LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

openSUSE alert openSUSE-SU-2010:0592-1 (kernel)



From:
    	      opensuse-security@opensuse.org 


To:
    	      opensuse-updates@opensuse.org 


Subject:
    	      openSUSE-SU-2010:0592-1 (moderate): Linux Kernel: Security/Bugfix update to 2.6.34.4 


Date:
    	      Wed,  8 Sep 2010 19:08:11 +0200 (CEST)


Message-ID:
    	      <20100908170811.C9E96BE31@oldboy.suse.de>


Archive-link:
    	      Article, Thread
              


   openSUSE Security Update: Linux Kernel: Security/Bugfix update to 2.6.34.4
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2010:0592-1
Rating:             moderate
References:         #529535 #584720 #586643 #594362 #599671 #608300 
                    #610362 #610828 #615656 #617530 #617912 #618678 
                    #619021 #619416 #619440 #619727 #621598 #623005 
                    #623472 #624118 #624587 #624606 #624814 #625339 
                    #627212 #627310 #627386 #627447 #629908 #631066 
                    #631185 #631319 
Cross-References:   CVE-2010-2524 CVE-2010-2537 CVE-2010-2538
                    CVE-2010-2798 CVE-2010-3110
Affected Products:
                    openSUSE 11.3
______________________________________________________________________________

   An update that solves 5 vulnerabilities and has 27 fixes is
   now available. It includes one version update.

Description:

   This update of the openSUSE 11.3 kernel brings the kernel
   to version 2.6.34.4 and contains a lot of bug and security
   fixes

   CVE-2010-3110: Missing bounds checks in several ioctls of
   the Novell Client novfs /proc interface allowed
   unprivileged local users to crash the kernel or even
   execute code in kernel context.

   CVE-2010-2524: a malicious local user could fill the cache
   used by CIFS do perform dns lookups with chosen data,
   therefore tricking the kernel into mounting a wrong CIFS
   server.

   CVE-2010-2798: a local user could trigger a NULL derefence
   on a gfs2 file system

   CVE-2010-2537: a local user could overwrite append-only
   files on a btrfs file system

   CVE-2010-2538: a local user could read kernel memory of a
   btrfs file system


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.3:

      zypper in -t patch Kernel-3038

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 11.3 (i586 x86_64) [New Version: 2.6.34.4]:

      kernel-debug-2.6.34.4-0.1.1
      kernel-debug-base-2.6.34.4-0.1.1
      kernel-debug-devel-2.6.34.4-0.1.1
      kernel-default-2.6.34.4-0.1.1
      kernel-default-base-2.6.34.4-0.1.1
      kernel-default-devel-2.6.34.4-0.1.1
      kernel-desktop-2.6.34.4-0.1.1
      kernel-desktop-base-2.6.34.4-0.1.1
      kernel-desktop-devel-2.6.34.4-0.1.1
      kernel-ec2-devel-2.6.34.4-0.1.1
      kernel-syms-2.6.34.4-0.1.1
      kernel-trace-2.6.34.4-0.1.1
      kernel-trace-base-2.6.34.4-0.1.1
      kernel-trace-devel-2.6.34.4-0.1.1
      kernel-vanilla-2.6.34.4-0.1.1
      kernel-vanilla-base-2.6.34.4-0.1.1
      kernel-vanilla-devel-2.6.34.4-0.1.1
      kernel-xen-2.6.34.4-0.1.1
      kernel-xen-base-2.6.34.4-0.1.1
      kernel-xen-devel-2.6.34.4-0.1.1
      preload-kmp-default-1.1_k2.6.34.4_0.1-19.1.1
      preload-kmp-desktop-1.1_k2.6.34.4_0.1-19.1.1

   - openSUSE 11.3 (noarch) [New Version: 2.6.34.4]:

      kernel-devel-2.6.34.4-0.1.1
      kernel-source-2.6.34.4-0.1.1
      kernel-source-vanilla-2.6.34.4-0.1.1

   - openSUSE 11.3 (i586) [New Version: 2.6.34.4]:

      kernel-pae-2.6.34.4-0.1.1
      kernel-pae-base-2.6.34.4-0.1.1
      kernel-pae-devel-2.6.34.4-0.1.1
      kernel-vmi-devel-2.6.34.4-0.1.1


References:

   http://support.novell.com/security/cve/CVE-2010-2524.html
   http://support.novell.com/security/cve/CVE-2010-2537.html
   http://support.novell.com/security/cve/CVE-2010-2538.html
   http://support.novell.com/security/cve/CVE-2010-2798.html
   http://support.novell.com/security/cve/CVE-2010-3110.html
   https://bugzilla.novell.com/529535
   https://bugzilla.novell.com/584720
   https://bugzilla.novell.com/586643
   https://bugzilla.novell.com/594362
   https://bugzilla.novell.com/599671
   https://bugzilla.novell.com/608300
   https://bugzilla.novell.com/610362
   https://bugzilla.novell.com/610828
   https://bugzilla.novell.com/615656
   https://bugzilla.novell.com/617530
   https://bugzilla.novell.com/617912
   https://bugzilla.novell.com/618678
   https://bugzilla.novell.com/619021
   https://bugzilla.novell.com/619416
   https://bugzilla.novell.com/619440
   https://bugzilla.novell.com/619727
   https://bugzilla.novell.com/621598
   https://bugzilla.novell.com/623005
   https://bugzilla.novell.com/623472
   https://bugzilla.novell.com/624118
   https://bugzilla.novell.com/624587
   https://bugzilla.novell.com/624606
   https://bugzilla.novell.com/624814
   https://bugzilla.novell.com/625339
   https://bugzilla.novell.com/627212
   https://bugzilla.novell.com/627310
   https://bugzilla.novell.com/627386
   https://bugzilla.novell.com/627447
   https://bugzilla.novell.com/629908
   https://bugzilla.novell.com/631066
   https://bugzilla.novell.com/631185
   https://bugzilla.novell.com/631319
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds