SUSE-SU-2012:0115-2: moderate: Security update for Linux kernel

sle-updates at lists.suse.com sle-updates at lists.suse.com
Tue Jan 24 02:08:34 MST 2012


   SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:0115-2
Rating:             moderate
References:         #651219 #653260 #655696 #656153 #671124 #673343 
                    #676602 #681180 #681181 #681185 #681186 #699709 
                    #700879 #702037 #704253 #707288 #716437 #721267 
                    #721351 #725878 #726064 #726843 #727597 #728341 
                    #729117 #730749 #731770 #732375 #733407 #735612 
                    
Cross-References:   CVE-2010-3873 CVE-2010-4164 CVE-2010-4249
                    CVE-2011-1080 CVE-2011-1170 CVE-2011-1171
                    CVE-2011-1172 CVE-2011-1173 CVE-2011-2203
                    CVE-2011-2213 CVE-2011-2525 CVE-2011-2534
                    CVE-2011-2699 CVE-2011-3209
Affected Products:
                    SUSE Linux Enterprise Server 10 SP4
                    SUSE Linux Enterprise Desktop 10 SP4
                    SLE SDK 10 SP4
______________________________________________________________________________

   An update that solves 14 vulnerabilities and has 16 fixes
   is now available.

Description:


   This Linux kernel update fixes various security issues and
   bugs in the SUSE  Linux Enterprise 10 SP4 kernel.

   This update fixes the following security issues:

   * bnc#651219: X.25 remote DoS (CVE-2010-3873)
   * bnc#653260: X.25 remote Dos (CVE-2010-4164)
   * bnc#655696: 1 socket local DoS (CVE-2010-4249)
   * bnc#676602: ebtables infoleak (CVE-2011-1080)
   * bnc#681180: netfilter: arp_tables infoleak to
   userspace (CVE-2011-1170)
   * bnc#681181: netfilter: ip_tables infoleak to
   userspace (CVE-2011-1171)
   * bnc#681185: netfilter: ip6_tables infoleak to
   userspace (CVE-2011-1172)
   * bnc#681186: econet 4 byte infoleak (CVE-2011-1173)
   * bnc#699709: hfs NULL pointer dereference
   (CVE-2011-2203)
   * bnc#700879: inet_diag infinite loop (CVE-2011-2213)
   * bnc#702037: netfilter: ipt_CLUSTERIP buffer overflow
   (CVE-2011-2534)
   * bnc#707288: ipv6: make fragment identifications less
   predictable (CVE-2011-2699)
   * bnc#726064: clock_gettime() panic (CVE-2011-3209)
   * bnc#735612: qdisc NULL dereference (CVE-2011-2525)

   This update also fixes the following non-security issues:

   * bnc#671124: New timesource for VMware platform
   * bnc#673343: usblp crashes after the printer is
   unplugged for the second time
   * bnc#704253: Data corruption with mpt2sas driver
   * bnc#716437: NIC Bond no longer works when booting the
   XEN kernel
   * bnc#721267: "reboot=b" kernel command line hangs
   system on reboot
   * bnc#721351: kernel panic at iscsi_xmitwork function
   * bnc#725878: NFS supplementary group permissions
   * bnc#726843: IBM LTC System z Maintenance Kernel
   Patches (#59)
   * bnc#727597: NFS slowness
   * bnc#728341: IBM LTC System z maintenance kernel
   patches (#60)
   * bnc#729117: propagate MAC-address to VLAN-interface
   * bnc#730749: ipmi deadlock in start_next_msg
   * bnc#731770: ext3 filesystem corruption after crash
   * bnc#732375: IBM LTC System z maintenance kernel
   patches (#61)
   * bnc#733407: hangs when offlining a CPU core

   Security Issue references:

   * CVE-2011-2534
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2534
   >
   * CVE-2011-2525
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2525
   >
   * CVE-2011-2203
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2203
   >
   * CVE-2011-2699
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2699
   >
   * CVE-2010-4249
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4249
   >
   * CVE-2011-1173
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1173
   >
   * CVE-2011-1170
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1170
   >
   * CVE-2011-1171
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1171
   >
   * CVE-2010-3873
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3873
   >
   * CVE-2011-1080
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1080
   >
   * CVE-2011-2213
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2213
   >
   * CVE-2011-3209
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3209
   >
   * CVE-2011-1172
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1172
   >
   * CVE-2010-4164
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4164
   >

Indications:

   Everyone using the Linux Kernel on x86 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.


