Višestruki propusti jezgre operacijskog sustava

U radu jezgre operacijskog sustava uočeno je više sigurnosnih propusta. Napadač ih može iskoristiti za otkrivanje osjeljivih informacija, pristup osjetljivoj memoriji jezgre, izvođenje DoS napada ili pokretanje proizvoljnog programskog koda.

Paket:	Linux kernel 2.6.x
Operacijski sustavi:	SUSE Linux Enterprise Server (SLES) 11
Kritičnost:	4.3
Problem:	pogreška u programskoj komponenti, preljev međuspremnika
Iskorištavanje:	lokalno
Posljedica:	otkrivanje osjetljivih informacija, proizvoljno izvršavanje programskog koda, uskraćivanje usluga (DoS)
Rješenje:	programska zakrpa proizvođača
CVE:	CVE-2010-3881, CVE-2011-1776, CVE-2011-2495, CVE-2011-2700, CVE-2011-2909, CVE-2011-2918
Izvorni ID preporuke:	SUSE-SU-2011:0984-3
Izvor:	SUSE

Problem:
Propusti su posljedica pogrešaka u implementaciji GUID particija, datoteci "arch/x86/kvm/x86.c", "/proc/PID/io" sučelju, prepisivanja spremnika u upravljačkom programu "si4713-i2c" te nepravilnosti u programskoj podršci za perf okruženje.
Posljedica:
Napadaču spomenuti nedostaci omogućuju otkrivanje osjetljivih informacija, izvođenje napada uskraćivanja usluge ili izvršavanje zlonamjernog programskog koda.
Rješenje:
Korisnicima se preporuča instalacija novih programskih rješenja.

Izvorni tekst preporuke

   SUSE Security Update: kernel update for SLE11 SP1
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:0984-3
Rating:             important
References:         #225091 #602150 #635880 #649625 #663678 #685226 
                    #692784 #693513 #694315 #699354 #699916 #701355 
                    #703155 #703786 #704361 #704957 #705433 #705903 
                    #706696 #707332 #707644 #708160 #708376 #708730 
                    #710352 #711752 #711941 #712316 #712366 
Cross-References:   CVE-2010-3881 CVE-2011-1776 CVE-2011-2495
                    CVE-2011-2700 CVE-2011-2909 CVE-2011-2918
                   
Affected Products:
                    SLE 11 SERVER Unsupported Extras
______________________________________________________________________________

   An update that solves 6 vulnerabilities and has 23 fixes is
   now available.

Description:

   The SUSE Linux Enterprise 11 Service Pack 1 kernel was
   updated to 2.6.32.45 and fixes various bugs and security
   issues.

   Following security issues were fixed: CVE-2011-1776: Timo
   Warns reported an issue in the Linux implementation for
   GUID partitions. Users with physical access could gain
   access to sensitive kernel memory by adding a storage
   device with a specially crafted corrupted invalid partition
   table.

   CVE-2010-3881: The second part of this fix was not yet
   applied to our kernel: arch/x86/kvm/x86.c in the Linux
   kernel before 2.6.36.2 does not initialize certain
   structure members, which allows local users to obtain
   potentially sensitive information from kernel stack memory
   via read operations on the /dev/kvm device.

   CVE-2011-2495: The /proc/PID/io interface could be used by
   local attackers to gain information on other processes like
   number of password characters typed or similar.

   CVE-2011-2700: A small buffer overflow in the radio driver
   si4713-i2c was fixed that could potentially used by local
   attackers to crash the kernel or potentially execute code.

   CVE-2011-2909: A kernel information leak in the comedi
   driver from kernel to userspace was fixed.

   CVE-2011-2918: In the perf framework software event
   overflows could deadlock or delete an uninitialized timer.


Special Instructions and Notes:

   Please reboot the system after installing this update.


Package List:

   - SLE 11 SERVER Unsupported Extras (s390x):

      kernel-default-extra-2.6.32.45-0.3.1


References:

   http://support.novell.com/security/cve/CVE-2010-3881.html
   http://support.novell.com/security/cve/CVE-2011-1776.html
   http://support.novell.com/security/cve/CVE-2011-2495.html
   http://support.novell.com/security/cve/CVE-2011-2700.html
   http://support.novell.com/security/cve/CVE-2011-2909.html
   http://support.novell.com/security/cve/CVE-2011-2918.html
   https://bugzilla.novell.com/225091
   https://bugzilla.novell.com/602150
   https://bugzilla.novell.com/635880
   https://bugzilla.novell.com/649625
   https://bugzilla.novell.com/663678
   https://bugzilla.novell.com/685226
   https://bugzilla.novell.com/692784
   https://bugzilla.novell.com/693513
   https://bugzilla.novell.com/694315
   https://bugzilla.novell.com/699354
   https://bugzilla.novell.com/699916
   https://bugzilla.novell.com/701355
   https://bugzilla.novell.com/703155
   https://bugzilla.novell.com/703786
   https://bugzilla.novell.com/704361
   https://bugzilla.novell.com/704957
   https://bugzilla.novell.com/705433
   https://bugzilla.novell.com/705903
   https://bugzilla.novell.com/706696
   https://bugzilla.novell.com/707332
   https://bugzilla.novell.com/707644
   https://bugzilla.novell.com/708160
   https://bugzilla.novell.com/708376
   https://bugzilla.novell.com/708730
   https://bugzilla.novell.com/710352
   https://bugzilla.novell.com/711752
   https://bugzilla.novell.com/711941
   https://bugzilla.novell.com/712316
   https://bugzilla.novell.com/712366
  
http://download.novell.com/patch/finder/?keywords=9fae16a3a6a9c39157f3b6ccd2365142

-- 
To unsubscribe, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
For additional commands, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.

Višestruki propusti jezgre operacijskog sustava

Tražilica portala

Aktivnosti

O CIS-u

Posljednje vijesti

Posljednji dokumenti

Višestruki propusti jezgre operacijskog sustava

Tražilica portala

Aktivnosti

O CIS-u

Posljednje sigurnosne preporuke

Posljednje vijesti

Popularni članci

Posljednji dokumenti