Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:11.4:Update
patchinfo.import4932
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.import4932
<patchinfo incident="kernel" version="4932"> <issue tracker="bnc" id="704788" /> <issue tracker="bnc" id="703155" /> <issue tracker="bnc" id="693043" /> <issue tracker="bnc" id="689797" /> <issue tracker="bnc" id="693043" /> <issue tracker="bnc" id="704788" /> <issue tracker="bnc" id="701998" /> <issue tracker="bnc" id="702013" /> <issue tracker="bnc" id="584493" /> <issue tracker="bnc" id="681840" /> <issue tracker="bnc" id="698247" /> <issue tracker="bnc" id="693374" /> <issue tracker="bnc" id="702579" /> <issue tracker="bnc" id="702285" /> <issue tracker="bnc" id="687368" /> <issue tracker="bnc" id="698221" /> <issue tracker="bnc" id="699123" /> <issue tracker="bnc" id="697859" /> <issue tracker="bnc" id="655693" /> <issue tracker="bnc" id="672008" /> <issue tracker="bnc" id="661979" /> <issue tracker="bnc" id="677827" /> <issue tracker="bnc" id="693013" /> <issue tracker="bnc" id="666423" /> <issue tracker="bnc" id="694498" /> <issue tracker="bnc" id="688432" /> <issue tracker="bnc" id="693382" /> <issue tracker="bnc" id="595586" /> <issue tracker="bnc" id="669889" /> <issue tracker="bnc" id="692502" /> <issue tracker="bnc" id="692497" /> <issue tracker="bnc" id="674982" /> <issue tracker="bnc" id="681826" /> <issue tracker="bnc" id="674648" /> <issue tracker="bnc" id="679545" /> <issue tracker="bnc" id="689583" /> <issue tracker="CVE" id="CVE-2011-1017" /> <issue tracker="CVE" id="CVE-2011-1020" /> <issue tracker="CVE" id="CVE-2011-1479" /> <issue tracker="CVE" id="CVE-2011-1593" /> <issue tracker="CVE" id="CVE-2011-1745" /> <issue tracker="CVE" id="CVE-2011-1927" /> <issue tracker="CVE" id="CVE-2011-2022" /> <issue tracker="CVE" id="CVE-2011-2182" /> <issue tracker="CVE" id="CVE-2011-2484" /> <issue tracker="CVE" id="CVE-2011-2491" /> <issue tracker="CVE" id="CVE-2011-2493" /> <issue tracker="CVE" id="CVE-2011-2495" /> <issue tracker="CVE" id="CVE-2011-2496" /> <issue tracker="CVE" id="CVE-2011-2498" /> <category>security</category> <rating>low</rating> <summary>kernel: security and bugfix update.</summary> <description>The openSUSE 11.4 kernel was updated to 2.6.37.6 fixing lots of bugs and security issues. Following security issues have been fixed: CVE-2011-2495: The /proc/PID/io interface could be used by local attackers to gain information on other processes like number of password characters typed or similar. CVE-2011-2484: The add_del_listener function in kernel/taskstats.c in the Linux kernel did not prevent multiple registrations of exit handlers, which allowed local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application. CVE-2011-2022: The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 did not validate a certain start parameter, which allowed local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745. CVE-2011-1745: Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call. CVE-2011-2493: A denial of service on mounting invalid ext4 filesystems was fixed. CVE-2011-2491: A local unprivileged user able to access a NFS filesystem could use file locking to deadlock parts of an nfs server under some circumstance. CVE-2011-2498: Also account PTE pages when calculating OOM scoring, which could have lead to a denial of service. CVE-2011-2496: The normal mmap paths all avoid creating a mapping where the pgoff inside the mapping could wrap around due to overflow. However, an expanding mremap() can take such a non-wrapping mapping and make it bigger and cause a wrapping condition. CVE-2011-1017,CVE-2011-2182: The code for evaluating LDM partitions (in fs/partitions/ldm.c) contained bugs that could crash the kernel for certain corrupted LDM partitions. CVE-2011-1479: A regression in inotify fix for a memory leak could lead to a double free corruption which could crash the system. CVE-2011-1927: A missing route validation issue in ip_expire() could be used by remote attackers to trigger a NULL ptr dereference, crashing parts of the kernel. CVE-2011-1593: Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel allowed local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call. CVE-2011-1020: The proc filesystem implementation in the Linux kernel did not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allowed local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls. </description> <packager>adrianSuSE</packager> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor