User: Password:
Subscribe / Log in / New account

openSUSE alert openSUSE-SU-2010:0592-1 (kernel)

Subject:  openSUSE-SU-2010:0592-1 (moderate): Linux Kernel: Security/Bugfix update to
Date:  Wed, 8 Sep 2010 19:08:11 +0200 (CEST)
Message-ID:  <>
Archive-link:  Article, Thread

openSUSE Security Update: Linux Kernel: Security/Bugfix update to ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0592-1 Rating: moderate References: #529535 #584720 #586643 #594362 #599671 #608300 #610362 #610828 #615656 #617530 #617912 #618678 #619021 #619416 #619440 #619727 #621598 #623005 #623472 #624118 #624587 #624606 #624814 #625339 #627212 #627310 #627386 #627447 #629908 #631066 #631185 #631319 Cross-References: CVE-2010-2524 CVE-2010-2537 CVE-2010-2538 CVE-2010-2798 CVE-2010-3110 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has 27 fixes is now available. It includes one version update. Description: This update of the openSUSE 11.3 kernel brings the kernel to version and contains a lot of bug and security fixes CVE-2010-3110: Missing bounds checks in several ioctls of the Novell Client novfs /proc interface allowed unprivileged local users to crash the kernel or even execute code in kernel context. CVE-2010-2524: a malicious local user could fill the cache used by CIFS do perform dns lookups with chosen data, therefore tricking the kernel into mounting a wrong CIFS server. CVE-2010-2798: a local user could trigger a NULL derefence on a gfs2 file system CVE-2010-2537: a local user could overwrite append-only files on a btrfs file system CVE-2010-2538: a local user could read kernel memory of a btrfs file system Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch Kernel-3038 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64) [New Version:]: kernel-debug- kernel-debug-base- kernel-debug-devel- kernel-default- kernel-default-base- kernel-default-devel- kernel-desktop- kernel-desktop-base- kernel-desktop-devel- kernel-ec2-devel- kernel-syms- kernel-trace- kernel-trace-base- kernel-trace-devel- kernel-vanilla- kernel-vanilla-base- kernel-vanilla-devel- kernel-xen- kernel-xen-base- kernel-xen-devel- preload-kmp-default-1.1_k2.6.34.4_0.1-19.1.1 preload-kmp-desktop-1.1_k2.6.34.4_0.1-19.1.1 - openSUSE 11.3 (noarch) [New Version:]: kernel-devel- kernel-source- kernel-source-vanilla- - openSUSE 11.3 (i586) [New Version:]: kernel-pae- kernel-pae-base- kernel-pae-devel- kernel-vmi-devel- References:

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds