'[opensuse-security] Kernel freezing KDE4 (was: Re: [security-announce] SUSE Security'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       suse-security
Subject:    [opensuse-security] Kernel freezing KDE4 (was: Re: [security-announce] SUSE Security
From:       David =?ISO-8859-1?Q?H=FCcking?= <d.huecking () gmx ! net>
Date:       2010-10-26 18:50:16
Message-ID: 1288119016.24412.34.camel () bagend
[Download RAW message or body]

Am Freitag, den 15.10.2010, 16:28 +0200 schrieb Marcus Meissner:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> ______________________________________________________________________________
> 
>                         SUSE Security Announcement
> 
>         Package:                kernel
>         Announcement ID:        SUSE-SA:2010:051
>         Date:                   Fri, 15 Oct 2010 14:00:00 +0000
>         Affected Products:      openSUSE 11.3
>         Vulnerability Type:     local privilege escalation
>         CVSS v2 Base Score:     7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
>         SUSE Default Package:   yes
>         Cross-References:       CVE-2010-2962, CVE-2010-3310
> 
>     Content of This Advisory:
>         1) Security Vulnerability Resolved:
>              Linux kernel security update
>            Problem Description
>         2) Solution or Work-Around
>         3) Special Instructions and Notes
>         4) Package Location and Checksums
>         5) Pending Vulnerabilities, Solutions, and Work-Arounds:
>             See SUSE Security Summary Report.
>         6) Authenticity Verification and Additional Information
> 
> ______________________________________________________________________________
> 
> 1) Problem Description and Brief Discussion
> 
>    This updated openSUSE 11.3 kernel fixes the following security bugs:
> 
>    CVE-2010-3310: local users could corrupt kernel heap memory via
>    ROSE sockets.
> 
>    CVE-2010-2962: local users could write to any kernel memory location
>    via the i915 GEM ioctl interface. Exploitability requires the presence
>    of a i915 compatible graphics card.
> 
>    Additionally the update restores the compat_alloc_userspace()
>    inline function and includes several other bug fixes.

Hi!

I did set up a PC with i915 graphic chipset 
00:02.0 VGA compatible controller: Intel Corporation 82915G/GV/910GL
Integrated Graphics Controller (rev 04)
00:02.1 Display controller: Intel Corporation 82915G Integrated Graphics
Controller (rev 04)
an openSUSE 11.3 x86/ 32Bit running the kernel 2.6.34-7-desktop.
I did apply all updates including this Kernel-Update 2.6.34-12-desktop.
Now when I try to log on KDE4 the KDE splash screen appears and the
system freezes (no reaction on keyboard, mouse or ACPI "on/ off"
button).
Ĺoging on to IceWM e.g. still works.
Rolling back to the 2.6.34-7-desktop does help.

Any tips what to do? Try other kernel "flavor"? Is it a bug?!


Regards, David.
-- 
Eat, sleep and go running, ;-)
David Hücking.

Encrypted eMail welcome! 
GnuPG/ PGP-Key: 0x57809216. Fingerprint: 
3DF2 CBE0 DFAA 4164 02C2  4E2A E005 8DF7 5780 9216

-- 
To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security+help@opensuse.org

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic