Novell Home

CVE-2010-1083

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2010-1083 at MITRE

Description

The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitive information (kernel memory).

NVD CVSS v2 Base Score: 4.7 (AV:L/AC:M/Au:N/C:C/I:N/A:N)

Novell/SUSE information

Novell Bugzilla entry: 605463

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM zSeries 64bit
  • kernel-default-debuginfo >= 2.6.16.60-0.42.10
 sles10-sp2.s390x
sles10-sp2-debuginfo.s390x
ZYPP Patch Nr: 7014
SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T
  • kernel-default >= 2.6.16.60-0.60.1
  • kernel-smp >= 2.6.16.60-0.60.1
  • kernel-source >= 2.6.16.60-0.60.1
  • kernel-syms >= 2.6.16.60-0.60.1
  • kernel-xen >= 2.6.16.60-0.60.1
 sled10-sp3.x86-64
sles10-sp3.x86-64
sles10-sp3-debuginfo.x86-64
sle10-sp3-sdk.x86-64
ZYPP Patch Nr: 6929
SUSE Linux Enterprise Server 10 SP3 DEBUGINFO
  • kernel-debug-debuginfo >= 2.6.16.60-0.60.1
  • kernel-default-debuginfo >= 2.6.16.60-0.60.1
  • kernel-kdump-debuginfo >= 2.6.16.60-0.60.1
  • kernel-smp-debuginfo >= 2.6.16.60-0.60.1
  • kernel-source-debuginfo >= 2.6.16.60-0.60.1
  • kernel-xen-debuginfo >= 2.6.16.60-0.60.1
 sled10-sp3.x86-64
sles10-sp3.x86-64
sles10-sp3-debuginfo.x86-64
sle10-sp3-sdk.x86-64
ZYPP Patch Nr: 6929
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise Server for SAP 10 SP3
  • kernel-debug >= 2.6.16.60-0.60.1
  • kernel-default >= 2.6.16.60-0.60.1
  • kernel-kdump >= 2.6.16.60-0.60.1
  • kernel-smp >= 2.6.16.60-0.60.1
  • kernel-source >= 2.6.16.60-0.60.1
  • kernel-syms >= 2.6.16.60-0.60.1
  • kernel-xen >= 2.6.16.60-0.60.1
 sled10-sp3.x86-64
sles10-sp3.x86-64
sles10-sp3-debuginfo.x86-64
sle10-sp3-sdk.x86-64
ZYPP Patch Nr: 6929
SUSE Linux Enterprise SDK 10 SP3
  • kernel-debug >= 2.6.16.60-0.60.1
  • kernel-kdump >= 2.6.16.60-0.60.1
  • kernel-xen >= 2.6.16.60-0.60.1
 sled10-sp3.x86-64
sles10-sp3.x86-64
sles10-sp3-debuginfo.x86-64
sle10-sp3-sdk.x86-64
ZYPP Patch Nr: 6929
SUSE Linux Enterprise 10 SP2 DEBUGINFO for AMD64 and Intel EM64T
  • kernel-debug-debuginfo >= 2.6.16.60-0.42.10
  • kernel-default-debuginfo >= 2.6.16.60-0.42.10
  • kernel-kdump-debuginfo >= 2.6.16.60-0.42.10
  • kernel-smp-debuginfo >= 2.6.16.60-0.42.10
  • kernel-source-debuginfo >= 2.6.16.60-0.42.10
  • kernel-xen-debuginfo >= 2.6.16.60-0.42.10
 sles10-sp2-debuginfo.x86-64
sled10-sp2.x86-64
sle10-sp2-sdk.x86-64
sles10-sp2.x86-64
ZYPP Patch Nr: 7015
SUSE Linux Enterprise Server for SAP 10 SP2
  • kernel-debug >= 2.6.16.60-0.42.10
  • kernel-default >= 2.6.16.60-0.42.10
  • kernel-kdump >= 2.6.16.60-0.42.10
  • kernel-smp >= 2.6.16.60-0.42.10
  • kernel-source >= 2.6.16.60-0.42.10
  • kernel-syms >= 2.6.16.60-0.42.10
  • kernel-xen >= 2.6.16.60-0.42.10
 sles10-sp2-debuginfo.x86-64
sled10-sp2.x86-64
