide stable pages
   * ubifs: wait for page writeback to provide stable pages
   * Only enable stable page writes when required by
   underlying BDI (bnc#807517).
   * KVM: emulator: drop RPL check from linearize()
   function (bnc#754583).
   * mlx4: Correct calls to to_ib_ah_attr() (bnc#806847).
   * DRM/i915: On G45 enable cursor plane briefly after
   enabling the display plane (bnc #753371) [backported from
   drm-intel-fixes].
   * cxgb4i: Remove the scsi host device when removing
   device (bnc#722398)
   * xprtrdma: The transport should not bug-check when a
   dup reply is received (bnc#763494).
   * tmpfs: fix use-after-free of mempolicy object
   (bnc#806138, CVE-2013-1767).
   * lpfc: Check fc_block_scsi_eh return value correctly
   for lpfc_abort_handler (bnc#803674).
   * md: fix bug in handling of new_data_offset
   (bnc#805823).
   * md: Avoid OOPS when reshaping raid1 to raid0 (Useful
   OOPS fix).
   * md: fix two bugs when attempting to resize RAID0
   array (Useful BUG() fix).
   * md: raid0: fix error return from create_stripe_zones
   (useful bug fix).
   * ext4: add missing kfree() on error return path in
   add_new_gdb().
   * ext4: Free resources in some error path in
   ext4_fill_super.
   * intel_idle: support Haswell (fate#313720).
   * hp_accel: Add a new PnP ID HPQ6007 for new HP laptops
   (bnc#802445).
   * nfs: Ensure NFS does not block on dead server during
   unmount (bnc#794529).
   * block: disable discard request merge temporarily
   (bnc#803067).
   * mm: mmu_notifier: have mmu_notifiers use a global
   SRCU so they may safely schedule
   * mm: mmu_notifier: make the mmu_notifier srcu static
   * mmu_notifier_unregister NULL Pointer deref and
   multiple ->release() callouts
   * Have mmu_notifiers use SRCU so they may safely
   schedule kabi compatability
   *
   patches.fixes/Have-mmu_notifiers-use-SRCU-so-they-may-safely
   -schedule.patch:
   *
   patches.fixes/Have-mmu_notifiers-use-SRCU-so-they-may-safely
   -schedule-build-fix.patch: Delete, replace with upstream
   equivalent and add KABI workaround (bnc#578046, bnc#786814,
   FATE#306952).
   * ipv6: Do not send packet to big messages to self
   (bnc#786150).
   * hpwdt: Unregister NMI events on exit (bnc#777746).
   * x86/mm: Check if PUD is large when validating a
   kernel address (bnc#794805).
   * ata: Fix DVD not dectected at some Haswell platforms
   (bnc#792674).
   * Avoid softlockups in printk (bnc#744692, bnc#789311).
   * Do not pack credentials for dying processes
   (bnc#779577, bnc#803056).
   * xfs: punch new delalloc blocks out of failed writes
   inside EOF (bnc#761849).
   * xfs: xfs_sync_data is redundant (bnc#761849).
   * Add GPIO support for Intel Centerton SOC (bnc#792793).
   * Add Multifunction Device support for Intel Centerton
   SOC (bnc#792793).
   * Add Intel Legacy Block support for Intel Centerton
   SOC (bnc#792793).
   * mm: net: Allow some !SOCK_MEMALLOC traffic through
   even if skb_pfmemalloc (Allow GPFS network traffic despite
   PF_MEMALLOC misuse (bnc#786900)).
   * kernel/resource.c: fix stack overflow in
   __reserve_region_with_split() (bnc#801782).
   * Lustre enablement patches
   * block: add dev_check_rdonly and friends for Lustre
   testing (FATE#314679).
   * dcache: Add DCACHE_LUSTRE_INVALID flag for Lustre to
   handle its own invalidation (FATE#314679).
   * lsm: export security_inode_unlink (FATE#315679).
   * lustre: Add lustre kernel version (FATE#314679).
   * st: fix memory leak with >1MB tape I/O (bnc#798921).
   * cifs: lower default wsize when 1 extensions are not
   used (bnc#799578).
   * ata_generic: Skip is_intel_ider() check when
   ata_generic=1 is set (bnc#777616).
   * quota: autoload the quota_v2 module for QFMT_VFS_V1
   quota format (bnc#802153).
   * xen: properly bound buffer access when parsing
   cpu/availability.
   * netback: shutdown the ring if it contains garbage
   (CVE-2013-0216 XSA-39 bnc#800280).
   * netback: correct netbk_tx_err() to handle wrap around
   (CVE-2013-0216 XSA-39 bnc#800280).
   * pciback: rate limit error message from
   pciback_enable_msi() (CVE-2013-0231 XSA-43 bnc#801178).
   * scsiback/usbback: move cond_resched() invocations to
   proper place.
   * drm/i915: Implement workaround for broken CS tlb on
   i830/845 (bnc #758040).
   * drivers: scsi: storvsc: Initialize the sglist.
   * e1000e: 82571 Fix Tx Data Corruption during Tx hang
   recovery (bnc#790867).
   * KVM: Fix buffer overflow in kvm_set_irq() (bnc#767612
   CVE-2012-2137).
   * mm: compaction: Abort async compaction if locks are
   contended or taking too long.
   * mm: compaction: abort compaction loop if lock is
   contended or run too long.
   * mm: compaction: acquire the zone->lock as late as
   possible.
   * mm: compaction: acquire the zone->lru_lock as late as
   possible.
   * mm: compaction: move fatal signal check out of
   compact_checklock_irqsave. Reduce LRU and zone lock
   contention when compacting memory for THP (bnc#796823).

   Security Issue references:

   * CVE-2012-6548
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6548
   >
   * CVE-2012-6549
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6549
   >
   * CVE-2012-2137
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2137
   >
   * CVE-2013-0160
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0160
   >
   * CVE-2013-0216
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0216
   >
   * CVE-2013-0231
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0231
   >
   * CVE-2013-0913
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0913
   >
   * CVE-2013-0914
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0914
   >
   * CVE-2013-1767
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1767
   >
   * CVE-2013-1774
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1774
   >
   * CVE-2013-1796
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1796
   >
   * CVE-2013-1797
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1797
   >
   * CVE-2013-1798
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1798
   >
   * CVE-2013-1848
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1848
   >
   * CVE-2013-1860
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1860
   >
   * CVE-2013-2634
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2634
   >
   * CVE-2013-2635
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2635
   >
   * CVE-2013-1792
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1792
   >
   * CVE-2013-0311
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0311
   >
   * CVE-2013-1772
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1772
   >
   * CVE-2013-0268
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0268
   >
   * CVE-2013-0349
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0349
   >

Indications:

   Everyone using the Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11 SP2 for VMware:

      zypper in -t patch slessp2-kernel-7675

   - SUSE Linux Enterprise Server 11 SP2:

      zypper in -t patch slessp2-kernel-7675

   - SUSE Linux Enterprise High Availability Extension 11 SP2:

      zypper in -t patch sleshasp2-kernel-7675

   - SUSE Linux Enterprise Desktop 11 SP2:

      zypper in -t patch sledsp2-kernel-7675

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 3.0.74]:

      kernel-default-3.0.74-0.6.6.2
      kernel-default-base-3.0.74-0.6.6.2
      kernel-default-devel-3.0.74-0.6.6.2
      kernel-source-3.0.74-0.6.6.2
      kernel-syms-3.0.74-0.6.6.2
      kernel-trace-3.0.74-0.6.6.2
      kernel-trace-base-3.0.74-0.6.6.2
      kernel-trace-devel-3.0.74-0.6.6.2
      kernel-xen-devel-3.0.74-0.6.6.2
      xen-kmp-trace-4.1.4_02_3.0.74_0.6.6-0.5.22

   - SUSE Linux Enterprise Server 11 SP2 (x86_64) [New Version: 3.0.74]:

      kernel-default-3.0.74-0.6.6.2
      kernel-default-base-3.0.74-0.6.6.2
      kernel-default-devel-3.0.74-0.6.6.2
      kernel-ec2-3.0.74-0.6.6.2
      kernel-ec2-base-3.0.74-0.6.6.2
      kernel-ec2-devel-3.0.74-0.6.6.2
      kernel-source-3.0.74-0.6.6.2
      kernel-syms-3.0.74-0.6.6.2
      kernel-trace-3.0.74-0.6.6.2
      kernel-trace-base-3.0.74-0.6.6.2
      kernel-trace-devel-3.0.74-0.6.6.2
      kernel-xen-3.0.74-0.6.6.2
      kernel-xen-base-3.0.74-0.6.6.2
      kernel-xen-devel-3.0.74-0.6.6.2
      xen-kmp-default-4.1.4_02_3.0.74_0.6.6-0.5.22
      xen-kmp-trace-4.1.4_02_3.0.74_0.6.6-0.5.22

   - SUSE Linux Enterprise High Availability Extension 11 SP2 (x86_64):

      cluster-network-kmp-default-1.4_3.0.74_0.6.6-2.18.36
      cluster-network-kmp-trace-1.4_3.0.74_0.6.6-2.18.36
      cluster-network-kmp-xen-1.4_3.0.74_0.6.6-2.18.36
      gfs2-kmp-default-2_3.0.74_0.6.6-0.7.69
      gfs2-kmp-trace-2_3.0.74_0.6.6-0.7.69
      gfs2-kmp-xen-2_3.0.74_0.6.6-0.7.69
      ocfs2-kmp-default-1.6_3.0.74_0.6.6-0.11.35
      ocfs2-kmp-trace-1.6_3.0.74_0.6.6-0.11.35
      ocfs2-kmp-xen-1.6_3.0.74_0.6.6-0.11.35

   - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 3.0.74]:

      kernel-default-3.0.74-0.6.6.2
      kernel-default-base-3.0.74-0.6.6.2
      kernel-default-devel-3.0.74-0.6.6.2
      kernel-default-extra-3.0.74-0.6.6.2
      kernel-source-3.0.74-0.6.6.2
      kernel-syms-3.0.74-0.6.6.2
      kernel-trace-3.0.74-0.6.6.2
      kernel-trace-base-3.0.74-0.6.6.2
      kernel-trace-devel-3.0.74-0.6.6.2
      kernel-trace-extra-3.0.74-0.6.6.2
      kernel-xen-3.0.74-0.6.6.2
      kernel-xen-base-3.0.74-0.6.6.2
      kernel-xen-devel-3.0.74-0.6.6.2
      kernel-xen-extra-3.0.74-0.6.6.2
      xen-kmp-default-4.1.4_02_3.0.74_0.6.6-0.5.22
      xen-kmp-trace-4.1.4_02_3.0.74_0.6.6-0.5.22


References:

