openSUSE-SU-2013:1005-1 -- Suse kernelID: oval:org.secpod.oval:def:400542 | Date: (C)2013-06-17 (M)2024-02-19 |
Class: PATCH | Family: unix |
The openSUSE 12.1 kernel was updated to fix a critical security issue and also some reiserfs bugs. CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi target running on the machine and the attacker able to make a network connection to it . Bugs: - reiserfs: fix spurious multiple-fill in reiserfs_readdir_dentry . - reiserfs: fix problems with chowning setuid file w/ xattrs .