The SUSE Linux Enterprise 11 Service Pack 2 kernel has been
updated to Linux kernel 3.0.80 which fixes various bugs
and security issues.
The following security issues have been fixed:
CVE-2013-0160: Timing side channel on attacks were
possible on /dev/ptmx that could allow local attackers to
predict keypresses like e.g. passwords. This has been fixed
again by updating accessed/modified time on the pty devices
in resolution of 8 seconds, so that idle time detection can
still work.
CVE-2013-3222: The vcc_recvmsg function in
net/atm/common.c in the Linux kernel did not initialize a
certain length variable, which allowed local users to
obtain sensitive information from kernel stack memory via a
crafted recvmsg or recvfrom system call.
CVE-2013-3223: The ax25_recvmsg function in
net/ax25/af_ax25.c in the Linux kernel did not initialize a
certain data structure, which allowed local users to obtain
sensitive information from kernel stack memory via a
crafted recvmsg or recvfrom system call.
CVE-2013-3224: The bt_sock_recvmsg function in
net/bluetooth/af_bluetooth.c in the Linux kernel did not
properly initialize a certain length variable, which
allowed local users to obtain sensitive information from
kernel stack memory via a crafted recvmsg or recvfrom
system call.
CVE-2013-3225: The rfcomm_sock_recvmsg function in
net/bluetooth/rfcomm/sock.c in the Linux kernel did not
initialize a certain length variable, which allowed local
users to obtain sensitive information from kernel stack
memory via a crafted recvmsg or recvfrom system call.
CVE-2013-3227: The caif_seqpkt_recvmsg function in
net/caif/caif_socket.c in the Linux kernel did not
initialize a certain length variable, which allowed local
users to obtain sensitive information from kernel stack
memory via a crafted recvmsg or recvfrom system call.
CVE-2013-3228: The irda_recvmsg_dgram function in
net/irda/af_irda.c in the Linux kernel did not initialize a
certain length variable, which allowed local users to
obtain sensitive information from kernel stack memory via a
crafted recvmsg or recvfrom system call.
CVE-2013-3229: The iucv_sock_recvmsg function in
net/iucv/af_iucv.c in the Linux kernel did not initialize a
certain length variable, which allowed local users to
obtain sensitive information from kernel stack memory via a
crafted recvmsg or recvfrom system call.
CVE-2013-3231: The llc_ui_recvmsg function in
net/llc/af_llc.c in the Linux kernel did not initialize a
certain length variable, which allowed local users to
obtain sensitive information from kernel stack memory via a
crafted recvmsg or recvfrom system call.
CVE-2013-3232: The nr_recvmsg function in
net/netrom/af_netrom.c in the Linux kernel did not
initialize a certain data structure, which allowed local
users to obtain sensitive information from kernel stack
memory via a crafted recvmsg or recvfrom system call.
CVE-2013-3234: The rose_recvmsg function in
net/rose/af_rose.c in the Linux kernel did not initialize a
certain data structure, which allowed local users to obtain
sensitive information from kernel stack memory via a
crafted recvmsg or recvfrom system call.
CVE-2013-3235: net/tipc/socket.c in the Linux kernel
did not initialize a certain data structure and a certain
length variable, which allowed local users to obtain
sensitive information from kernel stack memory via a
crafted recvmsg or recvfrom system call.
CVE-2013-3076: The crypto API in the Linux kernel did
not initialize certain length variables, which allowed
local users to obtain sensitive information from kernel
stack memory via a crafted recvmsg or recvfrom system call,
related to the hash_recvmsg function in crypto/algif_hash.c
and the skcipher_recvmsg function in
crypto/algif_skcipher.c.
CVE-2013-1979: The scm_set_cred function in
include/net/scm.h in the Linux kernel used incorrect uid
and gid values during credentials passing, which allowed
local users to gain privileges via a crafted application.
A kernel information leak via tkill/tgkill was fixed.
The following bugs have been fixed:
download.novell.com/patch/finder/?keywords=19c95cc7458aa30d3c072b77a8701a6d
download.novell.com/patch/finder/?keywords=23807efa0fda2554a9635e4fffacead3
download.novell.com/patch/finder/?keywords=8bd84321504d865c571ca2d3e49279bb
download.novell.com/patch/finder/?keywords=9004723920468a034b1397e23a00e0ff
download.novell.com/patch/finder/?keywords=ba206bb6e19abef79b40e9307204a30e
bugzilla.novell.com/763968
bugzilla.novell.com/764209
bugzilla.novell.com/768052
bugzilla.novell.com/769685
bugzilla.novell.com/788590
bugzilla.novell.com/792584
bugzilla.novell.com/793139
bugzilla.novell.com/797042
bugzilla.novell.com/797175
bugzilla.novell.com/800907
bugzilla.novell.com/802153
bugzilla.novell.com/804154
bugzilla.novell.com/804609
bugzilla.novell.com/805804
bugzilla.novell.com/805945
bugzilla.novell.com/806431
bugzilla.novell.com/806980
bugzilla.novell.com/808647
bugzilla.novell.com/809122
bugzilla.novell.com/809155
bugzilla.novell.com/809748
bugzilla.novell.com/809895
bugzilla.novell.com/810580
bugzilla.novell.com/810624
bugzilla.novell.com/810722
bugzilla.novell.com/812281
bugzilla.novell.com/814719
bugzilla.novell.com/815356
bugzilla.novell.com/815444
bugzilla.novell.com/815745
bugzilla.novell.com/816443
bugzilla.novell.com/816451
bugzilla.novell.com/816586
bugzilla.novell.com/816668
bugzilla.novell.com/816708
bugzilla.novell.com/817010
bugzilla.novell.com/817339
bugzilla.novell.com/818053
bugzilla.novell.com/818327
bugzilla.novell.com/818371
bugzilla.novell.com/818514
bugzilla.novell.com/818516
bugzilla.novell.com/818798
bugzilla.novell.com/819295
bugzilla.novell.com/819519
bugzilla.novell.com/819655
bugzilla.novell.com/819789
bugzilla.novell.com/820434
bugzilla.novell.com/821560
bugzilla.novell.com/821930
bugzilla.novell.com/822431
bugzilla.novell.com/822722