Security update for the Linux Kernel (x86)

SUSE Security Update: Security update for the Linux Kernel (x86)
Announcement ID: SUSE-SU-2013:0819-1
Rating: critical
References: #819789
Affected Products:
  • SUSE Linux Enterprise Server 11 SP2 for VMware
  • SUSE Linux Enterprise Server 11 SP2
  • SUSE Linux Enterprise High Availability Extension 11 SP2
  • SUSE Linux Enterprise Desktop 11 SP2
  • SLE 11 SERVER Unsupported Extras
    		•

    An update that fixes one vulnerability is now available. It includes one version update.

    Description:


    This update to the SUSE Linux Enterprise 11 SP2 kernel
    fixes the following critical security issue:

    * A bounds checking problem in the perf systemcall
    could be used by local attackers to crash the kernel or
    execute code in kernel context. (CVE-2013-2094
    > )

    Indications:

    Everyone using the Linux Kernel on x86_64 architecture should update.

    Special Instructions and Notes:

    Please reboot the system after installing this update.

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Server 11 SP2 for VMware:
      zypper in -t patch slessp2-kernel-7723 slessp2-kernel-7727
    • SUSE Linux Enterprise Server 11 SP2:
      zypper in -t patch slessp2-kernel-7723 slessp2-kernel-7724 slessp2-kernel-7725 slessp2-kernel-7726 slessp2-kernel-7727
    • SUSE Linux Enterprise High Availability Extension 11 SP2:
      zypper in -t patch sleshasp2-kernel-7723 sleshasp2-kernel-7724 sleshasp2-kernel-7725 sleshasp2-kernel-7726 sleshasp2-kernel-7727
    • SUSE Linux Enterprise Desktop 11 SP2:
      zypper in -t patch sledsp2-kernel-7723 sledsp2-kernel-7727

