Uočeno je nekoliko sigurnosnih propusta u radu jezgre operacijskog sustava SUSE koje je moguće iskoristiti za izvođenje napada uskraćivanja usluge i pregled određenih podataka.
Paket:
Linux kernel 2.6.x
Operacijski sustavi:
SUSE Linux Enterprise Desktop 10, SUSE Linux Enterprise Server (SLES) 10
Kritičnost:
5.4
Problem:
korupcija memorije, neodgovarajuća provjera ulaznih podataka, pogreška u programskoj komponenti
SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2011:1195-1
Rating: important
References: #616256 #628343 #635880 #683101 #692784 #694315
#699354 #699355 #701355 #701550 #706375 #707439
#709213 #709369 #712009 #713876 #714001 #717126
#717421 #717585 #718028 #721830 #724947
Cross-References: CVE-2009-4067 CVE-2011-1776 CVE-2011-3191
CVE-2011-3363
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that solves four vulnerabilities and has 19 fixes
is now available.
Description:
This Linux kernel update fixes various security issues and
bugs in the SUSE Linux Enterprise 10 SP4 kernel.
The following security issues have been fixed:
* CVE-2009-4067: A USB string descriptor overflow in
the auerwald USB driver was fixed, which could be used by
physically proximate attackers to cause a kernel crash.
* CVE-2011-3363: Always check the path in CIFS mounts
to avoid interesting filesystem path interaction issues and
potential crashes.
* CVE-2011-3191: A malicious CIFS server could cause a
integer overflow on the local machine on directory index
operations, in turn causing memory corruption.
* CVE-2011-1776: The is_gpt_valid function in
fs/partitions/efi.c in the Linux kernel did not check the
size of an Extensible Firmware Interface (EFI) GUID
Partition Table (GPT) entry, which allowed physically
proximate attackers to cause a denial of service
(heap-based buffer overflow and OOPS) or obtain sensitive
information from kernel heap memory by connecting a crafted
GPT storage device, a different vulnerability than
CVE-2011-1577.
The following non-security issues have been fixed:
* md: fix deadlock in md/raid1 and md/raid10 when
handling a read error (bnc#628343).
* md: fix possible raid1/raid10 deadlock on read error
during resync (bnc#628343).
* Add timeo parameter to /proc/mounts for nfs
filesystems (bnc#616256).
* virtio: indirect ring entries
(VIRTIO_RING_F_INDIRECT_DESC) (bnc#713876).
* virtio: teach virtio_has_feature() about transport
features (bnc#713876).
* nf_nat: do not add NAT extension for confirmed
conntracks (bnc#709213).
* 8250: Oxford Semiconductor Devices (bnc#717126).
* 8250_pci: Add support for the Digi/IBM PCIe 2-port
Adapter (bnc#717126).
* 8250: Fix capabilities when changing the port type
(bnc#717126).
* 8250: Add EEH support (bnc#717126).
* xfs: fix memory reclaim recursion deadlock on locked
inode buffer (bnc#699355 bnc#699354 bnc#721830).
* ipmi: do not grab locks in run-to-completion mode
(bnc#717421).
* cifs: add fallback in is_path_accessible for old
servers (bnc#718028).
* cciss: do not attempt to read from a write-only
register (bnc#683101).
* s390: kernel: System hang if hangcheck timer expires
(bnc#712009,LTC#74157).
* s390: kernel: NSS creation with initrd fails
(bnc#712009,LTC#74207).
* s390: kernel: remove code to handle topology
interrupts (bnc#712009,LTC#74440).
* xen: Added 1083-kbdfront-absolute-coordinates.patch
(bnc#717585).
* acpi: Use a spinlock instead of mutex to guard
gbl_lock access (bnc#707439).
* Allow balance_dirty_pages to help other filesystems
(bnc#709369).
* nfs: fix congestion control (bnc#709369).
* NFS: Separate metadata and page cache revalidation
mechanisms (bnc#709369).
* jbd: Fix oops in journal_remove_journal_head()
(bnc#694315).
* xen/blkfront: avoid NULL de-reference in CDROM ioctl
handling (bnc#701355).
* xen/x86: replace order-based range checking of M2P
table by linear one.
* xen/x86: use dynamically adjusted upper bound for
contiguous regions (bnc#635880).
