This Linux kernel update fixes various security issues and
bugs in the SUSE Linux Enterprise 10 SP4 kernel.
The following security issues have been fixed:
CVE-2011-2494: kernel/taskstats.c in the Linux kernel
allowed local users to obtain sensitive I/O statistics by
sending taskstats commands to a netlink socket, as
demonstrated by discovering the length of another users
password (a side channel attack).
CVE-2012-2744:
net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux
kernel, when the nf_conntrack_ipv6 module is enabled,
allowed remote attackers to cause a denial of service (NULL
pointer dereference and system crash) via certain types of
fragmented IPv6 packets.
CVE-2012-3510: Use-after-free vulnerability in the
xacct_add_tsk function in kernel/tsacct.c in the Linux
kernel allowed local users to obtain potentially sensitive
information from kernel memory or cause a denial of service
(system crash) via a taskstats TASKSTATS_CMD_ATTR_PID
command.
CVE-2011-4110: The user_update function in
security/keys/user_defined.c in the Linux kernel 2.6
allowed local users to cause a denial of service (NULL
pointer dereference and kernel oops) via vectors related to
a user-defined key and updating a negative key into a fully
instantiated key.
CVE-2011-1044: The ib_uverbs_poll_cq function in
drivers/infiniband/core/uverbs_cmd.c in the Linux kernel
did not initialize a certain response buffer, which allowed
local users to obtain potentially sensitive information
from kernel memory via vectors that cause this buffer to be
only partially filled, a different vulnerability than
CVE-2010-4649.
CVE-2012-3400: Heap-based buffer overflow in the
udf_load_logicalvol function in fs/udf/super.c in the Linux
kernel allowed remote attackers to cause a denial of
service (system crash) or possibly have unspecified other
impact via a crafted UDF filesystem.
CVE-2012-2136: The sock_alloc_send_pskb function in
net/core/sock.c in the Linux kernel did not properly
validate a certain length value, which allowed local users
to cause a denial of service (heap-based buffer overflow
and system crash) or possibly gain privileges by leveraging
access to a TUN/TAP device.
CVE-2012-2663: A small denial of service leak in
dropping syn+fin messages was fixed.
The following non-security issues have been fixed:
Packaging:
NFS:
SCSI:
drivers/scsi/aic94xx/aic94xx_init.c: correct the size
argument to kmalloc (bnc#783058).
block: fail SCSI passthrough ioctls on partition
devices (bnc#738400).
dm: do not forward ioctls from logical volumes to the
underlying device (bnc#738400).
vmware: Fix VMware hypervisor detection (bnc#777575,
bnc#770507).
S/390:
kernel: Add z/VM LGR detection
(bnc#767277,LTC#RAS1203).
be2net: Fix EEH error reset before a flash dump
completes (bnc#755546).
x86: powernow-k8: Fix indexing issue (bnc#758985).
net: Fix race condition about network device name
allocation (bnc#747576).
XEN:
Security Issues:
download.novell.com/patch/finder/?keywords=118cf41af33f48911c473f3bd88c74a8
download.novell.com/patch/finder/?keywords=1d5bd8295622191606c935851bd82ff9
download.novell.com/patch/finder/?keywords=3b3320a96f49fe4615b35ba22bb6cbf3
download.novell.com/patch/finder/?keywords=9dc087603b172b449aa9a07b548bf3cf
download.novell.com/patch/finder/?keywords=c77cfcc87d8e54df006cb42c12c2fadb
bugzilla.novell.com/674284
bugzilla.novell.com/703156
bugzilla.novell.com/734056
bugzilla.novell.com/738400
bugzilla.novell.com/738528
bugzilla.novell.com/747576
bugzilla.novell.com/755546
bugzilla.novell.com/758985
bugzilla.novell.com/760974
bugzilla.novell.com/762581
bugzilla.novell.com/763526
bugzilla.novell.com/765102
bugzilla.novell.com/765320
bugzilla.novell.com/767277
bugzilla.novell.com/767504
bugzilla.novell.com/767766
bugzilla.novell.com/767939
bugzilla.novell.com/769784
bugzilla.novell.com/770507
bugzilla.novell.com/770697
bugzilla.novell.com/772409
bugzilla.novell.com/773272
bugzilla.novell.com/773831
bugzilla.novell.com/776888
bugzilla.novell.com/777575
bugzilla.novell.com/783058