Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.850552 |
Kategorie: | SuSE Local Security Checks |
Titel: | openSUSE: Security Advisory for kernel (openSUSE-SU-2013:0951-1) |
Zusammenfassung: | The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'kernel' package(s) announced via the referenced advisory. Vulnerability Insight: The openSUSE 12.3 kernel was updated to fix a critical security issue, other security issues and several bugs. Security issues fixed: CVE-2013-2094: The perf_swevent_init function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain privileges via a crafted perf_event_open system call. CVE-2013-0290: The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel did not properly handle the MSG_PEEK flag with zero-length data, which allowed local users to cause a denial of service (infinite loop and system hang) via a crafted application. Bugs fixed: - qlge: fix dma map leak when the last chunk is not allocated (bnc#819519). - ACPI / thermal: do not always return THERMAL_TREND_RAISING for active trip points (bnc#820048). - perf: Treat attr.config as u64 in perf_swevent_init() (bnc#819789, CVE-2013-2094). - cxgb4: fix error recovery when t4_fw_hello returns a positive value (bnc#818497). - kabi/severities: Ignore drivers/mfd/ucb1400_core It provides internal exports to UCB1400 drivers, that we have just disabled. - Fix -devel package for armv7hl armv7hl kernel flavors in the non-multiplatform configuration (which is the default for our openSUSE 12.3 release), needs more header files from the machine specific directories to be included in kernel-devel. - Update config files: disable UCB1400 on all but ARM Currently UCB1400 is only used on ARM OMAP systems, and part of the code is dead code that can't even be modularized. - CONFIG_UCB1400_CORE=n - CONFIG_TOUCHSCREEN_UCB1400=n - CONFIG_GPIO_UCB1400=n - rpm/config.sh: Drop the ARM repository, the KOTD will build against the 'ports' repository of openSUSE:12.3 - mm/mmap: check for RLIMIT_AS before unmapping (bnc#818327). - rpm/kernel-spec-macros: Properly handle KOTD release numbers with .g commit suffix - rpm/kernel-spec-macros: Drop the %release_num macro We no longer put the -rcX tag into the release string. - xen-pciback: notify hypervisor about devices intended to be assigned to guests. - unix/stream: fix peeking with an offset larger than data in queue (bnc#803931 CVE-2013-0290). - unix/dgram: fix peeking with an offset larger than data in queue (bnc#803931 CVE-2013-0290). - unix/dgram: peek beyond 0-sized skbs (bnc#803931 CVE-2013-0290). - net: fix infinite loop in __skb_recv_datagram() (bnc#803931 CVE-2013-0290). - TTY: fix atime/mtime regression (bnc#815745). - md/raid1, raid10: fix deadlock with freeze_array() (813889). - md: raid1, 10 ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: kernel on openSUSE 12.3 Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-0290 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://www.openwall.com/lists/oss-security/2013/02/15/2 SuSE Security Announcement: openSUSE-SU-2013:0951 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html SuSE Security Announcement: openSUSE-SU-2013:1042 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html Common Vulnerability Exposure (CVE) ID: CVE-2013-2094 http://www.exploit-db.com/exploits/33589 http://news.ycombinator.com/item?id=5703758 http://packetstormsecurity.com/files/121616/semtex.c http://twitter.com/djrbliss/statuses/334301992648331267 http://www.reddit.com/r/netsec/comments/1eb9iw http://lists.centos.org/pipermail/centos-announce/2013-May/019729.html http://lists.centos.org/pipermail/centos-announce/2013-May/019733.html http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03976.html http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/04302.html http://www.openwall.com/lists/oss-security/2013/05/14/6 http://www.osvdb.org/93361 RedHat Security Advisories: RHSA-2013:0830 http://rhn.redhat.com/errata/RHSA-2013-0830.html SuSE Security Announcement: SUSE-SU-2013:0819 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.html SuSE Security Announcement: openSUSE-SU-2013:0847 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html SuSE Security Announcement: openSUSE-SU-2013:0925 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://www.ubuntu.com/usn/USN-1825-1 http://www.ubuntu.com/usn/USN-1826-1 http://www.ubuntu.com/usn/USN-1827-1 http://www.ubuntu.com/usn/USN-1828-1 http://www.ubuntu.com/usn/USN-1836-1 http://www.ubuntu.com/usn/USN-1838-1 |
Copyright | Copyright (C) 2013 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |