Security update for Linux kernel
SUSE Security Update: Security update for Linux kernel
This Linux kernel update fixes various security issues and
bugs in the SUSE Linux Enterprise 10 SP4 kernel.
The following security issues have been fixed:
*
CVE-2013-0871: A race condition in ptrace(2) could be
used by local attackers to crash the kernel and/or execute
code in kernel context.
*
CVE-2013-0160: Avoid side channel information leaks
from the ptys via ptmx, which allowed local attackers to
guess keypresses.
*
CVE-2012-4530: Avoid leaving bprm->interp on the
stack which might have leaked information from the kernel
to userland attackers.
*
CVE-2013-0268: The msr_open function in
arch/x86/kernel/msr.c in the Linux kernel allowed local
users to bypass intended capability restrictions by
executing a crafted application as root, as demonstrated by
msr32.c.
*
CVE-2013-0216: The Xen netback functionality in the
Linux kernel allowed guest OS users to cause a denial of
service (loop) by triggering ring pointer corruption.
*
CVE-2013-0231: The pciback_enable_msi function in the
PCI backend driver
(drivers/xen/pciback/conf_space_capability_msi.c) in Xen
for the Linux kernel allowed guest OS users with PCI device
access to cause a denial of service via a large number of
kernel log messages. NOTE: some of these details are
obtained from third party information.
Also the following non-security bugs have been fixed:
S/390:
* s390x: tty struct used after free (bnc#809692,
LTC#90216).
* s390x/kernel: sched_clock() overflow (bnc#799611,
LTC#87978).
* qeth: set new mac even if old mac is gone
(bnc#789012,LTC#86643).
* qeth: set new mac even if old mac is gone (2)
(bnc#792697,LTC#87138).
* qeth: fix deadlock between recovery and bonding
driver (bnc#785101,LTC#85905).
* dasd: check count address during online setting
(bnc#781485,LTC#85346).
* hugetlbfs: add missing TLB invalidation
(bnc#781485,LTC#85463).
* s390/kernel: make user-access pagetable walk code
huge page aware (bnc#781485,LTC#85455).
XEN:
* xen/netback: fix netbk_count_requests().
* xen: properly bound buffer access when parsing
cpu/availability.
* xen/scsiback/usbback: move cond_resched() invocations
to proper place.
* xen/pciback: properly clean up after calling
pcistub_device_find().
* xen: add further backward-compatibility configure
options.
* xen/PCI: suppress bogus warning on old hypervisors.
* xenbus: fix overflow check in xenbus_dev_write().
* xen/x86: do not corrupt %eip when returning from a
signal handler.
Other:
* kernel: Restrict clearing TIF_SIGPENDING (bnc#742111).
* kernel: recalc_sigpending_tsk fixes (bnc#742111).
* xfs: Do not reclaim new inodes in xfs_sync_inodes()
(bnc#770980).
* jbd: Avoid BUG_ON when checkpoint stalls (bnc#795335).
* reiserfs: Fix int overflow while calculating free
space (bnc#795075).
* cifs: clarify the meaning of tcpStatus == CifsGood
(bnc#769093).
* cifs: do not allow cifs_reconnect to exit with NULL
socket pointer (bnc#769093).
* cifs: switch to seq_files (bnc#776370).
* scsi: fix check of PQ and PDT bits for WLUNs
(bnc#765687).
* hugetlb: preserve hugetlb pte dirty state
(bnc#790236).
* poll: enforce RLIMIT_NOFILE in poll() (bnc#787272).
* proc: fix ->open less usage due to ->proc_fops flip
(bnc#776370).
* rpm/kernel-binary.spec.in: Ignore kabi errors if
%%ignore_kabi_badness is defined. This is used in the
Kernel:* projects in the OBS.
