SUSE-SU-2013:0819-1: critical: Security update for the Linux Kernel (x86)

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue May 21 18:04:17 MDT 2013


   SUSE Security Update: Security update for the Linux Kernel (x86)
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:0819-1
Rating:             critical
References:         #819789 
Cross-References:   CVE-2013-2094
Affected Products:
                    SUSE Linux Enterprise Server 11 SP2 for VMware
                    SUSE Linux Enterprise Server 11 SP2
                    SUSE Linux Enterprise High Availability Extension 11 SP2
                    SUSE Linux Enterprise Desktop 11 SP2
                    SLE 11 SERVER Unsupported Extras
______________________________________________________________________________

   An update that fixes one vulnerability is now available. It
   includes one version update.

Description:


   This update to the SUSE Linux Enterprise 11 SP2 kernel
   fixes the following  critical security issue:

   * A bounds checking problem in the perf systemcall
   could be used by local attackers to crash the kernel or
   execute code in kernel context. (CVE-2013-2094
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2094
   > )

Indications:

   Everyone using the Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11 SP2 for VMware:

      zypper in -t patch slessp2-kernel-7723 slessp2-kernel-7727

   - SUSE Linux Enterprise Server 11 SP2:

      zypper in -t patch slessp2-kernel-7723 slessp2-kernel-7724 slessp2-kernel-7725 slessp2-kernel-7726 slessp2-kernel-7727

   - SUSE Linux Enterprise High Availability Extension 11 SP2:

      zypper in -t patch sleshasp2-kernel-7723 sleshasp2-kernel-7724 sleshasp2-kernel-7725 sleshasp2-kernel-7726 sleshasp2-kernel-7727

   - SUSE Linux Enterprise Desktop 11 SP2:

      zypper in -t patch sledsp2-kernel-7723 sledsp2-kernel-7727

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.74]:

      kernel-default-3.0.74-0.6.8.1
      kernel-default-base-3.0.74-0.6.8.1
      kernel-default-devel-3.0.74-0.6.8.1
      kernel-source-3.0.74-0.6.8.1
      kernel-syms-3.0.74-0.6.8.1
      kernel-trace-3.0.74-0.6.8.1
      kernel-trace-base-3.0.74-0.6.8.1
      kernel-trace-devel-3.0.74-0.6.8.1
      kernel-xen-devel-3.0.74-0.6.8.1

   - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64):

      xen-kmp-trace-4.1.4_02_3.0.74_0.6.8-0.5.26

   - SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.74]:

      kernel-pae-3.0.74-0.6.8.1
      kernel-pae-base-3.0.74-0.6.8.1
      kernel-pae-devel-3.0.74-0.6.8.1

   - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.74]:

      kernel-default-3.0.74-0.6.8.1
      kernel-default-base-3.0.74-0.6.8.1
      kernel-default-devel-3.0.74-0.6.8.1
      kernel-source-3.0.74-0.6.8.1
      kernel-syms-3.0.74-0.6.8.1
      kernel-trace-3.0.74-0.6.8.1
      kernel-trace-base-3.0.74-0.6.8.1
      kernel-trace-devel-3.0.74-0.6.8.1

   - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.74]:

      kernel-ec2-3.0.74-0.6.8.1
      kernel-ec2-base-3.0.74-0.6.8.1
      kernel-ec2-devel-3.0.74-0.6.8.1
      kernel-xen-3.0.74-0.6.8.1
      kernel-xen-base-3.0.74-0.6.8.1
      kernel-xen-devel-3.0.74-0.6.8.1

   - SUSE Linux Enterprise Server 11 SP2 (x86_64):

      xen-kmp-default-4.1.4_02_3.0.74_0.6.8-0.5.26
      xen-kmp-trace-4.1.4_02_3.0.74_0.6.8-0.5.26

   - SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.74]:

      kernel-default-man-3.0.74-0.6.8.1

   - SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.74]:

      kernel-ppc64-3.0.74-0.6.8.1
      kernel-ppc64-base-3.0.74-0.6.8.1
      kernel-ppc64-devel-3.0.74-0.6.8.1

   - SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.74]:

      kernel-pae-3.0.74-0.6.8.1
      kernel-pae-base-3.0.74-0.6.8.1
      kernel-pae-devel-3.0.74-0.6.8.1

   - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64):

      cluster-network-kmp-default-1.4_3.0.74_0.6.8-2.18.38
      cluster-network-kmp-trace-1.4_3.0.74_0.6.8-2.18.38
      gfs2-kmp-default-2_3.0.74_0.6.8-0.7.70
      gfs2-kmp-trace-2_3.0.74_0.6.8-0.7.70
      ocfs2-kmp-default-1.6_3.0.74_0.6.8-0.11.37
      ocfs2-kmp-trace-1.6_3.0.74_0.6.8-0.11.37

   - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64):

      cluster-network-kmp-xen-1.4_3.0.74_0.6.8-2.18.38
      gfs2-kmp-xen-2_3.0.74_0.6.8-0.7.70
      ocfs2-kmp-xen-1.6_3.0.74_0.6.8-0.11.37

   - SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64):

      cluster-network-kmp-ppc64-1.4_3.0.74_0.6.8-2.18.38
      gfs2-kmp-ppc64-2_3.0.74_0.6.8-0.7.70
      ocfs2-kmp-ppc64-1.6_3.0.74_0.6.8-0.11.37

   - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586):

      cluster-network-kmp-pae-1.4_3.0.74_0.6.8-2.18.38
      gfs2-kmp-pae-2_3.0.74_0.6.8-0.7.70
      ocfs2-kmp-pae-1.6_3.0.74_0.6.8-0.11.37

   - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.74]:

      kernel-default-3.0.74-0.6.8.1
      kernel-default-base-3.0.74-0.6.8.1
      kernel-default-devel-3.0.74-0.6.8.1
      kernel-default-extra-3.0.74-0.6.8.1
      kernel-source-3.0.74-0.6.8.1
      kernel-syms-3.0.74-0.6.8.1
      kernel-trace-3.0.74-0.6.8.1
      kernel-trace-base-3.0.74-0.6.8.1
      kernel-trace-devel-3.0.74-0.6.8.1
      kernel-trace-extra-3.0.74-0.6.8.1
      kernel-xen-3.0.74-0.6.8.1
      kernel-xen-base-3.0.74-0.6.8.1
      kernel-xen-devel-3.0.74-0.6.8.1
      kernel-xen-extra-3.0.74-0.6.8.1

   - SUSE Linux Enterprise Desktop 11 SP2 (x86_64):

      xen-kmp-default-4.1.4_02_3.0.74_0.6.8-0.5.26
      xen-kmp-trace-4.1.4_02_3.0.74_0.6.8-0.5.26

   - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.74]:

      kernel-pae-3.0.74-0.6.8.1
      kernel-pae-base-3.0.74-0.6.8.1
      kernel-pae-devel-3.0.74-0.6.8.1
      kernel-pae-extra-3.0.74-0.6.8.1

   - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):

      ext4-writeable-kmp-default-0_3.0.74_0.6.8-0.14.51
      ext4-writeable-kmp-trace-0_3.0.74_0.6.8-0.14.51
      kernel-default-extra-3.0.74-0.6.8.1

   - SLE 11 SERVER Unsupported Extras (i586 x86_64):

      ext4-writeable-kmp-xen-0_3.0.74_0.6.8-0.14.51
      kernel-xen-extra-3.0.74-0.6.8.1

   - SLE 11 SERVER Unsupported Extras (ppc64):

      ext4-writeable-kmp-ppc64-0_3.0.74_0.6.8-0.14.51
      kernel-ppc64-extra-3.0.74-0.6.8.1

   - SLE 11 SERVER Unsupported Extras (i586):

      ext4-writeable-kmp-pae-0_3.0.74_0.6.8-0.14.51
      kernel-pae-extra-3.0.74-0.6.8.1


References:

   http://support.novell.com/security/cve/CVE-2013-2094.html
   https://bugzilla.novell.com/819789
   http://download.novell.com/patch/finder/?keywords=14a50f8cb46dab3dcc863fb2227607ab
   http://download.novell.com/patch/finder/?keywords=3401ecfc2b691af4d127d798edcf060a
   http://download.novell.com/patch/finder/?keywords=375aa081f1ff6a10e2d949b47176a611
   http://download.novell.com/patch/finder/?keywords=5d9fe2f45b3a2f877f1625994570692a
   http://download.novell.com/patch/finder/?keywords=6008a20122ec04696e8c8834aa0317aa
   http://download.novell.com/patch/finder/?keywords=8efbc0da700aac91059fee01a39df32d
   http://download.novell.com/patch/finder/?keywords=a1782fe8f690b0431b636c08c9b2f37e
   http://download.novell.com/patch/finder/?keywords=ca9f79d0269c0838370ad982d34bc46b
   http://download.novell.com/patch/finder/?keywords=e44165d6ef20693eeefcafe1aa789a24
   http://download.novell.com/patch/finder/?keywords=ea355152cf44a3491af093b94e79647e



More information about the sle-security-updates mailing list