SUSE-SA:2005:029: kernel

This script is Copyright (C) 2005-2010 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a vendor-supplied security patch

Description :

The remote host is missing the patch for the advisory SUSE-SA:2005:029 (kernel).


The Linux kernel is the core component of the Linux system.

This update fixes various security as well as non-security problems
discovered since the last round of kernel updates.


The following security problems have been fixed:

- when creating directories on ext2 filesystems the kernel did not
zero initialize the memory allocated. Therefore potentially
sensitive information could be exposed to users (CVE-2005-0400).

All SUSE LINUX based products are affected.

- local users can crash the kernel via a crafted ELF library or
executable, which causes a free of an invalid pointer
(CVE-2005-0749).

All SUSE LINUX based products are affected.

- local users could gain root access via a bluetooth socket
(CVE-2005-0750).

The fix for this problem was missing in SUSE LINUX 9.3 only.

- local users could gain root access by causing a core dump of
specially crafted ELF executables (CVE-2005-1263).

The problem is believed to be not exploitable on any SUSE LINUX
based product. The patch is included nevertheless.

- on the x86-64 platform various bugs allowed local users to crash
the kernel or CPU (CVE-2005-0756, CVE-2005-1762, CVE-2005-1764,
CVE-2005-1765)

All SUSE LINUX based products on the x86-64 architecture are
affected.

- an overflow in the x86-64 ptrace code allowed local users to
write a few bytes into kernel memory pages they normally
shouldn't have access to (CVE-2005-1763).

SLES 9 and SUSE LINUX 9.1-9.3 on the x86-64 architecture are
affected.

- insufficient checks in the 32bit DRM ioctl functions could allow
unprivileged local users to gain root access.

SLES 9 and SUSE LINUX 9.1-9.3 on the x86-64 architecture are
affected.

Solution :

http://www.suse.de/security/advisories/2005_29_kernel.html

Risk factor :

High

Family: SuSE Local Security Checks

Nessus Plugin ID: 18462 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now