openSUSE-SU-2013:1043-1 -- Suse kernelID: oval:org.secpod.oval:def:400544 | Date: (C)2013-06-21 (M)2024-02-19 |
Class: PATCH | Family: unix |
The openSUSE 12.3 kernel was updated to fix a critical security issue and two reiserfs bugs. CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi target running on the machine and the attacker able to make a network connection to it . Bugs fixed: - reiserfs: fix spurious multiple-fill in reiserfs_readdir_dentry . - reiserfs: fix problems with chowning setuid file w/ xattrs . - iscsi-target: fix heap buffer overflow on error .