Security Issue references:
* CVE-2012-4530
>
* CVE-2013-0160
>
* CVE-2013-0216
>
* CVE-2013-0231
>
* CVE-2013-0268
>
* CVE-2013-0871
>
| Announcement ID: | SUSE-SU-2013:0674-1 |
| Rating: | important |
| References: | #742111 #765687 #769093 #770980 #776370 #781485 #785101 #786013 #787272 #789012 #790236 #792697 #795075 #795335 #797175 #799611 #800280 #801178 #802642 #804154 #809692 |
| Affected Products: |
An update that solves 6 vulnerabilities and has 15 fixes is now available.
Description:
This Linux kernel update fixes various security issues and
bugs in the SUSE Linux Enterprise 10 SP4 kernel.
The following security issues have been fixed:
*
CVE-2013-0871: A race condition in ptrace(2) could be
used by local attackers to crash the kernel and/or execute
code in kernel context.
*
CVE-2013-0160: Avoid side channel information leaks
from the ptys via ptmx, which allowed local attackers to
guess keypresses.
*
CVE-2012-4530: Avoid leaving bprm->interp on the
stack which might have leaked information from the kernel
to userland attackers.
*
CVE-2013-0268: The msr_open function in
arch/x86/kernel/msr.c in the Linux kernel allowed local
users to bypass intended capability restrictions by
executing a crafted application as root, as demonstrated by
msr32.c.
*
CVE-2013-0216: The Xen netback functionality in the
Linux kernel allowed guest OS users to cause a denial of
service (loop) by triggering ring pointer corruption.
*
CVE-2013-0231: The pciback_enable_msi function in the
PCI backend driver
(drivers/xen/pciback/conf_space_capability_msi.c) in Xen
for the Linux kernel allowed guest OS users with PCI device
access to cause a denial of service via a large number of
kernel log messages. NOTE: some of these details are
obtained from third party information.
Also the following non-security bugs have been fixed:
S/390:
* s390x: tty struct used after free (bnc#809692,
LTC#90216).
* s390x/kernel: sched_clock() overflow (bnc#799611,
LTC#87978).
* qeth: set new mac even if old mac is gone
(bnc#789012,LTC#86643).
* qeth: set new mac even if old mac is gone (2)
(bnc#792697,LTC#87138).
* qeth: fix deadlock between recovery and bonding
driver (bnc#785101,LTC#85905).
* dasd: check count address during online setting
(bnc#781485,LTC#85346).
* hugetlbfs: add missing TLB invalidation
(bnc#781485,LTC#85463).
* s390/kernel: make user-access pagetable walk code
huge page aware (bnc#781485,LTC#85455).
XEN:
* xen/netback: fix netbk_count_requests().
* xen: properly bound buffer access when parsing
cpu/availability.
* xen/scsiback/usbback: move cond_resched() invocations
to proper place.
* xen/pciback: properly clean up after calling
pcistub_device_find().
* xen: add further backward-compatibility configure
options.
* xen/PCI: suppress bogus warning on old hypervisors.
* xenbus: fix overflow check in xenbus_dev_write().
* xen/x86: do not corrupt %eip when returning from a
signal handler.
Other:
* kernel: Restrict clearing TIF_SIGPENDING (bnc#742111).
* kernel: recalc_sigpending_tsk fixes (bnc#742111).
* xfs: Do not reclaim new inodes in xfs_sync_inodes()
(bnc#770980).
* jbd: Avoid BUG_ON when checkpoint stalls (bnc#795335).
* reiserfs: Fix int overflow while calculating free
space (bnc#795075).
* cifs: clarify the meaning of tcpStatus == CifsGood
(bnc#769093).
* cifs: do not allow cifs_reconnect to exit with NULL
socket pointer (bnc#769093).
* cifs: switch to seq_files (bnc#776370).
* scsi: fix check of PQ and PDT bits for WLUNs
(bnc#765687).
* hugetlb: preserve hugetlb pte dirty state
(bnc#790236).
* poll: enforce RLIMIT_NOFILE in poll() (bnc#787272).
* proc: fix ->open less usage due to ->proc_fops flip
(bnc#776370).
* rpm/kernel-binary.spec.in: Ignore kabi errors if
%%ignore_kabi_badness is defined. This is used in the
Kernel:* projects in the OBS.
