826102 – (CVE-2013-2206) VUL-0: kernel: CVE-2013-2206: sctp: duplicate cookie handling NULL pointer dereference

Bug 826102 (CVE-2013-2206) - VUL-0: kernel: CVE-2013-2206: sctp: duplicate cookie handling NULL pointer dereference

Summary: VUL-0: kernel: CVE-2013-2206: sctp: duplicate cookie handling NULL pointer de...

Status:	RESOLVED FIXED

Alias:	CVE-2013-2206

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major
Target Milestone:	---
Deadline:	2013-11-14
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:released:sle10-sp3:54684 maint:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2013-06-21 01:56 UTC by Alexander Bergmann
Modified:	2015-02-19 01:21 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander Bergmann 2013-06-21 01:56:55 UTC

Public via oss-security:

Date: Thu, 20 Jun 2013 22:16:33 +0200
From: Petr Matousek
Subject: [oss-security] CVE Request -- Linux kernel: sctp: duplicate cookie handling NULL pointer dereference

A flaw was found in the way Linux kernel's SCTP network protocol
implementation handled duplicate cookies. A transient empty association
is created while processing the duplicate cookie chunk that userspace
could query, potentially leading to NULL pointer dereference. A remote
attacker able to initiate SCTP connection to the system could use this
flaw to create transient conditions that could lead to remote system
crash if remote system user is querying SCTP connection info at the time
these conditions exist.

Upstream fix:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f2815633504b442ca0b0605c16bf3d88a3a0fcea
(already in stable)

References:
https://bugzilla.redhat.com/show_bug.cgi?id=976562

Comment 1 Alexander Bergmann 2013-06-21 01:58:15 UTC

CVE-2013-2206 was assigned for this issue.

Comment 2 Marcus Meissner 2013-06-21 02:13:48 UTC

remote denial of service when SCTP is in use.

Comment 3 Marcus Meissner 2013-06-21 02:17:48 UTC

Goes back to SLES 10 at least.

Comment 4 Marcus Meissner 2013-06-28 03:31:01 UTC

3.0.84 has the fix I think

Comment 6 Jiri Bohac 2013-09-13 16:20:11 UTC

pushed to openSUSE 12.3
openSUSE 12.2 got this from 3.4.38
pushed to SLE11-SP2/SP3 (needed a backport of upstream d5ccd496 as well)

I still have to check SLE10

Comment 7 Jiri Bohac 2013-09-17 16:29:10 UTC

Backported and pushed to SLE10-SP4 as well.

Comment 8 Jiri Bohac 2013-09-18 08:38:01 UTC

(In reply to comment #7)
> Backported and pushed to SLE10-SP4 as well.

Sorry, I pushed to the old non-LTSS, branch.
Should I push this to SLES10-SP4-LTSS?

Comment 9 Marcus Meissner 2013-09-19 12:12:11 UTC

yes please, for a future ltss update

Comment 10 Jiri Bohac 2013-09-19 12:46:31 UTC

(In reply to comment #9)
> yes please, for a future ltss update

OK, pushed to SLES10-SP4-LTSS

Comment 11 Marcus Meissner 2013-10-04 16:41:23 UTC

so done, thanks

Comment 12 Swamp Workflow Management 2013-10-07 18:32:15 UTC

The SWAMPID for this issue is 54683.
This issue was rated as important.
Please submit fixed packages until 2013-10-14.
Also create a patchinfo file using this link:
https://swamp.suse.de/webswamp/wf/54683

Comment 13 Swamp Workflow Management 2013-10-11 12:04:36 UTC

Update released for: k, kernel-bigsmp, kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-dummy, kernel-iseries64, kernel-kdump, kernel-kdump-debuginfo, kernel-kdumppae, kernel-ppc64, kernel-s390, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-um, kernel-vmi, kernel-vmipae, kernel-xen, kernel-xen-debuginfo
Products:
SLE-SERVER 10-SP3-TERADATA (x86_64)

Comment 14 Swamp Workflow Management 2013-11-06 08:54:39 UTC

The SWAMPID for this issue is 54933.
This issue was rated as important.
Please submit fixed packages until 2013-11-13.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 15 Swamp Workflow Management 2013-11-06 14:31:35 UTC

The SWAMPID for this issue is 54954.
This issue was rated as moderate.
Please submit fixed packages until 2013-11-20.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 16 Swamp Workflow Management 2013-11-06 17:37:25 UTC

The SWAMPID for this issue is 54959.
This issue was rated as important.
Please submit fixed packages until 2013-11-13.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 17 Swamp Workflow Management 2013-11-07 11:06:54 UTC

The SWAMPID for this issue is 54978.
This issue was rated as important.
Please submit fixed packages until 2013-11-14.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 18 Swamp Workflow Management 2013-11-07 17:32:16 UTC

The SWAMPID for this issue is 55011.
This issue was rated as important.
Please submit fixed packages until 2013-11-14.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 19 Swamp Workflow Management 2013-11-21 23:44:28 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (s390x)
SLE-HAE 11-SP2 (s390x)
SLE-SERVER 11-SP2 (s390x)

Comment 20 Swamp Workflow Management 2013-11-21 23:54:03 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-ppc64, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-ppc64, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-ppc64-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-ppc64, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (ppc64)
SLE-HAE 11-SP2 (ppc64)
SLE-SERVER 11-SP2 (ppc64)

Comment 21 Swamp Workflow Management 2013-11-22 00:08:22 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (x86_64)
SLE-DESKTOP 11-SP2 (x86_64)
SLE-HAE 11-SP2 (x86_64)
SLE-SERVER 11-SP2 (x86_64)
SLES4VMWARE 11-SP2 (x86_64)

Comment 22 Swamp Workflow Management 2013-11-22 00:16:52 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (ia64)
SLE-HAE 11-SP2 (ia64)
SLE-SERVER 11-SP2 (ia64)

Comment 23 Swamp Workflow Management 2013-11-22 00:24:30 UTC

Update released for: cluster-network-kmp-rt, cluster-network-kmp-rt_trace, drbd-kmp-rt, drbd-kmp-rt_trace, iscsitarget-kmp-rt, iscsitarget-kmp-rt_trace, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt-hmac, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-rt_trace-hmac, kernel-source-rt, kernel-syms-rt, lttng-modules-kmp-rt, lttng-modules-kmp-rt_trace, ocfs2-kmp-rt, ocfs2-kmp-rt_trace, ofed-kmp-rt, ofed-kmp-rt_trace
Products:
SLE-RT 11-SP2 (x86_64)

Comment 24 Swamp Workflow Management 2013-11-22 02:10:57 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-devel, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-devel, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-devel, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-pae, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (i386)
SLE-DESKTOP 11-SP3 (i386)
SLE-HAE 11-SP3 (i386)
SLE-SERVER 11-SP3 (i386)
SLES4VMWARE 11-SP3 (i386)

Comment 25 Swamp Workflow Management 2013-11-22 02:38:56 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-DESKTOP 11-SP3 (x86_64)
SLE-HAE 11-SP3 (x86_64)
SLE-SERVER 11-SP3 (x86_64)
SLES4VMWARE 11-SP3 (x86_64)

Comment 26 Swamp Workflow Management 2013-11-22 02:55:24 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-ppc64, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-ppc64, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-ppc64-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-ppc64, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (ppc64)
SLE-HAE 11-SP3 (ppc64)
SLE-SERVER 11-SP3 (ppc64)

Comment 27 Swamp Workflow Management 2013-11-22 03:00:06 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (s390x)
SLE-HAE 11-SP3 (s390x)
SLE-SERVER 11-SP3 (s390x)

Comment 28 Swamp Workflow Management 2013-11-22 03:00:06 UTC

Update released for: cluster-network-kmp-rt, cluster-network-kmp-rt_trace, drbd-kmp-rt, drbd-kmp-rt_trace, iscsitarget-kmp-rt, iscsitarget-kmp-rt_trace, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt-hmac, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-rt_trace-hmac, kernel-source-rt, kernel-syms-rt, lttng-modules-kmp-rt, lttng-modules-kmp-rt_trace, ocfs2-kmp-rt, ocfs2-kmp-rt_trace, ofed-kmp-rt, ofed-kmp-rt_trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-RT 11-SP3 (x86_64)

Comment 29 Swamp Workflow Management 2013-11-22 03:01:54 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (ia64)
SLE-HAE 11-SP3 (ia64)
SLE-SERVER 11-SP3 (ia64)

Comment 30 Swamp Workflow Management 2013-11-22 03:09:30 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-devel, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-devel, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-devel, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-pae, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (i386)
SLE-DESKTOP 11-SP2 (i386)
SLE-HAE 11-SP2 (i386)
SLE-SERVER 11-SP2 (i386)
SLES4VMWARE 11-SP2 (i386)

Comment 31 Swamp Workflow Management 2013-11-22 07:05:48 UTC

Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)

Comment 32 Swamp Workflow Management 2013-11-22 08:06:06 UTC

Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-trace, kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)

Comment 33 Swamp Workflow Management 2013-11-22 08:10:59 UTC

Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-pae, ext4-writeable-kmp-trace, ext4-writeable-kmp-xen, kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)

Comment 34 Swamp Workflow Management 2013-11-22 08:11:52 UTC

Update released for: kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)

Comment 35 Swamp Workflow Management 2013-11-22 08:14:10 UTC

Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-ppc64, ext4-writeable-kmp-trace, kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)

Comment 36 Swamp Workflow Management 2013-11-22 08:19:27 UTC

Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)

Comment 37 Swamp Workflow Management 2013-11-22 08:20:23 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)

Comment 38 Swamp Workflow Management 2013-11-22 08:21:09 UTC

Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-trace, ext4-writeable-kmp-xen, kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)

Comment 39 Swamp Workflow Management 2013-11-22 08:27:52 UTC

Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-trace, kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)

Comment 40 Swamp Workflow Management 2013-11-22 08:29:51 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)

Comment 41 Swamp Workflow Management 2013-12-06 23:53:01 UTC

Update released for: kernel-default, kernel-default-debuginfo, kernel-source, kernel-syms
Products:
SLE-DEBUGINFO 10-SP3 (s390x)
SLE-SERVER 10-SP3-LTSS (s390x)

Comment 42 Swamp Workflow Management 2013-12-07 01:47:31 UTC

Update released for: kernel-bigsmp, kernel-bigsmp-debuginfo, kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-kdumppae, kernel-kdumppae-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-syms-debuginfo, kernel-vmi, kernel-vmi-debuginfo, kernel-vmipae, kernel-vmipae-debuginfo, kernel-xen, kernel-xen-debuginfo, kernel-xenpae, kernel-xenpae-debuginfo
Products:
SLE-DEBUGINFO 10-SP3 (i386)
SLE-SERVER 10-SP3-LTSS (i386)

Comment 43 Swamp Workflow Management 2013-12-24 15:09:13 UTC

openSUSE-SU-2013:1950-1: An update that solves three vulnerabilities and has 46 fixes is now available.

Category: security (low)
Bug References: 763463,789115,794824,797526,804950,813733,816099,817377,820848,821259,821465,822942,826102,827246,827416,828714,828894,829682,831029,831143,831380,832292,833321,833588,833635,833820,833858,834204,834600,834905,835094,835684,835930,836218,836347,836801,837372,837803,838346,838448,840830,841094,841402,841498,842063,842231,842604,844513,845549
CVE References: CVE-2013-1929,CVE-2013-2015,CVE-2013-2206
Sources used:
openSUSE 11.4 (src):    kernel-docs-3.0.101-71.2, kernel-source-3.0.101-71.1, kernel-syms-3.0.101-71.1, preload-1.2-6.53.1

Comment 44 Swamp Workflow Management 2013-12-30 20:15:15 UTC

openSUSE-SU-2013:1971-1: An update that solves 34 vulnerabilities and has 19 fixes is now available.

Category: security (moderate)
Bug References: 799516,801341,802347,804198,807153,807188,807471,808827,809906,810144,810473,811882,812116,813733,813889,814211,814336,814510,815256,815320,816668,816708,817651,818053,818561,821612,821735,822575,822579,823267,823342,823517,823633,823797,824171,824295,826102,826350,826374,827749,827750,828119,828191,828714,829539,831058,831956,832615,833321,833585,834647,837258,838346
CVE References: CVE-2013-0914,CVE-2013-1059,CVE-2013-1819,CVE-2013-1929,CVE-2013-1979,CVE-2013-2141,CVE-2013-2148,CVE-2013-2164,CVE-2013-2206,CVE-2013-2232,CVE-2013-2234,CVE-2013-2237,CVE-2013-2546,CVE-2013-2547,CVE-2013-2548,CVE-2013-2634,CVE-2013-2635,CVE-2013-2851,CVE-2013-2852,CVE-2013-3222,CVE-2013-3223,CVE-2013-3224,CVE-2013-3226,CVE-2013-3227,CVE-2013-3228,CVE-2013-3229,CVE-2013-3230,CVE-2013-3231,CVE-2013-3232,CVE-2013-3233,CVE-2013-3234,CVE-2013-3235,CVE-2013-3301,CVE-2013-4162
Sources used:
openSUSE 12.3 (src):    kernel-docs-3.7.10-1.24.1, kernel-source-3.7.10-1.24.1, kernel-syms-3.7.10-1.24.1

Comment 45 Swamp Workflow Management 2014-04-16 12:50:09 UTC

Update released for: kernel-default, kernel-default-debuginfo, kernel-source, kernel-syms
Products:
SLE-DEBUGINFO 10-SP4 (s390x)
SLE-SERVER 10-SP4-LTSS (s390x)

Comment 46 Swamp Workflow Management 2014-04-16 13:20:41 UTC

Update released for: kernel-bigsmp, kernel-bigsmp-debuginfo, kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-kdumppae, kernel-kdumppae-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-syms-debuginfo, kernel-vmi, kernel-vmi-debuginfo, kernel-vmipae, kernel-vmipae-debuginfo, kernel-xen, kernel-xen-debuginfo, kernel-xenpae, kernel-xenpae-debuginfo
Products:
SLE-DEBUGINFO 10-SP4 (i386)
SLE-SERVER 10-SP4-LTSS (i386)

Comment 47 Swamp Workflow Management 2014-04-16 13:59:49 UTC

Update released for: kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-xen, kernel-xen-debuginfo
Products:
SLE-DEBUGINFO 10-SP4 (x86_64)
SLE-SERVER 10-SP4-LTSS (x86_64)

Comment 48 Swamp Workflow Management 2014-04-16 18:10:51 UTC

SUSE-SU-2014:0536-1: An update that solves 42 vulnerabilities and has 8 fixes is now available.

Category: security (important)
Bug References: 702014,703156,790920,798050,805226,806219,808827,809889,809891,809892,809893,809894,809898,809899,809900,809901,809903,811354,816668,820338,822722,823267,824295,825052,826102,826551,827362,827749,827750,827855,827983,828119,830344,831058,832603,835839,842239,843430,845028,847672,848321,849765,850241,851095,852558,853501,857597,858869,858870,858872
CVE References: CVE-2011-2492,CVE-2011-2494,CVE-2012-6537,CVE-2012-6539,CVE-2012-6540,CVE-2012-6541,CVE-2012-6542,CVE-2012-6544,CVE-2012-6545,CVE-2012-6546,CVE-2012-6547,CVE-2012-6549,CVE-2013-0343,CVE-2013-0914,CVE-2013-1827,CVE-2013-2141,CVE-2013-2164,CVE-2013-2206,CVE-2013-2232,CVE-2013-2234,CVE-2013-2237,CVE-2013-2888,CVE-2013-2893,CVE-2013-2897,CVE-2013-3222,CVE-2013-3223,CVE-2013-3224,CVE-2013-3228,CVE-2013-3229,CVE-2013-3231,CVE-2013-3232,CVE-2013-3234,CVE-2013-3235,CVE-2013-4162,CVE-2013-4387,CVE-2013-4470,CVE-2013-4483,CVE-2013-4588,CVE-2013-6383,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446
Sources used:
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    kernel-bigsmp-2.6.16.60-0.105.1, kernel-debug-2.6.16.60-0.105.1, kernel-default-2.6.16.60-0.105.1, kernel-kdump-2.6.16.60-0.105.1, kernel-kdumppae-2.6.16.60-0.105.1, kernel-smp-2.6.16.60-0.105.1, kernel-source-2.6.16.60-0.105.1, kernel-syms-2.6.16.60-0.105.1, kernel-vmi-2.6.16.60-0.105.1, kernel-vmipae-2.6.16.60-0.105.1, kernel-xen-2.6.16.60-0.105.1, kernel-xenpae-2.6.16.60-0.105.1