SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 4935)

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 10 host is missing a security-related patch.

Description :

This kernel update fixes the following security problems :

- Insufficient range checks in certain fault handlers
could be used by local attackers to potentially read or
write kernel memory. (CVE-2008-0007)

- Incorrect access mode checks could be used by local
attackers to corrupt directory contents and so cause
denial of service attacks or potentially execute code.
(CVE-2008-0001)

- Integer overflow in the hrtimer_start function in
kernel/hrtimer.c in the Linux kernel before 2.6.23.10
allows local users to execute arbitrary code or cause a
denial of service (panic) via a large relative timeout
value. NOTE: some of these details are obtained from
third-party information. (CVE-2007-5966)

- The shmem_getpage function (mm/shmem.c) in Linux kernel
2.6.11 through 2.6.23 does not properly clear allocated
memory in some rare circumstances, which might allow
local users to read sensitive kernel data or cause a
denial of service (crash). (CVE-2007-6417)

Additionally the following bugfixes have been included for all
platforms :

- patches.suse/bootsplash: Bootsplash for current kernel
(none). patch the patch for Bug 345980.

- patches.fixes/megaraid-fixup-driver-version: Megaraid
driver version out of sync (299740).

- OCFS2: Updated to version 1.2.8

- patches.fixes/ocfs2-1.2-svn-r3070.diff: [PATCH] ocfs2:
Remove overzealous BUG_ON().

- patches.fixes/ocfs2-1.2-svn-r3072.diff: [PATCH] ocfs2:
fix rename vs unlink race.

- patches.fixes/ocfs2-1.2-svn-r3074.diff: [PATCH] ocfs2:
Remove expensive local alloc bitmap scan code.

- patches.fixes/ocfs2-1.2-svn-r3057.diff: [PATCH] ocfs2:
Check for cluster locking in ocfs2_readpage.

- patches.fixes/ocfs2-1.2-svn-r2975.diff: ocfs2_dlm: make
functions static.

- patches.fixes/ocfs2-1.2-svn-r2976.diff: [PATCH]
ocfs2_dlm: make tot_backoff more descriptive.

- patches.fixes/ocfs2-1.2-svn-r3002.diff: [PATCH] ocfs2:
Remove the printing of harmless ERRORS like ECONNRESET,
EPIPE..

- patches.fixes/ocfs2-1.2-svn-r3004.diff: [PATCH]
ocfs2_dlm: Call cond_resched_lock() once per hash bucket
scan.

- patches.fixes/ocfs2-1.2-svn-r3006.diff: [PATCH]
ocfs2_dlm: Silence compiler warnings.

- patches.fixes/ocfs2-1.2-svn-r3062.diff: [PATCH]
ocfs2_dlm: Fix double increment of migrated lockres'
owner count.

- patches.fixes/hugetlb-get_user_pages-corruption.patch:
hugetlb: follow_hugetlb_page() for write access
(345239).

- enable patches.fixes/reiserfs-fault-in-pages.patch
(333412)

- patches.drivers/usb-update-evdo-driver-ids.patch: USB:
update evdo driver ids. Get the module to build...

-
patches.drivers/usb-add-usb_device_and_interface_info.pa
tch: USB: add USB_DEVICE_AND_INTERFACE_INFO(). This is
needed to get the HUAWEI devices to work properly, and
to get patches.drivers/usb-update-evdo-driver-ids.patch
to build without errors.

- patches.drivers/usb-update-evdo-driver-ids.patch: USB:
update evdo driver ids on request from our IT department
(345438).

- patches.suse/kdump-dump_after_notifier.patch: Add
dump_after_notifier sysctl (265764).

- patches.drivers/libata-sata_nv-disable-ADMA: sata_nv:
disable ADMA by default (346508).

- patches.fixes/cpufreq-fix-ondemand-deadlock.patch:
Cpufreq fix ondemand deadlock (337439).

-
patches.fixes/eliminate-cpufreq_userspace-scaling_setspe
ed-deadlock.patch: Eliminate cpufreq_userspace
scaling_setspeed deadlock (337439).

- patches.xen/15181-dma-tracking.patch: Fix issue
preventing Xen KMPs from building.

- patches.drivers/r8169-perform-a-PHY-reset-before.patch:
r8169: perform a PHY reset before any other operation at
boot time (345658).

- patches.drivers/r8169-more-alignment-for-the-0x8168:
refresh.

- patches.fixes/lockd-grant-shutdown: Stop GRANT callback
from crashing if NFS server has been stopped. (292478).
There was a problem with this patch which would cause
apparently random crashes when lockd was in use. The
offending change has been removed.

- patches.fixes/usb_336850.diff: fix missing quirk leading
to a device disconnecting under load (336850).

- patches.fixes/cifs-incomplete-recv.patch: fix incorrect
session reconnects (279783).

- patches.fixes/megaraid_mbox-dell-cerc-support: Fix so
that it applies properly. I extended the context to 6
lines to help patch find where to apply the patch
(267134).

- patches.fixes/md-idle-test: md: improve the
is_mddev_idle test fix (326591).

See also :

http://support.novell.com/security/cve/CVE-2007-5966.html
http://support.novell.com/security/cve/CVE-2007-6417.html
http://support.novell.com/security/cve/CVE-2008-0001.html
http://support.novell.com/security/cve/CVE-2008-0007.html

Solution :

Apply ZYPP patch number 4935.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 30249 ()

Bugtraq ID:

CVE ID: CVE-2007-5966
CVE-2007-6417
CVE-2008-0001
CVE-2008-0007

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now