sle10-sp2-sdk.x86-64
sles10-sp2.x86-64
ZYPP Patch Nr: 7015
SUSE Linux Enterprise SDK 10 SP2
  • kernel-debug >= 2.6.16.60-0.42.10
  • kernel-kdump >= 2.6.16.60-0.42.10
  • kernel-xen >= 2.6.16.60-0.42.10
 sles10-sp2-debuginfo.x86-64
sled10-sp2.x86-64
sle10-sp2-sdk.x86-64
sles10-sp2.x86-64
ZYPP Patch Nr: 7015
SUSE Linux Enterprise 10 SP2 DEBUGINFO for x86
  • kernel-bigsmp-debuginfo >= 2.6.16.60-0.42.10
  • kernel-debug-debuginfo >= 2.6.16.60-0.42.10
  • kernel-default-debuginfo >= 2.6.16.60-0.42.10
  • kernel-kdump-debuginfo >= 2.6.16.60-0.42.10
  • kernel-smp-debuginfo >= 2.6.16.60-0.42.10
  • kernel-source-debuginfo >= 2.6.16.60-0.42.10
  • kernel-xen-debuginfo >= 2.6.16.60-0.42.10
  • kernel-xenpae-debuginfo >= 2.6.16.60-0.42.10
 sled10-sp2.x86
sles10-sp2-debuginfo.x86
sle10-sp2-sdk.x86
sles10-sp2.x86
ZYPP Patch Nr: 7011
SUSE Linux Enterprise SDK 10 SP2
  • kernel-debug >= 2.6.16.60-0.42.10
  • kernel-kdump >= 2.6.16.60-0.42.10
  • kernel-xen >= 2.6.16.60-0.42.10
  • kernel-xenpae >= 2.6.16.60-0.42.10
 sled10-sp2.x86
sles10-sp2-debuginfo.x86
sle10-sp2-sdk.x86
sles10-sp2.x86
ZYPP Patch Nr: 7011
SUSE Linux Enterprise Desktop 10 SP3 for x86
  • kernel-bigsmp >= 2.6.16.60-0.60.1
  • kernel-default >= 2.6.16.60-0.60.1
  • kernel-smp >= 2.6.16.60-0.60.1
  • kernel-source >= 2.6.16.60-0.60.1
  • kernel-syms >= 2.6.16.60-0.60.1
  • kernel-xen >= 2.6.16.60-0.60.1
  • kernel-xenpae >= 2.6.16.60-0.60.1
 sled10-sp3.x86
sles10-sp3.x86
sles10-sp3-debuginfo.x86
sle10-sp3-sdk.x86
ZYPP Patch Nr: 6925
SUSE Linux Enterprise Server 10 SP3 DEBUGINFO
  • kernel-bigsmp-debuginfo >= 2.6.16.60-0.60.1
  • kernel-debug-debuginfo >= 2.6.16.60-0.60.1
  • kernel-default-debuginfo >= 2.6.16.60-0.60.1
  • kernel-kdump-debuginfo >= 2.6.16.60-0.60.1
  • kernel-kdumppae-debuginfo >= 2.6.16.60-0.60.1
  • kernel-smp-debuginfo >= 2.6.16.60-0.60.1
  • kernel-source-debuginfo >= 2.6.16.60-0.60.1
  • kernel-vmi-debuginfo >= 2.6.16.60-0.60.1
  • kernel-vmipae-debuginfo >= 2.6.16.60-0.60.1
  • kernel-xen-debuginfo >= 2.6.16.60-0.60.1
  • kernel-xenpae-debuginfo >= 2.6.16.60-0.60.1
 sled10-sp3.x86
sles10-sp3.x86
sles10-sp3-debuginfo.x86
sle10-sp3-sdk.x86
ZYPP Patch Nr: 6925
SUSE Linux Enterprise SDK 10 SP3
  • kernel-debug >= 2.6.16.60-0.60.1
  • kernel-kdump >= 2.6.16.60-0.60.1
  • kernel-xen >= 2.6.16.60-0.60.1
  • kernel-xenpae >= 2.6.16.60-0.60.1
 sled10-sp3.x86
sles10-sp3.x86
sles10-sp3-debuginfo.x86
sle10-sp3-sdk.x86
ZYPP Patch Nr: 6925
SUSE Linux Enterprise Server 10 SP3
  • kernel-bigsmp >= 2.6.16.60-0.60.1
  • kernel-debug >= 2.6.16.60-0.60.1
  • kernel-default >= 2.6.16.60-0.60.1
  • kernel-kdump >= 2.6.16.60-0.60.1
  • kernel-kdumppae >= 2.6.16.60-0.60.1
  • kernel-smp >= 2.6.16.60-0.60.1
  • kernel-source >= 2.6.16.60-0.60.1
  • kernel-syms >= 2.6.16.60-0.60.1