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.74]:
    • kernel-default-3.0.74-0.6.8.1
    • kernel-default-base-3.0.74-0.6.8.1
    • kernel-default-devel-3.0.74-0.6.8.1
    • kernel-source-3.0.74-0.6.8.1
    • kernel-syms-3.0.74-0.6.8.1
    • kernel-trace-3.0.74-0.6.8.1
    • kernel-trace-base-3.0.74-0.6.8.1
    • kernel-trace-devel-3.0.74-0.6.8.1
    • kernel-xen-devel-3.0.74-0.6.8.1
    • SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64):
    • xen-kmp-trace-4.1.4_02_3.0.74_0.6.8-0.5.26
    • SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.74]:
    • kernel-pae-3.0.74-0.6.8.1
    • kernel-pae-base-3.0.74-0.6.8.1
    • kernel-pae-devel-3.0.74-0.6.8.1
    • SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.74]:
    • kernel-default-3.0.74-0.6.8.1
    • kernel-default-base-3.0.74-0.6.8.1
    • kernel-default-devel-3.0.74-0.6.8.1
    • kernel-source-3.0.74-0.6.8.1
    • kernel-syms-3.0.74-0.6.8.1
    • kernel-trace-3.0.74-0.6.8.1
    • kernel-trace-base-3.0.74-0.6.8.1
    • kernel-trace-devel-3.0.74-0.6.8.1
    • SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.74]:
    • kernel-ec2-3.0.74-0.6.8.1
    • kernel-ec2-base-3.0.74-0.6.8.1
    • kernel-ec2-devel-3.0.74-0.6.8.1
    • kernel-xen-3.0.74-0.6.8.1
    • kernel-xen-base-3.0.74-0.6.8.1
    • kernel-xen-devel-3.0.74-0.6.8.1
    • SUSE Linux Enterprise Server 11 SP2 (x86_64):
    • xen-kmp-default-4.1.4_02_3.0.74_0.6.8-0.5.26
    • xen-kmp-trace-4.1.4_02_3.0.74_0.6.8-0.5.26
    • SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.74]:
    • kernel-default-man-3.0.74-0.6.8.1
    • SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.74]:
    • kernel-ppc64-3.0.74-0.6.8.1
    • kernel-ppc64-base-3.0.74-0.6.8.1
    • kernel-ppc64-devel-3.0.74-0.6.8.1
    • SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.74]:
    • kernel-pae-3.0.74-0.6.8.1
    • kernel-pae-base-3.0.74-0.6.8.1
    • kernel-pae-devel-3.0.74-0.6.8.1
    • SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64):
    • cluster-network-kmp-default-1.4_3.0.74_0.6.8-2.18.38
    • cluster-network-kmp-trace-1.4_3.0.74_0.6.8-2.18.38
    • gfs2-kmp-default-2_3.0.74_0.6.8-0.7.70
    • gfs2-kmp-trace-2_3.0.74_0.6.8-0.7.70
    • ocfs2-kmp-default-1.6_3.0.74_0.6.8-0.11.37
    • ocfs2-kmp-trace-1.6_3.0.74_0.6.8-0.11.37
    • SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64):
    • cluster-network-kmp-xen-1.4_3.0.74_0.6.8-2.18.38
    • gfs2-kmp-xen-2_3.0.74_0.6.8-0.7.70
    • ocfs2-kmp-xen-1.6_3.0.74_0.6.8-0.11.37
    • SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64):
    • cluster-network-kmp-ppc64-1.4_3.0.74_0.6.8-2.18.38
    • gfs2-kmp-ppc64-2_3.0.74_0.6.8-0.7.70
    • ocfs2-kmp-ppc64-1.6_3.0.74_0.6.8-0.11.37
    • SUSE Linux Enterprise High Availability Extension 11 SP2 (i586):
    • cluster-network-kmp-pae-1.4_3.0.74_0.6.8-2.18.38
    • gfs2-kmp-pae-2_3.0.74_0.6.8-0.7.70
    • ocfs2-kmp-pae-1.6_3.0.74_0.6.8-0.11.37
    • SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.74]:
    • kernel-default-3.0.74-0.6.8.1
    • kernel-default-base-3.0.74-0.6.8.1
    • kernel-default-devel-3.0.74-0.6.8.1
    • kernel-default-extra-3.0.74-0.6.8.1
    • kernel-source-3.0.74-0.6.8.1
    • kernel-syms-3.0.74-0.6.8.1
    • kernel-trace-3.0.74-0.6.8.1
    • kernel-trace-base-3.0.74-0.6.8.1
    • kernel-trace-devel-3.0.74-0.6.8.1
    • kernel-trace-extra-3.0.74-0.6.8.1
    • kernel-xen-3.0.74-0.6.8.1
    • kernel-xen-base-3.0.74-0.6.8.1
    • kernel-xen-devel-3.0.74-0.6.8.1
    • kernel-xen-extra-3.0.74-0.6.8.1
    • SUSE Linux Enterprise Desktop 11 SP2 (x86_64):
    • xen-kmp-default-4.1.4_02_3.0.74_0.6.8-0.5.26
    • xen-kmp-trace-4.1.4_02_3.0.74_0.6.8-0.5.26
    • SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.74]:
    • kernel-pae-3.0.74-0.6.8.1
    • kernel-pae-base-3.0.74-0.6.8.1
    • kernel-pae-devel-3.0.74-0.6.8.1
    • kernel-pae-extra-3.0.74-0.6.8.1
    • SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):
    • ext4-writeable-kmp-default-0_3.0.74_0.6.8-0.14.51
    • ext4-writeable-kmp-trace-0_3.0.74_0.6.8-0.14.51
    • kernel-default-extra-3.0.74-0.6.8.1
    • SLE 11 SERVER Unsupported Extras (i586 x86_64):
    • ext4-writeable-kmp-xen-0_3.0.74_0.6.8-0.14.51
    • kernel-xen-extra-3.0.74-0.6.8.1
    • SLE 11 SERVER Unsupported Extras (ppc64):
    • ext4-writeable-kmp-ppc64-0_3.0.74_0.6.8-0.14.51
    • kernel-ppc64-extra-3.0.74-0.6.8.1
    • SLE 11 SERVER Unsupported Extras (i586):
    • ext4-writeable-kmp-pae-0_3.0.74_0.6.8-0.14.51
    • kernel-pae-extra-3.0.74-0.6.8.1

    References:

    • http://support.novell.com/security/cve/CVE-2013-2094.html
    • https://bugzilla.novell.com/819789
    • http://download.suse.com/patch/finder/?keywords=14a50f8cb46dab3dcc863fb2227607ab
    • http://download.suse.com/patch/finder/?keywords=3401ecfc2b691af4d127d798edcf060a
    • http://download.suse.com/patch/finder/?keywords=375aa081f1ff6a10e2d949b47176a611
    • http://download.suse.com/patch/finder/?keywords=5d9fe2f45b3a2f877f1625994570692a
    • http://download.suse.com/patch/finder/?keywords=6008a20122ec04696e8c8834aa0317aa
    • http://download.suse.com/patch/finder/?keywords=8efbc0da700aac91059fee01a39df32d
    • http://download.suse.com/patch/finder/?keywords=a1782fe8f690b0431b636c08c9b2f37e
    • http://download.suse.com/patch/finder/?keywords=ca9f79d0269c0838370ad982d34bc46b
    • http://download.suse.com/patch/finder/?keywords=e44165d6ef20693eeefcafe1aa789a24
    • http://download.suse.com/patch/finder/?keywords=ea355152cf44a3491af093b94e79647e