Security update for Linux Kernel (k_deflt)
(Last modified: 15NOV2002)
solutions Security update for Linux Kernel (k_deflt) SuSE Linux Maintenance Web (d3dcd5b159c406af42e6b50b67ec51bb)
SuSE Linux Openexchange Server 4
- Fix for a security problem where local unpriviledged users can crash the machine by abusing the nested task (NT) flag.
- Fix for a security problem where local unpriviledged users can crash the machine by setting the TF flag in a carefully constructed binary.
- Fix for a problem in the tcp connection tracking code that could allow an attacker to make a machine unaccessible via the network for long time.
- Due to a longstanding race in the kernel processes could stall for an indefinite time under certain load patterns.
- Accessing the
procfiles of the
gdthdriver (Intel/former ICP vortex) could lead to an oops. Accessing those files is vital for the management tools of this driver. Reason for the problem was not a driver bug, but some generic bug in the SCSI code that could potentially affect other drivers as well.
- The unicon support could overwrite memory on systems with regular VGA cards without support for double byte output. The problem only exists when the system was booted in VGA mode. When booted in framebuffer mode or when running X the problem is not present. Also several security issues in the unicon support have been fixed.
- Fix for largepage on SHM.
- Fix for a potential deadlock in the ACL code.
- Fix for a machine hang when unmounting a JFS filesystem.
- Fix USB support for Unisys ES7000 machines.
- When the IO-APIC mode was enabled, this could lead to non-functional interrupts on certain boards with VIA 686A/B southbridge because
nr_ioapicswas not always correctly initialized. This has been fixed.
- Fix a longstanding SMP race in msgrcv that could lead to application failures in certain situations.
- Update JFS to version 1.0.24; several important fixes.
- The write barrier feature could lead to hanging machines on some systems with multiple IDE disks. The feature turned out to be buggy anyway, so was removed. No regression compared to the official kernel.
- IBM ServeRaid driver updated to 6.0.0. Previous versions were not 64bit clean, hence they did not work on ia64 systems.
- Update of the 3ware driver to version 1.02.00.031; previous version were not 64bit clean.
- The bcm5700 was leaking memory maps at least on x86_64. Update to the new driver version 4.0.
- Update vtune driver to version 0.908.
- Hangcheck modules that add some additional form of watchdog. This has been implemented with additional kernel modules that don't change anything in the rest of the kernel. So this has no impact unless the modules are explicitly loaded
rpm -Fvh k_deflt.rpm
Download Source Packages
Download the source code of the patches for maintained products.
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.