Upstream information
Description
The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device.NVD CVSS v2 Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Novell/SUSE information
Novell Bugzilla entry: 765320 SUSE Security Advisories:- SUSE-SU-2012:0789-1, published Tue, 26 Jun 2012 02:08:23 +0200 (CEST)
- SUSE-SU-2012:1391-1, published Wed, 24 Oct 2012 09:08:54 +0200 (CEST)
- openSUSE-SU-2012:0781-1, published Fri, 22 Jun 2012 11:08:29 +0200 (CEST)
- openSUSE-SU-2012:0799-1, published Thu, 28 Jun 2012 10:08:31 +0200 (CEST)
- openSUSE-SU-2012:0812-1, published Tue, 3 Jul 2012 14:08:26 +0200 (CEST)
- openSUSE-SU-2012:1439-1, published Mon, 5 Nov 2012 10:09:03 +0100 (CET)
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 6552 |
| SUSE Linux Enterprise 10 SP4 DEBUGINFO for IBM POWER |
| sle10-sp4-sdk.ppc sles10-sp4-debuginfo.ppc sles10-sp4.ppc ZYPP Patch Nr: 8323 |
| SLE SDK 10 SP4 for IBM iSeries and IBM pSeries |
| sle10-sp4-sdk.ppc sles10-sp4-debuginfo.ppc sles10-sp4.ppc ZYPP Patch Nr: 8323 |
| SUSE Linux Enterprise Server 10 SP4 for IBM POWER |
| sle10-sp4-sdk.ppc sles10-sp4-debuginfo.ppc sles10-sp4.ppc ZYPP Patch Nr: 8323 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 6554 |
| SLE 11 SP2 DEBUGINFO |
| Builds SAT Patch Nr: 6463 |
| SUSE Linux Enterprise High Availability Extension 11 SP2 |
| Builds SAT Patch Nr: 6463 |
| SUSE Linux Enterprise Desktop 11 SP2 |
| Builds SAT Patch Nr: 6463 |
| SUSE Linux Enterprise Server 11 SP2 for VMware |
| Builds SAT Patch Nr: 6463 |
| SUSE Linux Enterprise Server 11 SP2 |
| Builds SAT Patch Nr: 6463 |
| SUSE Linux Enterprise 10 SP4 DEBUGINFO for IPF |
| sles10-sp4.ia64 sles10-sp4-debuginfo.ia64 sle10-sp4-sdk.ia64 ZYPP Patch Nr: 8326 |
| SLE SDK 10 SP4 for IPF |
| sles10-sp4.ia64 sles10-sp4-debuginfo.ia64 sle10-sp4-sdk.ia64 ZYPP Patch Nr: 8326 |
| SUSE Linux Enterprise Server 10 SP4 for IPF |
| sles10-sp4.ia64 sles10-sp4-debuginfo.ia64 sle10-sp4-sdk.ia64 ZYPP Patch Nr: 8326 |
| SLE 11 SP1 DEBUGINFO |
| Builds SAT Patch Nr: 6549 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| Builds SAT Patch Nr: 6549 |
| SUSE Linux Enterprise Server 11 SP1 |
| Builds SAT Patch Nr: 6549 |
| SLE 11 SP1 DEBUGINFO |
| Builds SAT Patch Nr: 6547 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| Builds SAT Patch Nr: 6547 |
| SUSE Linux Enterprise Desktop 11 SP1 |
| Builds SAT Patch Nr: 6547 |
| SUSE Linux Enterprise Server 11 SP1 for VMware |
| Builds SAT Patch Nr: 6547 |
| SUSE Linux Enterprise Server 11 SP1 |
| Builds SAT Patch Nr: 6547 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 6553 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 6454 |
| SUSE Linux Enterprise 10 SP4 DEBUGINFO for IBM zSeries 64bit |
| sles10-sp4-debuginfo.s390x sles10-sp4.s390x ZYPP Patch Nr: 8328 |
| SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit |
| sles10-sp4-debuginfo.s390x sles10-sp4.s390x ZYPP Patch Nr: 8328 |
| SLE 11 SP2 DEBUGINFO |
| Builds SAT Patch Nr: 6458 |
| SUSE Linux Enterprise High Availability Extension 11 SP2 |
| Builds SAT Patch Nr: 6458 |
| SUSE Linux Enterprise Server 11 SP2 |
| Builds SAT Patch Nr: 6458 |
| SLE 11 SP1 DEBUGINFO |
| Builds SAT Patch Nr: 6556 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| Builds SAT Patch Nr: 6556 |
