SUSE-SU-2014:0773-1: Security update for Linux Kernel
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Tue Jun 10 12:05:55 MDT 2014
SUSE Security Update: Security update for Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2014:0773-1
Rating: low
References: #797175 #833968 #852553 #857643 #874108 #875798
Cross-References: CVE-2013-6382 CVE-2013-7263 CVE-2013-7264
CVE-2013-7265 CVE-2014-1737 CVE-2014-1738
Affected Products:
SUSE Linux Enterprise Server 10 SP4 LTSS
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been
updated to fix various security issues and several bugs.
The following security issues have been addressed:
*
CVE-2013-6382: Multiple buffer underflows in the XFS implementation
in the Linux kernel through 3.12.1 allow local users to cause a denial of
service (memory corruption) or possibly have unspecified
other impact by leveraging the CAP_SYS_ADMIN capability for a (1)
XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call
with a crafted length value, related to the xfs_attrlist_by_handle
function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle
function in fs/xfs/xfs_ioctl32.c. (bnc#852553)
*
CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length
values before ensuring that associated data structures have been
initialized, which allows local users to obtain sensitive information from
kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg
system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c,
net/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643)
*
CVE-2013-7264: The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in
the Linux kernel before 3.12.4 updates a certain length value before
ensuring that an associated data structure has been initialized, which
allows local users to obtain sensitive information from kernel stack
memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.
(bnc#857643)
*
CVE-2013-7265: The pn_recvmsg function in net/phonet/datagram.c in
the Linux kernel before 3.12.4 updates a certain length value before
ensuring that an associated data structure has been initialized, which
allows local users to obtain sensitive information from kernel stack
memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.
(bnc#857643)
*
CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c
in the Linux kernel through 3.14.3 does not properly handle error
conditions during processing of an FDRAWCMD ioctl call, which allows local
users to trigger kfree operations and gain privileges by leveraging write
access to a /dev/fd device. (bnc#875798)
*
CVE-2014-1738: The raw_cmd_copyout function in
drivers/block/floppy.c in the Linux kernel through 3.14.3 does not
properly restrict access to certain pointers during processing of an
FDRAWCMD ioctl call, which allows local users to obtain sensitive
information from kernel heap memory by leveraging write access to a
/dev/fd device. (bnc#875798)
Additionally, the following non-security bugs have been fixed:
* tcp: syncookies: reduce cookie lifetime to 128 seconds (bnc#833968).
* tcp: syncookies: reduce mss table to four values (bnc#833968).
* ia64: Change default PSR.ac from '1' to '0' (Fix erratum #237)
(bnc#874108).
* tty: fix up atime/mtime mess, take three (bnc#797175).
Security Issues references:
* CVE-2013-6382
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6382>
* CVE-2013-7263
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263>
* CVE-2013-7264
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7264>
* CVE-2013-7265
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7265>
* CVE-2014-1737
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1737>
* CVE-2014-1738
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1738>
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64):
kernel-default-2.6.16.60-0.107.1
kernel-source-2.6.16.60-0.107.1
kernel-syms-2.6.16.60-0.107.1
- SUSE Linux Enterprise Server 10 SP4 LTSS (x86_64):
kernel-debug-2.6.16.60-0.107.1
kernel-kdump-2.6.16.60-0.107.1
kernel-smp-2.6.16.60-0.107.1
kernel-xen-2.6.16.60-0.107.1
References:
http://support.novell.com/security/cve/CVE-2013-6382.html
http://support.novell.com/security/cve/CVE-2013-7263.html
http://support.novell.com/security/cve/CVE-2013-7264.html
http://support.novell.com/security/cve/CVE-2013-7265.html
http://support.novell.com/security/cve/CVE-2014-1737.html
http://support.novell.com/security/cve/CVE-2014-1738.html
https://bugzilla.novell.com/797175
https://bugzilla.novell.com/833968
https://bugzilla.novell.com/852553
https://bugzilla.novell.com/857643
https://bugzilla.novell.com/874108
https://bugzilla.novell.com/875798
http://download.suse.com/patch/finder/?keywords=92e5a7d9af3ca4f050703bcbf2268c9e
http://download.suse.com/patch/finder/?keywords=a9f7b560616d678d5217f211234abdba
More information about the sle-security-updates
mailing list