Package List:

   - SUSE Linux Enterprise Server 10 SP4 (i586):

      kernel-bigsmp-2.6.16.60-0.93.1
      kernel-debug-2.6.16.60-0.93.1
      kernel-default-2.6.16.60-0.93.1
      kernel-kdump-2.6.16.60-0.93.1
      kernel-kdumppae-2.6.16.60-0.93.1
      kernel-smp-2.6.16.60-0.93.1
      kernel-source-2.6.16.60-0.93.1
      kernel-syms-2.6.16.60-0.93.1
      kernel-vmi-2.6.16.60-0.93.1
      kernel-vmipae-2.6.16.60-0.93.1
      kernel-xen-2.6.16.60-0.93.1
      kernel-xenpae-2.6.16.60-0.93.1

   - SUSE Linux Enterprise Desktop 10 SP4 (i586):

      kernel-bigsmp-2.6.16.60-0.93.1
      kernel-default-2.6.16.60-0.93.1
      kernel-smp-2.6.16.60-0.93.1
      kernel-source-2.6.16.60-0.93.1
      kernel-syms-2.6.16.60-0.93.1
      kernel-xen-2.6.16.60-0.93.1
      kernel-xenpae-2.6.16.60-0.93.1

   - SLE SDK 10 SP4 (i586):

      kernel-debug-2.6.16.60-0.93.1
      kernel-kdump-2.6.16.60-0.93.1
      kernel-xen-2.6.16.60-0.93.1
      kernel-xenpae-2.6.16.60-0.93.1


References:

   http://support.novell.com/security/cve/CVE-2010-3873.html
   http://support.novell.com/security/cve/CVE-2010-4164.html
   http://support.novell.com/security/cve/CVE-2010-4249.html
   http://support.novell.com/security/cve/CVE-2011-1080.html
   http://support.novell.com/security/cve/CVE-2011-1170.html
   http://support.novell.com/security/cve/CVE-2011-1171.html
   http://support.novell.com/security/cve/CVE-2011-1172.html
   http://support.novell.com/security/cve/CVE-2011-1173.html
   http://support.novell.com/security/cve/CVE-2011-2203.html
   http://support.novell.com/security/cve/CVE-2011-2213.html
   http://support.novell.com/security/cve/CVE-2011-2525.html
   http://support.novell.com/security/cve/CVE-2011-2534.html
   http://support.novell.com/security/cve/CVE-2011-2699.html
   http://support.novell.com/security/cve/CVE-2011-3209.html
   https://bugzilla.novell.com/651219
   https://bugzilla.novell.com/653260
   https://bugzilla.novell.com/655696
   https://bugzilla.novell.com/656153
   https://bugzilla.novell.com/671124
   https://bugzilla.novell.com/673343
   https://bugzilla.novell.com/676602
   https://bugzilla.novell.com/681180
   https://bugzilla.novell.com/681181
   https://bugzilla.novell.com/681185
   https://bugzilla.novell.com/681186
   https://bugzilla.novell.com/699709
   https://bugzilla.novell.com/700879
   https://bugzilla.novell.com/702037
   https://bugzilla.novell.com/704253
   https://bugzilla.novell.com/707288
   https://bugzilla.novell.com/716437
   https://bugzilla.novell.com/721267
   https://bugzilla.novell.com/721351
   https://bugzilla.novell.com/725878
   https://bugzilla.novell.com/726064
   https://bugzilla.novell.com/726843
   https://bugzilla.novell.com/727597
   https://bugzilla.novell.com/728341
   https://bugzilla.novell.com/729117
   https://bugzilla.novell.com/730749
   https://bugzilla.novell.com/731770
   https://bugzilla.novell.com/732375
   https://bugzilla.novell.com/733407
   https://bugzilla.novell.com/735612
   http://download.novell.com/patch/finder/?keywords=04c790b378855fb45cf8fbe69ba4bbc1



More information about the sle-updates mailing list