SUSE-SU-2012:0115-1: moderate: Security update for Linux kernel
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Jan 23 12:08:25 MST 2012
SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0115-1
Rating: moderate
References: #651219 #653260 #655696 #656153 #671124 #673343
#676602 #681180 #681181 #681185 #681186 #699709
#700879 #702037 #704253 #707288 #716437 #721267
#721351 #725878 #726064 #726843 #727597 #728341
#729117 #730749 #731770 #732375 #733407 #735612
Cross-References: CVE-2010-3873 CVE-2010-4164 CVE-2010-4249
CVE-2011-1080 CVE-2011-1170 CVE-2011-1171
CVE-2011-1172 CVE-2011-1173 CVE-2011-2203
CVE-2011-2213 CVE-2011-2525 CVE-2011-2534
CVE-2011-2699 CVE-2011-3209
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that solves 14 vulnerabilities and has 16 fixes
is now available.
Description:
This Linux kernel update fixes various security issues and
bugs in the SUSE Linux Enterprise 10 SP4 kernel.
This update fixes the following security issues:
* bnc#651219: X.25 remote DoS (CVE-2010-3873)
* bnc#653260: X.25 remote Dos (CVE-2010-4164)
* bnc#655696: 1 socket local DoS (CVE-2010-4249)
* bnc#676602: ebtables infoleak (CVE-2011-1080)
* bnc#681180: netfilter: arp_tables infoleak to
userspace (CVE-2011-1170)
* bnc#681181: netfilter: ip_tables infoleak to
userspace (CVE-2011-1171)
* bnc#681185: netfilter: ip6_tables infoleak to
userspace (CVE-2011-1172)
* bnc#681186: econet 4 byte infoleak (CVE-2011-1173)
* bnc#699709: hfs NULL pointer dereference
(CVE-2011-2203)
* bnc#700879: inet_diag infinite loop (CVE-2011-2213)
* bnc#702037: netfilter: ipt_CLUSTERIP buffer overflow
(CVE-2011-2534)
* bnc#707288: ipv6: make fragment identifications less
predictable (CVE-2011-2699)
* bnc#726064: clock_gettime() panic (CVE-2011-3209)
* bnc#735612: qdisc NULL dereference (CVE-2011-2525)
This update also fixes the following non-security issues:
* bnc#671124: New timesource for VMware platform
* bnc#673343: usblp crashes after the printer is
unplugged for the second time
* bnc#704253: Data corruption with mpt2sas driver
* bnc#716437: NIC Bond no longer works when booting the
XEN kernel
* bnc#721267: "reboot=b" kernel command line hangs
system on reboot
* bnc#721351: kernel panic at iscsi_xmitwork function
* bnc#725878: NFS supplementary group permissions
* bnc#726843: IBM LTC System z Maintenance Kernel
Patches (#59)
* bnc#727597: NFS slowness
* bnc#728341: IBM LTC System z maintenance kernel
patches (#60)
* bnc#729117: propagate MAC-address to VLAN-interface
* bnc#730749: ipmi deadlock in start_next_msg
* bnc#731770: ext3 filesystem corruption after crash
* bnc#732375: IBM LTC System z maintenance kernel
patches (#61)
* bnc#733407: hangs when offlining a CPU core
Security Issue references:
* CVE-2011-2534
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2534
>
* CVE-2011-2525
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2525
>
* CVE-2011-2203
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2203
>
* CVE-2011-2699
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2699
>
* CVE-2010-4249
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4249
>
* CVE-2011-1173
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1173
>
* CVE-2011-1170
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1170
>
* CVE-2011-1171
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1171
>
* CVE-2010-3873
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3873
>
* CVE-2011-1080