  • kernel-vmi >= 2.6.16.60-0.60.1
  • kernel-vmipae >= 2.6.16.60-0.60.1
  • kernel-xen >= 2.6.16.60-0.60.1
  • kernel-xenpae >= 2.6.16.60-0.60.1
 sled10-sp3.x86
sles10-sp3.x86
sles10-sp3-debuginfo.x86
sle10-sp3-sdk.x86
ZYPP Patch Nr: 6925
SUSE Linux Enterprise Server RT Solution 10 for x86
  • ib-bonding-kmp-rt >= 0.9.0_2.6.22.19_0.40.1-1.22.1
  • ib-bonding-kmp-rt_bigsmp >= 0.9.0_2.6.22.19_0.40.1-1.22.1
  • ib-bonding-kmp-rt_debug >= 0.9.0_2.6.22.19_0.40.1-1.22.1
  • ib-bonding-kmp-rt_timing >= 0.9.0_2.6.22.19_0.40.1-1.22.1
  • intel-igb >= 1.3.19.3-0.5.1
  • intel-igb-kmp-rt >= 1.3.19.3_2.6.22.19_0.40.1-0.5.1
  • intel-igb-kmp-rt_bigsmp >= 1.3.19.3_2.6.22.19_0.40.1-0.5.1
  • intel-igb-kmp-rt_debug >= 1.3.19.3_2.6.22.19_0.40.1-0.5.1
  • intel-igb-kmp-rt_timing >= 1.3.19.3_2.6.22.19_0.40.1-0.5.1
  • kernel-rt >= 2.6.22.19-0.40.1
  • kernel-rt_bigsmp >= 2.6.22.19-0.40.1
  • kernel-rt_debug >= 2.6.22.19-0.40.1
  • kernel-rt_timing >= 2.6.22.19-0.40.1
  • kernel-source >= 2.6.22.19-0.40.1
  • kernel-syms >= 2.6.22.19-0.40.1
  • ofed-cxgb3-NIC-kmp-rt >= 1.4.2_2.6.22.19_0.40.1-0.10.2
  • ofed-cxgb3-NIC-kmp-rt_bigsmp >= 1.4.2_2.6.22.19_0.40.1-0.10.2
  • ofed-cxgb3-NIC-kmp-rt_debug >= 1.4.2_2.6.22.19_0.40.1-0.10.2
  • ofed-cxgb3-NIC-kmp-rt_timing >= 1.4.2_2.6.22.19_0.40.1-0.10.2
  • ofed-kmp-rt >= 1.4.2_2.6.22.19_0.40.1-0.10.2
  • ofed-kmp-rt_bigsmp >= 1.4.2_2.6.22.19_0.40.1-0.10.2
  • ofed-kmp-rt_debug >= 1.4.2_2.6.22.19_0.40.1-0.10.2
  • ofed-kmp-rt_timing >= 1.4.2_2.6.22.19_0.40.1-0.10.2
 slert10-sp3.x86-64
slert10-sp3.x86
ZYPP Patch Nr: 7085
SUSE Linux Enterprise Server RT Solution 10 for AMD64 and Intel EM64T
  • ib-bonding-kmp-rt >= 0.9.0_2.6.22.19_0.40.1-1.22.1
  • ib-bonding-kmp-rt_debug >= 0.9.0_2.6.22.19_0.40.1-1.22.1
  • ib-bonding-kmp-rt_timing >= 0.9.0_2.6.22.19_0.40.1-1.22.1
  • intel-igb >= 1.3.19.3-0.5.1
  • intel-igb-kmp-rt >= 1.3.19.3_2.6.22.19_0.40.1-0.5.1
  • intel-igb-kmp-rt_debug >= 1.3.19.3_2.6.22.19_0.40.1-0.5.1
  • intel-igb-kmp-rt_timing >= 1.3.19.3_2.6.22.19_0.40.1-0.5.1
  • kernel-rt >= 2.6.22.19-0.40.1
  • kernel-rt_debug >= 2.6.22.19-0.40.1
  • kernel-rt_timing >= 2.6.22.19-0.40.1
  • kernel-source >= 2.6.22.19-0.40.1
  • kernel-syms >= 2.6.22.19-0.40.1
  • ofed-cxgb3-NIC-kmp-rt >= 1.4.2_2.6.22.19_0.40.1-0.10.2
  • ofed-cxgb3-NIC-kmp-rt_debug >= 1.4.2_2.6.22.19_0.40.1-0.10.2
  • ofed-cxgb3-NIC-kmp-rt_timing >= 1.4.2_2.6.22.19_0.40.1-0.10.2
  • ofed-kmp-rt >= 1.4.2_2.6.22.19_0.40.1-0.10.2
  • ofed-kmp-rt_debug >= 1.4.2_2.6.22.19_0.40.1-0.10.2
  • ofed-kmp-rt_timing >= 1.4.2_2.6.22.19_0.40.1-0.10.2
 slert10-sp3.x86-64
slert10-sp3.x86
ZYPP Patch Nr: 7085
SUSE Linux Enterprise Server 10 SP3 DEBUGINFO
  • kernel-default-debuginfo >= 2.6.16.60-0.60.1
  • kernel-iseries64-debuginfo >= 2.6.16.60-0.60.1
  • kernel-kdump-debuginfo >= 2.6.16.60-0.60.1
