openSUSE Security Update : kernel (kernel-559)


This update fixes several security issues and hundreds of bugs in the openSUSE 11.1 kernel. The kernel was also updated to the stable version and is now the same kernel as we are planning to ship with SUSE Linux Enterprise 11. This introduces kABI changes, so all kernel module packages also need to be rebuilt and reapplied. Following security issues are fixed: CVE-2009-0029: The ABI in the Linux kernel on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call. CVE-2008-5079: net/atm/svc.c in the ATM subsystem in the Linux kernel allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table. CVE-2009-0028: A minor signal handling vulnerability was fixed, where a child could send his parent a arbitrary signal.