SUSE alert SUSE-SU-2013:0819-2 (Linux kernel) [LWN.net]


From:
    	       opensuse-security@opensuse.org 
To:
    	       opensuse-security-announce@opensuse.org 
Subject:
    	       [security-announce] SUSE-SU-2013:0819-2: critical: Security update for Linux kernel 
Date:
    	       Fri, 24 May 2013 17:04:28 +0200 (CEST)
Message-ID:
    	       <20130524150428.DE11A32245@maintenance.suse.de>
Archive-link:
    	       Article, Thread
              
   SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:0819-2
Rating:             critical
References:         #819789 
Cross-References:   CVE-2013-2094
Affected Products:
                    SUSE Linux Enterprise Real Time 11 SP2
______________________________________________________________________________

   An update that fixes one vulnerability is now available. It
   includes one version update.

Description:


   The SUSE Linux Enterprise 11 SP2 RT kernel has been updated
   to fix a  critical security issue.

   * CVE-2013-2094: A bounds checking problem in the perf
   systemcall could be used by local attackers to crash the
   kernel or execute code in kernel context.

   Security Issue reference:

   * CVE-2013-2094
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2094
   >

Indications:

   Everyone using the Real Time Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Real Time 11 SP2:

      zypper in -t patch slertesp2-kernel-7733

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Real Time 11 SP2 (x86_64) [New Version: 3.0.74.rt98]:

      cluster-network-kmp-rt-1.4_3.0.74_rt98_0.6.4-2.18.38
      cluster-network-kmp-rt_trace-1.4_3.0.74_rt98_0.6.4-2.18.38
      drbd-kmp-rt-8.4.2_3.0.74_rt98_0.6.4-0.6.6.29
      drbd-kmp-rt_trace-8.4.2_3.0.74_rt98_0.6.4-0.6.6.29
      iscsitarget-kmp-rt-1.4.20_3.0.74_rt98_0.6.4-0.23.35
      iscsitarget-kmp-rt_trace-1.4.20_3.0.74_rt98_0.6.4-0.23.35
      kernel-rt-3.0.74.rt98-0.6.4.1
      kernel-rt-base-3.0.74.rt98-0.6.4.1
      kernel-rt-devel-3.0.74.rt98-0.6.4.1
      kernel-rt_trace-3.0.74.rt98-0.6.4.1
      kernel-rt_trace-base-3.0.74.rt98-0.6.4.1
      kernel-rt_trace-devel-3.0.74.rt98-0.6.4.1
      kernel-source-rt-3.0.74.rt98-0.6.4.1
      kernel-syms-rt-3.0.74.rt98-0.6.4.1
      lttng-modules-kmp-rt-2.0.4_3.0.74_rt98_0.6.4-0.7.31
      lttng-modules-kmp-rt_trace-2.0.4_3.0.74_rt98_0.6.4-0.7.31
      ocfs2-kmp-rt-1.6_3.0.74_rt98_0.6.4-0.11.37
      ocfs2-kmp-rt_trace-1.6_3.0.74_rt98_0.6.4-0.11.37
      ofed-kmp-rt-1.5.2_3.0.74_rt98_0.6.4-0.28.28.9
      ofed-kmp-rt_trace-1.5.2_3.0.74_rt98_0.6.4-0.28.28.9


References:

   http://support.novell.com/security/cve/CVE-2013-2094.html
   https://bugzilla.novell.com/819789
   http://download.novell.com/patch/finder/?keywords=979782c...

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
(Log in to post comments)