The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix the
following severe security issues:
CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c
in the Linux kernel through 3.14.3 does not properly handle error
conditions during processing of an FDRAWCMD ioctl call, which allows local
users to trigger kfree operations and gain privileges by leveraging write
access to a /dev/fd device. (bnc#875798)
CVE-2014-1738: The raw_cmd_copyout function in
drivers/block/floppy.c in the Linux kernel through 3.14.3 does not
properly restrict access to certain pointers during processing of an
FDRAWCMD ioctl call, which allows local users to obtain sensitive
information from kernel heap memory by leveraging write access to a
/dev/fd device. (bnc#875798)
CVE-2014-0196: The n_tty_write function in drivers/tty/n_tty.c in
the Linux kernel through 3.14.3 does not properly manage tty driver access
in the "LECHO & !OPOST" case, which allows local users to cause a denial
of service (memory corruption and system crash) or gain privileges by
triggering a race condition involving read and write operations with long
strings. (bnc#875690)
Security Issues references:
download.suse.com/patch/finder/?keywords=0a2dcb948e608bd43076195098633c81
download.suse.com/patch/finder/?keywords=274275aae87b7f5717f22fbbcefc8d6c
download.suse.com/patch/finder/?keywords=74a759a760793246603bb46c1f236d66
download.suse.com/patch/finder/?keywords=843a01b2e875a9432b273760df408cf6
download.suse.com/patch/finder/?keywords=92be4af46975d1cbad507b6d3ff3a1b0
download.suse.com/patch/finder/?keywords=9a4b69a3f37b4e66442334473595bfb3
download.suse.com/patch/finder/?keywords=e8725e10de339002adb8d4cccd0ec112
download.suse.com/patch/finder/?keywords=f07cfd49365f51f26faddaf62d0a2652
download.suse.com/patch/finder/?keywords=f83b1e3a46f672548bf90e07d1b9554b
download.suse.com/patch/finder/?keywords=fbbbacd1258eed8745c184e7d6e9eddb
bugzilla.novell.com/875690
bugzilla.novell.com/875798