Falls jemand Probleme in den letzten Tagen hatte mit einem Kernelupdate, das Störungen mit USB Maus und/oder Tastatur verursacht hatte: Mit dem heutigen Kernelupdate ist das gefixt.
Ich gebe hier mal die Mail aus der Mailingliste
opensuse-security-announce@opensuse.org wieder:
ZitatAlles anzeigenSUSE Security Announcement
Package: kernel
Announcement ID: SUSE-SA:2010:041
Date: Fri, 17 Sep 2010 14:00:00 +0000
Affected Products: openSUSE 11.3
Vulnerability Type: local privilege escalation
CVSS v2 Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
SUSE Default Package: yes
Cross-References: CVE-2010-2803, CVE-2010-2942, CVE-2010-2954
CVE-2010-2959, CVE-2010-3078
Content of This Advisory:
1) Security Vulnerability Resolved:
Linux kernel update
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
- Two new local privilege escalations in the Linux kernels
6) Authenticity Verification and Additional Information
______________________________________________________________________________
1) Problem Description and Brief Discussion
The openSUSE 11.3 kernel was updated to version 2.6.34.7. The update fixes
lots of bugs and security issues.
A major regression in handling some USB Input devices (Mice and Keyboard)
introduced by the previous update was fixed.
We also fixed a lot of bugs in the ATH5K wireless driver.
Following security issues were fixed:
CVE-2010-3078: A XFS stack memory information disclosure was fixed.
CVE-2010-2954: A NULL pointer dereference in the IRDA stack was fixed,
which could lead to kernel crashes.
CVE-2010-2959: A local privilege escalation in the CAN bus protocol
module can_bcm was fixed.
CVE-2010-2942: Several memory leaks in the net scheduling code
were fixed.
CVE-2010-2803: Fixed kernel memory information leaks from DRM ioctls.
2) Solution or Work-Around
There is no known workaround, please install the update packages.
3) Special Instructions and Notes
Please reboot the machine after installing the update.
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST
Online Update (YOU) tool. YOU detects which updates are required and
automatically performs the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually
and verify their integrity by the methods listed in Section 6 of this
announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing <file.rpm> with the filename of the
downloaded RPM package.