SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 8587)

medium Nessus Plugin ID 66782

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

The SUSE Linux Enterprise 10 SP4 kernel has been updated to fix various bugs and security issues.

Security issues fixed :

- The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel allowed remote attackers to bypass intended network restrictions via overlapping IPv6 fragments. (CVE-2012-4444)

- The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel lacked a certain error check, which might have allowed local users to obtain sensitive information from kernel stack memory via a crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb device. (CVE-2013-1928)

Also the following bugs have been fixed :

- hugetlb: Fix regression introduced by the original patch. (bnc#790236, bnc#819403)

- NFSv3/v2: Fix data corruption with NFS short reads.
(bnc#818337)

- Fix package descriptions in specfiles. (bnc#817666)

- TTY: fix atime/mtime regression. (bnc#815745)

- virtio_net: ensure big packets are 64k. (bnc#760753)

- virtio_net: refill rx buffers when oom occurs.
(bnc#760753)

- qeth: fix qeth_wait_for_threads() deadlock for OSN devices (bnc#812317, LTC#90910).

- nfsd: remove unnecessary NULL checks from nfsd_cross_mnt. (bnc#810628)

- knfsd: Fixed problem with NFS exporting directories which are mounted on. (bnc#810628)

Solution

Apply ZYPP patch number 8587.

See Also

http://support.novell.com/security/cve/CVE-2012-4444.html

http://support.novell.com/security/cve/CVE-2013-1928.html

Plugin Details

Severity: Medium

ID: 66782

File Name: suse_kernel-8587.nasl

Version: 1.3

Type: local

Agent: unix

Published: 6/4/2013

Updated: 1/19/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 5/17/2013

Reference Information

CVE: CVE-2012-4444, CVE-2013-1928