* Fix type in
patches.fixes/libiscsi-dont-run-scsi-eh-if-iscsi-task-is-mak
ing-progress.
* s390: cio: Add timeouts for internal IO
(bnc#701550,LTC#72691).
* s390: kernel: first time swap use results in heavy
swapping (bnc#701550,LTC#73132).
* s390: qeth: wrong number of output queues for
HiperSockets (bnc#701550,LTC#73814).
Security Issue references:
* CVE-2009-4067
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4067
>
* CVE-2011-3363
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3363
>
* CVE-2011-3191
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3191
>
* CVE-2011-1776
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776
>
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
kernel-default-2.6.16.60-0.91.1
kernel-source-2.6.16.60-0.91.1
kernel-syms-2.6.16.60-0.91.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 x86_64):
kernel-debug-2.6.16.60-0.91.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ppc x86_64):
kernel-kdump-2.6.16.60-0.91.1
- SUSE Linux Enterprise Server 10 SP4 (i586 x86_64):
kernel-smp-2.6.16.60-0.91.1
kernel-xen-2.6.16.60-0.91.1
- SUSE Linux Enterprise Server 10 SP4 (i586):
kernel-bigsmp-2.6.16.60-0.91.1
kernel-kdumppae-2.6.16.60-0.91.1
kernel-vmi-2.6.16.60-0.91.1
kernel-vmipae-2.6.16.60-0.91.1
kernel-xenpae-2.6.16.60-0.91.1
- SUSE Linux Enterprise Server 10 SP4 (ppc):
kernel-iseries64-2.6.16.60-0.91.1
kernel-ppc64-2.6.16.60-0.91.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
kernel-default-2.6.16.60-0.91.1
kernel-smp-2.6.16.60-0.91.1
kernel-source-2.6.16.60-0.91.1
kernel-syms-2.6.16.60-0.91.1
kernel-xen-2.6.16.60-0.91.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586):
kernel-bigsmp-2.6.16.60-0.91.1
kernel-xenpae-2.6.16.60-0.91.1
- SLE SDK 10 SP4 (i586 ia64 x86_64):
kernel-debug-2.6.16.60-0.91.1
- SLE SDK 10 SP4 (i586 ppc x86_64):
kernel-kdump-2.6.16.60-0.91.1
- SLE SDK 10 SP4 (i586 x86_64):
kernel-xen-2.6.16.60-0.91.1
- SLE SDK 10 SP4 (i586):
kernel-xenpae-2.6.16.60-0.91.1
References:
http://support.novell.com/security/cve/CVE-2009-4067.html
http://support.novell.com/security/cve/CVE-2011-1776.html
http://support.novell.com/security/cve/CVE-2011-3191.html
http://support.novell.com/security/cve/CVE-2011-3363.html
https://bugzilla.novell.com/616256
https://bugzilla.novell.com/628343
https://bugzilla.novell.com/635880
https://bugzilla.novell.com/683101
https://bugzilla.novell.com/692784
https://bugzilla.novell.com/694315
https://bugzilla.novell.com/699354
https://bugzilla.novell.com/699355
https://bugzilla.novell.com/701355
https://bugzilla.novell.com/701550
https://bugzilla.novell.com/706375
https://bugzilla.novell.com/707439
https://bugzilla.novell.com/709213
https://bugzilla.novell.com/709369
https://bugzilla.novell.com/712009
https://bugzilla.novell.com/713876
https://bugzilla.novell.com/714001
https://bugzilla.novell.com/717126
https://bugzilla.novell.com/717421
https://bugzilla.novell.com/717585
https://bugzilla.novell.com/718028
https://bugzilla.novell.com/721830
https://bugzilla.novell.com/724947
http://download.novell.com/patch/finder/?keywords=169bd714365eb7c38e38540921171d06
http://download.novell.com/patch/finder/?keywords=6253a90635c740c154fb5e3cc64612f2
http://download.novell.com/patch/finder/?keywords=b1201574824e860419470a1e97bdba2c
http://download.novell.com/patch/finder/?keywords=be6b41cc85222e68513448b61b7af786
http://download.novell.com/patch/finder/?keywords=c4377326fa8f6c8c833ef411e531a291
--
To unsubscribe, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
For additional commands, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
Posljednje sigurnosne preporuke