Security Issue references:
* CVE-2012-4530
* CVE-2013-0160
* CVE-2013-0216
* CVE-2013-0231
* CVE-2013-0268
* CVE-2013-0871
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
- kernel-default-2.6.16.60-0.101.1
- kernel-source-2.6.16.60-0.101.1
- kernel-syms-2.6.16.60-0.101.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 x86_64):
- kernel-debug-2.6.16.60-0.101.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64):
- kernel-kdump-2.6.16.60-0.101.1
- SUSE Linux Enterprise Server 10 SP4 (i586 x86_64):
- kernel-smp-2.6.16.60-0.101.1
- kernel-xen-2.6.16.60-0.101.1
- SUSE Linux Enterprise Server 10 SP4 (i586):
- kernel-bigsmp-2.6.16.60-0.101.1
- kernel-kdumppae-2.6.16.60-0.101.1
- kernel-vmi-2.6.16.60-0.101.1
- kernel-vmipae-2.6.16.60-0.101.1
- kernel-xenpae-2.6.16.60-0.101.1
- SUSE Linux Enterprise Server 10 SP4 (ppc):
- kernel-iseries64-2.6.16.60-0.101.1
- kernel-ppc64-2.6.16.60-0.101.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
- kernel-default-2.6.16.60-0.101.1
- kernel-smp-2.6.16.60-0.101.1
- kernel-source-2.6.16.60-0.101.1
- kernel-syms-2.6.16.60-0.101.1
- kernel-xen-2.6.16.60-0.101.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586):
- kernel-bigsmp-2.6.16.60-0.101.1
- kernel-xenpae-2.6.16.60-0.101.1
- SLE SDK 10 SP4 (i586 ia64 x86_64):
- kernel-debug-2.6.16.60-0.101.1
- SLE SDK 10 SP4 (i586 ppc x86_64):
- kernel-kdump-2.6.16.60-0.101.1
- SLE SDK 10 SP4 (i586 x86_64):
- kernel-xen-2.6.16.60-0.101.1
- SLE SDK 10 SP4 (i586):
- kernel-xenpae-2.6.16.60-0.101.1
References:
- http://support.novell.com/security/cve/CVE-2012-4530.html
- http://support.novell.com/security/cve/CVE-2013-0160.html
- http://support.novell.com/security/cve/CVE-2013-0216.html
- http://support.novell.com/security/cve/CVE-2013-0231.html
- http://support.novell.com/security/cve/CVE-2013-0268.html
- http://support.novell.com/security/cve/CVE-2013-0871.html
- https://bugzilla.novell.com/742111
- https://bugzilla.novell.com/765687
- https://bugzilla.novell.com/769093
- https://bugzilla.novell.com/770980
- https://bugzilla.novell.com/776370
- https://bugzilla.novell.com/781485
- https://bugzilla.novell.com/785101
- https://bugzilla.novell.com/786013
- https://bugzilla.novell.com/787272
- https://bugzilla.novell.com/789012
- https://bugzilla.novell.com/790236
- https://bugzilla.novell.com/792697
- https://bugzilla.novell.com/795075
- https://bugzilla.novell.com/795335
- https://bugzilla.novell.com/797175
- https://bugzilla.novell.com/799611
- https://bugzilla.novell.com/800280
- https://bugzilla.novell.com/801178
- https://bugzilla.novell.com/802642
- https://bugzilla.novell.com/804154
- https://bugzilla.novell.com/809692
- http://download.suse.com/patch/finder/?keywords=2b51bf3e02179f8f70c7b2ada2571a2d
- http://download.suse.com/patch/finder/?keywords=7cf4de409b28c5f187bc1e9f71ccd64f
- http://download.suse.com/patch/finder/?keywords=ac5626f6e7f483c6dac1cc5fe253fcf9
- http://download.suse.com/patch/finder/?keywords=ba0e542087a9075aed8c17a29d5f1cb8
- http://download.suse.com/patch/finder/?keywords=dba6fc0fdae22199ec260695a6d2179e