  • kernel-ppc64-debuginfo >= 2.6.16.60-0.60.1
 sles10-sp3.ppc
sles10-sp3-debuginfo.ppc
sle10-sp3-sdk.ppc
ZYPP Patch Nr: 6927
SUSE Linux Enterprise SDK 10 SP3
  • kernel-kdump >= 2.6.16.60-0.60.1
 sles10-sp3.ppc
sles10-sp3-debuginfo.ppc
sle10-sp3-sdk.ppc
ZYPP Patch Nr: 6927
SUSE Linux Enterprise Server 10 SP3
  • kernel-default >= 2.6.16.60-0.60.1
  • kernel-iseries64 >= 2.6.16.60-0.60.1
  • kernel-kdump >= 2.6.16.60-0.60.1
  • kernel-ppc64 >= 2.6.16.60-0.60.1
  • kernel-source >= 2.6.16.60-0.60.1
  • kernel-syms >= 2.6.16.60-0.60.1
 sles10-sp3.ppc
sles10-sp3-debuginfo.ppc
sle10-sp3-sdk.ppc
ZYPP Patch Nr: 6927
SUSE CORE 9 for AMD64 and Intel EM64T
  • kernel-default >= 2.6.5-7.329.TDC
  • kernel-smp >= 2.6.5-7.329.TDC
  • kernel-source >= 2.6.5-7.329.TDC
  • kernel-syms >= 2.6.5-7.329.TDC
  • xen-kmp >= 3.0.4_2.6.5_7.329.TDC_-0.3
 Builds
YOU Patch Nr: 12814
SUSE Linux Enterprise Server 10 SP3 DEBUGINFO
  • kernel-default-debuginfo >= 2.6.16.60-0.60.1
 sles10-sp3-debuginfo.s390x
sles10-sp3.s390x
ZYPP Patch Nr: 6928
SUSE Linux Enterprise Server 10 SP3
  • kernel-default >= 2.6.16.60-0.60.1
  • kernel-source >= 2.6.16.60-0.60.1
  • kernel-syms >= 2.6.16.60-0.60.1
 sles10-sp3-debuginfo.s390x
sles10-sp3.s390x
ZYPP Patch Nr: 6928
Open Enterprise Server
  • kernel-bigsmp >= 2.6.5-7.323
  • kernel-debug >= 2.6.5-7.323
  • kernel-default >= 2.6.5-7.323
  • kernel-smp >= 2.6.5-7.323
  • kernel-source >= 2.6.5-7.323
  • kernel-syms >= 2.6.5-7.323
  • kernel-um >= 2.6.5-7.323
  • kernel-xen >= 2.6.5-7.323
  • kernel-xenpae >= 2.6.5-7.323
  • um-host-install-initrd >= 1.0-48.36
  • um-host-kernel >= 2.6.5-7.323
  • xen-kmp >= 3.0.4_2.6.5_7.323-0.2
 sles9-oes.x86
YOU Patch Nr: 12637
SUSE Linux Enterprise SDK 10 SP2
  • kernel-debug >= 2.6.16.60-0.42.10
 sles10-sp2-debuginfo.ia64
sle10-sp2-sdk.ia64
sles10-sp2.ia64
ZYPP Patch Nr: 7012
SUSE Linux Enterprise SDK 10 SP2
  • kernel-kdump >= 2.6.16.60-0.42.10
 sles10-sp2-debuginfo.ppc
sle10-sp2-sdk.ppc
sles10-sp2.ppc
ZYPP Patch Nr: 7013
SUSE Linux Enterprise Server 10 SP3 DEBUGINFO
  • kernel-debug-debuginfo >= 2.6.16.60-0.60.1
  • kernel-default-debuginfo >= 2.6.16.60-0.60.1
  • kernel-source-debuginfo >= 2.6.16.60-0.60.1
 sles10-sp3.ia64
sles10-sp3-debuginfo.ia64
sle10-sp3-sdk.ia64
ZYPP Patch Nr: 6926
SUSE Linux Enterprise SDK 10 SP3
  • kernel-debug >= 2.6.16.60-0.60.1
 sles10-sp3.ia64
sles10-sp3-debuginfo.ia64
sle10-sp3-sdk.ia64
ZYPP Patch Nr: 6926
SUSE Linux Enterprise Server 10 SP3
  • kernel-debug >= 2.6.16.60-0.60.1
  • kernel-default >= 2.6.16.60-0.60.1
  • kernel-source >= 2.6.16.60-0.60.1
  • kernel-syms >= 2.6.16.60-0.60.1
 sles10-sp3.ia64
sles10-sp3-debuginfo.ia64
sle10-sp3-sdk.ia64
ZYPP Patch Nr: 6926

List of products where fixes are in QA

SUSE CORE 9 for AMD64 and Intel EM64T

© 2013 Novell