[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

openSUSE-SU-2013:1042-1 -- Suse kernel

ID: oval:org.secpod.oval:def:400543Date: (C)2013-06-21   (M)2024-03-07
Class: PATCHFamily: unix




The openSUSE 12.2 kernel was updated to fix security issue and other bugs. Security issues fixed: CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi target running on the machine and the attacker able to make a network connection to it . CVE-2013-2094: The perf_swevent_init function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain privileges via a crafted perf_event_open system call. CVE-2013-0290: The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel did not properly handle the MSG_PEEK flag with zero-length data, which allowed local users to cause a denial of service via a crafted application. Bugs fixed: - reiserfs: fix spurious multiple-fill in reiserfs_readdir_dentry . - reiserfs: fix problems with chowning setuid file w/ xattrs . - qlge: fix dma map leak when the last chunk is not allocated . - Update config files: disable UCB1400 on all but ARM Currently UCB1400 is only used on ARM OMAP systems, and part of the code is dead code that can"t even be modularized. - CONFIG_UCB1400_CORE=n - CONFIG_TOUCHSCREEN_UCB1400=n - CONFIG_GPIO_UCB1400=n - mm/mmap: check for RLIMIT_AS before unmapping . - unix/stream: fix peeking with an offset larger than data in queue . - unix/dgram: fix peeking with an offset larger than data in queue . - unix/dgram: peek beyond 0-sized skbs .

Platform:
openSUSE 12.2
Product:
kernel
Reference:
openSUSE-SU-2013:1042-1
CVE-2013-0290
CVE-2013-2094
CVE-2013-2850
CVE    3
CVE-2013-0290
CVE-2013-2850
CVE-2013-2094
CPE    1
cpe:/o:opensuse:opensuse:12.2

© SecPod Technologies