| SUSE Linux Enterprise Server 11 SP1 |
| Builds SAT Patch Nr: 6556 |
| SLE 11 SP2 DEBUGINFO |
| Builds SAT Patch Nr: 6457 |
| SUSE Linux Enterprise High Availability Extension 11 SP2 |
| Builds SAT Patch Nr: 6457 |
| SUSE Linux Enterprise Desktop 11 SP2 |
| Builds SAT Patch Nr: 6457 |
| SUSE Linux Enterprise Server 11 SP2 for VMware |
| Builds SAT Patch Nr: 6457 |
| SUSE Linux Enterprise Server 11 SP2 |
| Builds SAT Patch Nr: 6457 |
| SLE 11 SP2 DEBUGINFO |
| Builds SAT Patch Nr: 6453 |
| SUSE Linux Enterprise High Availability Extension 11 SP2 |
| Builds SAT Patch Nr: 6453 |
| SUSE Linux Enterprise Server 11 SP2 |
| Builds SAT Patch Nr: 6453 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 6459 |
| SLE 11 SP1 DEBUGINFO |
| Builds SAT Patch Nr: 6548 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| Builds SAT Patch Nr: 6548 |
| SUSE Linux Enterprise Desktop 11 SP1 |
| Builds SAT Patch Nr: 6548 |
| SUSE Linux Enterprise Server 11 SP1 for VMware |
| Builds SAT Patch Nr: 6548 |
| SUSE Linux Enterprise Server 11 SP1 |
| Builds SAT Patch Nr: 6548 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 6466 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 6551 |
| SLE 11 SP2 DEBUGINFO |
| Builds SAT Patch Nr: 6467 |
| SUSE Linux Enterprise High Availability Extension 11 SP2 |
| Builds SAT Patch Nr: 6467 |
| SUSE Linux Enterprise Server 11 SP2 |
| Builds SAT Patch Nr: 6467 |
| SUSE Linux Enterprise Desktop 10 SP4 for x86 |
| sle10-sp4-sdk.x86 sled10-sp4.x86 sles10-sp4.x86 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 8325 |
| SUSE Linux Enterprise 10 SP4 DEBUGINFO for x86 |
| sle10-sp4-sdk.x86 sled10-sp4.x86 sles10-sp4.x86 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 8325 |
| SLE SDK 10 SP4 for x86 |
| sle10-sp4-sdk.x86 sled10-sp4.x86 sles10-sp4.x86 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 8325 |
| SUSE Linux Enterprise Server 10 SP4 for x86 |
| sle10-sp4-sdk.x86 sled10-sp4.x86 sles10-sp4.x86 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 8325 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 6555 |
| SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T |
| sle10-sp4-sdk.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4.x86-64 sled10-sp4.x86-64 ZYPP Patch Nr: 8324 |
| SUSE Linux Enterprise 10 SP4 DEBUGINFO for AMD64 and Intel EM64T |
| sle10-sp4-sdk.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4.x86-64 sled10-sp4.x86-64 ZYPP Patch Nr: 8324 |
| SLE SDK 10 SP4 for X86-64 |
| sle10-sp4-sdk.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4.x86-64 sled10-sp4.x86-64 ZYPP Patch Nr: 8324 |
| SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T |
| sle10-sp4-sdk.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4.x86-64 sled10-sp4.x86-64 ZYPP Patch Nr: 8324 |
| SUSE CORE 9 for AMD64 and Intel EM64T |
| Builds YOU Patch Nr: 12896 |
| SLE 11 SP1 DEBUGINFO |
| Builds SAT Patch Nr: 6550 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| Builds SAT Patch Nr: 6550 |
| SUSE Linux Enterprise Server 11 SP1 |
| Builds SAT Patch Nr: 6550 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 6460 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 6464 |