kernel update for SLE11 SP1 (important)

2011-10-08T01:08:26
ID SUSE-SU-2011:1101-1
Type suse
Reporter Suse
Modified 2011-10-08T01:08:26

Description

The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.46 and fixes various bugs and security issues.

Following security issues were fixed: CVE-2011-3191: A signedness issue in CIFS could possibly have lead to to memory corruption, if a malicious server could send crafted replies to the host.

CVE-2011-3353: In the fuse filesystem, FUSE_NOTIFY_INVAL_ENTRY did not check the length of the write so the message processing could overrun and result in a BUG_ON() in fuse_copy_fill(). This flaw could be used by local users able to mount FUSE filesystems to crash the system.

CVE-2011-2928: The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel did not validate the length attribute of long symlinks, which allowed local users to cause a denial of service (incorrect pointer dereference and OOPS) by accessing a long symlink on a malformed Be filesystem.

Also the following non security bugs were fixed: - Added a missing reset for ioc_reset_in_progress in SoftReset in the mtpsas driver (bnc#711969).

  • Add support for the Digi/IBM PCIe 2-port Adapter (bnc#708675).

  • Always enable MSI-X on 5709 (bnc#707737).

  • sched: fix broken SCHED_RESET_ON_FORK handling (bnc#708877).

  • sched: Fix rt_rq runtime leakage bug (bnc#707096).

  • ACPI: allow passing down C1 information if no other C-states exist.

  • KDB: turn off kdb usb support by default (bnc#694670 bnc#603804).

  • xfs: Added event tracing support.

  • xfs: fix xfs_fsblock_t tracing.

  • igb: extend maximum frame size to receive VLAN tagged frames (bnc#688859).

  • cfq: Do not allow queue merges for queues that have no process references (bnc#712929).

  • cfq: break apart merged cfqqs if they stop cooperating (bnc#712929).
  • cfq: calculate the seek_mean per cfq_queue not per cfq_io_context (bnc#712929).
  • cfq: change the meaning of the cfqq_coop flag (bnc#712929).
  • cfq-iosched: get rid of the coop_preempt flag (bnc#712929).
  • cfq: merge cooperating cfq_queues (bnc#712929).

  • Fix FDDI and TR config checks in ipv4 arp and LLC (bnc#715235).

  • writeback: do uninterruptible sleep in balance_dirty_pages() (bnc#699354 bnc#699357).

  • xfs: fix memory reclaim recursion deadlock on locked inode buffer (bnc#699355 bnc#699354).
  • xfs: use GFP_NOFS for page cache allocation (bnc#699355 bnc#699354).

  • virtio-net: init link state correctly (bnc#714966).

  • cpufreq: pcc-cpufreq: sanity check to prevent a NULL pointer dereference (bnc#709412).

  • x86: ucode-amd: Do not warn when no ucode is available for a CPU

  • patches.arch/x86_64-unwind-annotations: Refresh (bnc#588458).

  • patches.suse/stack-unwind: Refresh (bnc#588458).

  • splice: direct_splice_actor() should not use pos in sd (bnc#715763).

  • qdio: 2nd stage retry on SIGA-W busy conditions (bnc#713138,LTC#74402).

  • TTY: pty, fix pty counting (bnc#711203).

  • Avoid deadlock in GFP_IO/GFP_FS allocation (bnc#632870).

  • novfs: fix some DirCache locking issues (bnc#669378).

  • novfs: fix some kmalloc/kfree issues (bnc#669378).
  • novfs: fix off-by-one allocation error (bnc#669378).
  • novfs: unlink directory after unmap (bnc#649625).
  • novfs: last modification time not reliable (bnc#642896).

  • x86 / IO APIC: Reset IRR in clear_IO_APIC_pin() (bnc#701686, bnc#667386).

  • mptfusion : Added check for SILI bit in READ_6 CDB for DATA UNDERRUN ERRATA (bnc #712456).

  • xfs: serialise unaligned direct IOs (bnc#707125).

  • NFS: Ensure that we handle NFS4ERR_STALE_STATEID correctly (bnc#701443).

  • NFSv4: Do not call nfs4_state_mark_reclaim_reboot() from error handlers (bnc#701443).
  • NFSv4: Fix open recovery (bnc#701443).
  • NFSv4.1: Do not call nfs4_schedule_state_recovery() unnecessarily (bnc#701443).