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1080
>
* CVE-2011-2213
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2213
>
* CVE-2011-3209
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3209
>
* CVE-2011-1172
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1172
>
* CVE-2010-4164
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4164
>
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (ia64 ppc x86_64):
kernel-default-2.6.16.60-0.93.1
kernel-source-2.6.16.60-0.93.1
kernel-syms-2.6.16.60-0.93.1
- SUSE Linux Enterprise Server 10 SP4 (ia64 x86_64):
kernel-debug-2.6.16.60-0.93.1
- SUSE Linux Enterprise Server 10 SP4 (ppc x86_64):
kernel-kdump-2.6.16.60-0.93.1
- SUSE Linux Enterprise Server 10 SP4 (x86_64):
kernel-smp-2.6.16.60-0.93.1
kernel-xen-2.6.16.60-0.93.1
- SUSE Linux Enterprise Server 10 SP4 (ppc):
kernel-iseries64-2.6.16.60-0.93.1
kernel-ppc64-2.6.16.60-0.93.1
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
kernel-default-2.6.16.60-0.93.1
kernel-smp-2.6.16.60-0.93.1
kernel-source-2.6.16.60-0.93.1
kernel-syms-2.6.16.60-0.93.1
kernel-xen-2.6.16.60-0.93.1
- SLE SDK 10 SP4 (ia64 x86_64):
kernel-debug-2.6.16.60-0.93.1
- SLE SDK 10 SP4 (ppc x86_64):
kernel-kdump-2.6.16.60-0.93.1
- SLE SDK 10 SP4 (x86_64):
kernel-xen-2.6.16.60-0.93.1
References:
http://support.novell.com/security/cve/CVE-2010-3873.html
http://support.novell.com/security/cve/CVE-2010-4164.html
http://support.novell.com/security/cve/CVE-2010-4249.html
http://support.novell.com/security/cve/CVE-2011-1080.html
http://support.novell.com/security/cve/CVE-2011-1170.html
http://support.novell.com/security/cve/CVE-2011-1171.html
http://support.novell.com/security/cve/CVE-2011-1172.html
http://support.novell.com/security/cve/CVE-2011-1173.html
http://support.novell.com/security/cve/CVE-2011-2203.html
http://support.novell.com/security/cve/CVE-2011-2213.html
http://support.novell.com/security/cve/CVE-2011-2525.html
http://support.novell.com/security/cve/CVE-2011-2534.html
http://support.novell.com/security/cve/CVE-2011-2699.html
http://support.novell.com/security/cve/CVE-2011-3209.html
https://bugzilla.novell.com/651219
https://bugzilla.novell.com/653260
https://bugzilla.novell.com/655696
https://bugzilla.novell.com/656153
https://bugzilla.novell.com/671124
https://bugzilla.novell.com/673343
https://bugzilla.novell.com/676602
https://bugzilla.novell.com/681180
https://bugzilla.novell.com/681181
https://bugzilla.novell.com/681185
https://bugzilla.novell.com/681186
https://bugzilla.novell.com/699709
https://bugzilla.novell.com/700879
https://bugzilla.novell.com/702037
https://bugzilla.novell.com/704253
https://bugzilla.novell.com/707288
https://bugzilla.novell.com/716437
https://bugzilla.novell.com/721267
https://bugzilla.novell.com/721351
https://bugzilla.novell.com/725878
https://bugzilla.novell.com/726064
https://bugzilla.novell.com/726843
https://bugzilla.novell.com/727597
https://bugzilla.novell.com/728341
https://bugzilla.novell.com/729117
https://bugzilla.novell.com/730749
https://bugzilla.novell.com/731770
https://bugzilla.novell.com/732375
https://bugzilla.novell.com/733407
https://bugzilla.novell.com/735612
http://download.novell.com/patch/finder/?keywords=2a1dcec5842ef47d7b0bf7d89db4e205
http://download.novell.com/patch/finder/?keywords=2a3c70bd23d91ad0dd11094f7e71f27a
http://download.novell.com/patch/finder/?keywords=ed1ddae1d04fbafa3e5bdc6898982285
More information about the sle-security-updates
mailing list