Upstream information
Description
The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does not properly allocate memory, which might allow local users to trigger a heap-based buffer overflow, and consequently cause a denial of service or gain privileges, via a long report.NVD CVSS v2 Base Score: 6.2 (AV:L/AC:H/Au:N/C:C/I:C/A:C)
Novell/SUSE information
Note from the SUSE Security Team
The iowarrior did not exists on SUSE Linux Enterprise 10 and older kernels, so these are not affected. Novell Bugzilla entry: 666842 SUSE Security Advisories:- SUSE-SA:2011:019, published Thu, 28 Apr 2011 11:00:00 +0000
- SUSE-SA:2011:020, published Thu, 28 Apr 2011 11:00:00 +0000
- openSUSE-SU-2011:0399-1, published Thu, 28 Apr 2011 04:08:10 +0200 (CEST)
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SLE 11 SP1 DEBUGINFO |
| sle11-sp1-hae.x86-64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1-vmware.x86-64 SAT Patch Nr: 4376 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| sle11-sp1-hae.x86-64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1-vmware.x86-64 SAT Patch Nr: 4376 |
| SUSE Linux Enterprise Desktop 11 SP1 |
| sle11-sp1-hae.x86-64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1-vmware.x86-64 SAT Patch Nr: 4376 |
| SUSE Linux Enterprise Server 11 SP1 for VMware |
| sle11-sp1-hae.x86-64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1-vmware.x86-64 SAT Patch Nr: 4376 |
| SUSE Linux Enterprise Server 11 SP1 |
| sle11-sp1-hae.x86-64 sled11-sp1.x86-64 sles11-sp1.x86-64 sles11-sp1-vmware.x86-64 SAT Patch Nr: 4376 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 4379 |
| SLE 11 SP1 DEBUGINFO |
| sle11-sp1-hae.ia64 sles11-sp1.ia64 SAT Patch Nr: 4375 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| sle11-sp1-hae.ia64 sles11-sp1.ia64 SAT Patch Nr: 4375 |
| SUSE Linux Enterprise Server 11 SP1 |
| sle11-sp1-hae.ia64 sles11-sp1.ia64 SAT Patch Nr: 4375 |
| SLE 11 SP1 DEBUGINFO |
| sle11-sp1-hae.ppc sles11-sp1.ppc SAT Patch Nr: 4385 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| sle11-sp1-hae.ppc sles11-sp1.ppc SAT Patch Nr: 4385 |
| SUSE Linux Enterprise Server 11 SP1 |
| sle11-sp1-hae.ppc sles11-sp1.ppc SAT Patch Nr: 4385 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 4377 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 4380 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 4378 |
| SLE 11 SP1 DEBUGINFO |
| sles11-sp1-vmware.x86 sle11-sp1-hae.x86 sles11-sp1.x86 sled11-sp1.x86 SAT Patch Nr: 4384 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| sles11-sp1-vmware.x86 sle11-sp1-hae.x86 sles11-sp1.x86 sled11-sp1.x86 SAT Patch Nr: 4384 |
| SUSE Linux Enterprise Desktop 11 SP1 |
| sles11-sp1-vmware.x86 sle11-sp1-hae.x86 sles11-sp1.x86 sled11-sp1.x86 SAT Patch Nr: 4384 |
| SUSE Linux Enterprise Server 11 SP1 for VMware |
| sles11-sp1-vmware.x86 sle11-sp1-hae.x86 sles11-sp1.x86 sled11-sp1.x86 SAT Patch Nr: 4384 |
| SUSE Linux Enterprise Server 11 SP1 |
| sles11-sp1-vmware.x86 sle11-sp1-hae.x86 sles11-sp1.x86 sled11-sp1.x86 SAT Patch Nr: 4384 |
| SLE 11 SP1 DEBUGINFO |
| sles11-sp1.s390x sle11-sp1-hae.s390x SAT Patch Nr: 4386 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| sles11-sp1.s390x sle11-sp1-hae.s390x SAT Patch Nr: 4386 |
| SUSE Linux Enterprise Server 11 SP1 |
| sles11-sp1.s390x sle11-sp1-hae.s390x SAT Patch Nr: 4386 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 4381 |
| openSUSE 11.3 |
| |
| openSUSE 11.3 |
|
List of products where fixes are in QA
SLE 11 SERVER Unsupported ExtrasSLE 11 SERVER Unsupported Extras
SLE 11 SERVER Unsupported Extras
SLE 11 SERVER Unsupported Extras
SLE 11 SERVER Unsupported Extras
SLE 11 SERVER Unsupported Extras
SLE 11 SERVER Unsupported Extras
SLE 11 SERVER Unsupported Extras
SLE 11 SERVER Unsupported Extras
SLE 11 SERVER Unsupported Extras
SLE 11 SP1 DEBUGINFO
SLE 11 SP1 DEBUGINFO
SLE 11 SP1 DEBUGINFO
SLE 11 SP1 DEBUGINFO
SLE 11 SP1 DEBUGINFO
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise High Availability Extension 11 SP1
SUSE Linux Enterprise High Availability Extension 11 SP1
SUSE Linux Enterprise High Availability Extension 11 SP1
SUSE Linux Enterprise High Availability Extension 11 SP1
SUSE Linux Enterprise High Availability Extension 11 SP1
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1 for VMware