Linux kernel security update

forumsadmin · December 14, 2010, 11:50pm

14 Dec 2010

pistazienfresser · December 15, 2010, 4:00am

Package: kernel
Announcement ID: SUSE-SA:2010:060
Date: Tue, 14 Dec 2010 12:00:00 +0000
Affected Products: SLE SDK 10 SP3
SUSE Linux Enterprise Desktop 10 SP3
SUSE Linux Enterprise Server 10 SP3
Vulnerability Type: remote denial of service
…]
Following security issues were fixed:
CVE-2010-3442: Multiple integer overflows in the snd_ctl_new
function in sound/core/control.c in the Linux kernel before
2.6.36-rc5-next-20100929 allow local users to cause a denial of
service (heap memory corruption) or possibly have unspecified
other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2)
SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call.

CVE-2010-3437: Integer signedness error in the pkt_find_dev_from_minor
function in drivers/block/pktcdvd.c in the Linux kernel before
2.6.36-rc6 allows local users to obtain sensitive information from
kernel memory or cause a denial of service (invalid pointer dereference
and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS
ioctl call.
…]

"in the Linux kernel before 2.6.36-rc5-next-20100929 " -> effect on openSUSEs?
Or was there a fix already backported in stable kernels after 2010/09/29?

puzzled
pistazienfresser

DenverD · December 15, 2010, 2:01pm

pistazienfresser wrote:
> puzzled

did you notice the announcement had nothing to do with openSUSE?

oh, maybe you are running SLED/S ?

–
DenverD
CAVEAT: http://is.gd/bpoMD [posted via NNTP w/openSUSE 10.3]

pistazienfresser · December 15, 2010, 3:03pm

I may be a bit stupid sometimes (and not knowing/not willing to backpatch a openSUSE 10.3) but I still think the relation is not so trivial.

Did you notice that there were also two parts I chose to quote and did you read the linked

CVE-2010-3442 with

openSUSE 11.1 DEBUGINFO
…]
openSUSE 11.1
* kernel-debug >= 2.6.27.56-0.1.1
* kernel-debug-base >= 2.6.27.56-0.1.1
* kernel-debug-extra >= 2.6.27.56-0.1.1
* kernel-default >= 2.6.27.56-0.1.1
* kernel-default-base >= 2.6.27.56-0.1.1
* kernel-default-extra >= 2.6.27.56-0.1.1
* kernel-docs >= 2.6.3-3.13.135
* kernel-kdump >= 2.6.27.56-0.1.1
* kernel-pae >= 2.6.27.56-0.1.1
* kernel-pae-base >= 2.6.27.56-0.1.1
* kernel-pae-extra >= 2.6.27.56-0.1.1
* kernel-ppc64 >= 2.6.27.56-0.1.1
* kernel-ppc64-base >= 2.6.27.56-0.1.1
* kernel-ppc64-extra >= 2.6.27.56-0.1.1
* kernel-ps3 >= 2.6.27.56-0.1.1
* kernel-source >= 2.6.27.56-0.1.1
* kernel-syms >= 2.6.27.56-0.1.1
* kernel-trace >= 2.6.27.56-0.1.1
* kernel-trace-base >= 2.6.27.56-0.1.1
* kernel-trace-extra >= 2.6.27.56-0.1.1
* kernel-vanilla >= 2.6.27.56-0.1.1
* kernel-xen >= 2.6.27.56-0.1.1
* kernel-xen-base >= 2.6.27.56-0.1.1
* kernel-xen-extra >= 2.6.27.56-0.1.1

SAT Patch Nr: 3619

?

Regards
pistazienfresser

DenverD · December 15, 2010, 4:27pm

pistazienfresser wrote:
>> *openSUSE 11.1

if you are running openSUSE 11.1
and your update repo is enabled/refreshed
and your kernel is the latest offered
then, the new kernel should be offered to you for install

i think.

–
DenverD
CAVEAT: http://is.gd/bpoMD [posted via NNTP w/openSUSE 10.3]
I feel annoyed that I can’t put my wide range of languages on stupid
Facebook. For example, I speak Sarcasm, fluently spoken and written,
and Various Forms of Geek…