   http://support.novell.com/security/cve/CVE-2012-2137.html
   http://support.novell.com/security/cve/CVE-2012-6548.html
   http://support.novell.com/security/cve/CVE-2012-6549.html
   http://support.novell.com/security/cve/CVE-2013-0160.html
   http://support.novell.com/security/cve/CVE-2013-0216.html
   http://support.novell.com/security/cve/CVE-2013-0231.html
   http://support.novell.com/security/cve/CVE-2013-0268.html
   http://support.novell.com/security/cve/CVE-2013-0311.html
   http://support.novell.com/security/cve/CVE-2013-0349.html
   http://support.novell.com/security/cve/CVE-2013-0913.html
   http://support.novell.com/security/cve/CVE-2013-0914.html
   http://support.novell.com/security/cve/CVE-2013-1767.html
   http://support.novell.com/security/cve/CVE-2013-1772.html
   http://support.novell.com/security/cve/CVE-2013-1774.html
   http://support.novell.com/security/cve/CVE-2013-1792.html
   http://support.novell.com/security/cve/CVE-2013-1796.html
   http://support.novell.com/security/cve/CVE-2013-1797.html
   http://support.novell.com/security/cve/CVE-2013-1798.html
   http://support.novell.com/security/cve/CVE-2013-1848.html
   http://support.novell.com/security/cve/CVE-2013-1860.html
   http://support.novell.com/security/cve/CVE-2013-2634.html
   http://support.novell.com/security/cve/CVE-2013-2635.html
   https://bugzilla.novell.com/578046
   https://bugzilla.novell.com/651219
   https://bugzilla.novell.com/714604
   https://bugzilla.novell.com/722398
   https://bugzilla.novell.com/730117
   https://bugzilla.novell.com/736149
   https://bugzilla.novell.com/738210
   https://bugzilla.novell.com/744692
   https://bugzilla.novell.com/753371
   https://bugzilla.novell.com/754583
   https://bugzilla.novell.com/754898
   https://bugzilla.novell.com/758040
   https://bugzilla.novell.com/758243
   https://bugzilla.novell.com/761849
   https://bugzilla.novell.com/762424
   https://bugzilla.novell.com/763494
   https://bugzilla.novell.com/767612
   https://bugzilla.novell.com/768052
   https://bugzilla.novell.com/773577
   https://bugzilla.novell.com/776787
   https://bugzilla.novell.com/777616
   https://bugzilla.novell.com/777746
   https://bugzilla.novell.com/779577
   https://bugzilla.novell.com/780977
   https://bugzilla.novell.com/786150
   https://bugzilla.novell.com/786814
   https://bugzilla.novell.com/786900
   https://bugzilla.novell.com/787821
   https://bugzilla.novell.com/788826
   https://bugzilla.novell.com/789235
   https://bugzilla.novell.com/789311
   https://bugzilla.novell.com/789359
   https://bugzilla.novell.com/790867
   https://bugzilla.novell.com/792674
   https://bugzilla.novell.com/792793
   https://bugzilla.novell.com/793139
   https://bugzilla.novell.com/793671
   https://bugzilla.novell.com/794513
   https://bugzilla.novell.com/794529
   https://bugzilla.novell.com/794805
   https://bugzilla.novell.com/795269
   https://bugzilla.novell.com/795928
   https://bugzilla.novell.com/795957
   https://bugzilla.novell.com/795961
   https://bugzilla.novell.com/796412
   https://bugzilla.novell.com/796418
   https://bugzilla.novell.com/796823
   https://bugzilla.novell.com/797042
   https://bugzilla.novell.com/797175
   https://bugzilla.novell.com/798921
   https://bugzilla.novell.com/799197
   https://bugzilla.novell.com/799209
   https://bugzilla.novell.com/799270
   https://bugzilla.novell.com/799275
   https://bugzilla.novell.com/799578
   https://bugzilla.novell.com/799926
   https://bugzilla.novell.com/800280
   https://bugzilla.novell.com/800701
   https://bugzilla.novell.com/801038
   https://bugzilla.novell.com/801178
   https://bugzilla.novell.com/801713
   https://bugzilla.novell.com/801717
   https://bugzilla.novell.com/801720
   https://bugzilla.novell.com/801782
   https://bugzilla.novell.com/802153
   https://bugzilla.novell.com/802353
   https://bugzilla.novell.com/802445
   https://bugzilla.novell.com/802642
   https://bugzilla.novell.com/802712
   https://bugzilla.novell.com/803056
   https://bugzilla.novell.com/803067
   https://bugzilla.novell.com/803394
   https://bugzilla.novell.com/803674
   https://bugzilla.novell.com/803712
   https://bugzilla.novell.com/804154
   https://bugzilla.novell.com/804220
   https://bugzilla.novell.com/804609
   https://bugzilla.novell.com/804656
   https://bugzilla.novell.com/805227
   https://bugzilla.novell.com/805823
   https://bugzilla.novell.com/806138
   https://bugzilla.novell.com/806238
   https://bugzilla.novell.com/806395
   https://bugzilla.novell.com/806404
   https://bugzilla.novell.com/806431
   https://bugzilla.novell.com/806466
   https://bugzilla.novell.com/806469
   https://bugzilla.novell.com/806492
   https://bugzilla.novell.com/806631
   https://bugzilla.novell.com/806825
   https://bugzilla.novell.com/806847
   https://bugzilla.novell.com/806908
   https://bugzilla.novell.com/806976
   https://bugzilla.novell.com/806980
   https://bugzilla.novell.com/807431
   https://bugzilla.novell.com/807517
   https://bugzilla.novell.com/807560
   https://bugzilla.novell.com/807853
   https://bugzilla.novell.com/808166
   https://bugzilla.novell.com/808307
   https://bugzilla.novell.com/808358
   https://bugzilla.novell.com/808827
   https://bugzilla.novell.com/808829
   https://bugzilla.novell.com/808966
   https://bugzilla.novell.com/808991
   https://bugzilla.novell.com/809155
   https://bugzilla.novell.com/809166
   https://bugzilla.novell.com/809375
   https://bugzilla.novell.com/809493
   https://bugzilla.novell.com/809748
   https://bugzilla.novell.com/809902
   https://bugzilla.novell.com/809903
   https://bugzilla.novell.com/810473
   https://bugzilla.novell.com/812281
   https://bugzilla.novell.com/812315
   https://bugzilla.novell.com/813963
   https://bugzilla.novell.com/816443
   http://download.novell.com/patch/finder/?keywords=2f736fd60525e237201b485f497a314b



More information about the sle-security-updates mailing list