This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This kernel update fixes the following security problems:
CVE-2008-2136: A problem in SIT IPv6 tunnel handling could be used by
remote attackers to immediately crash the machine.
CVE-2008-1615: On x86_64 a denial of service attack could be used by
local attackers to immediately panic / crash the machine.
CVE-2008-2148: The permission checking in sys_utimensat was incorrect
and local attackers could change the filetimes of files they do not
own to the current time.
CVE-2008-1669: Fixed a SMP ordering problem in fcntl_setlk could
potentially allow local attackers to execute code by timing file
CVE-2008-1375: Fixed a dnotify race condition, which could be used by
local attackers to potentially execute code.
CVE-2007-6282: A remote attacker could crash the IPSec/IPv6 stack by
sending a bad ESP packet. This requires the host to be able to receive
such packets (default filtered by the firewall).
CVE-2008-1367: Clear the 'direction' flag before calling signal
handlers. For specific not yet identified programs under specific
timing conditions this could potentially have caused memory corruption
or code execution.
And the following bugs (numbers are https://bugzilla.novell.com/
Update the patch to include also 2030 model to nomux
- patches.apparmor/fix-net.diff: AppArmor: fix Oops in
- patches.fixes/input-alps-update.patch: Input: fix the
AlpsPS2 driver (bnc#357881).
- patches.arch/cpufreq_fix_acpi_driver_on_BIOS_changes.patch: CPUFREQ:
Check against freq changes from the BIOS (334378).
ace-speed: ieee1394: limit early node speed to host interface speed
- patches.fixes/forcedeth_realtec_phy_fix: Fix a
regression to the GA kernel for some forcedeth cards
- pci-revert-SMBus-unhide-on-nx6110.patch: Do not unhide
the SMBus on the HP Compaq nx6110, it's unsafe.
- patches.drivers/e1000-disable-l1aspm.patch: Disable L1
ASPM power savings for 82573 mobile variants, it's
broken (bnc#254713, LTC34077).
libata: improve HPA error handling (365534).
- rpm/kernel-binary.spec.in: Added Conflicts:
libc.so.6()(64bit) to i386 arch (364433).
- patches.drivers/libata-disallow-sysfs-read-access-to-force-p aram:
libata: don't allow sysfs read access to force param (362599).
- patches.suse/bonding-workqueue: Update to fix a hang
when closing a bonding device (342994).
- patches.fixes/mptspi-dv-renegotiate-oops: mptlinux
crashes on kernel 2.6.22 (bnc#271749).
-2.6.25-rc3.patch: USB: update sierra and option device
ids from 2.6.25-rc3 (343167).
- patches.arch/x86-nvidia-timer-quirk: Disable again
(#302327) The PCI ID lists are not complete enough and
let's have the same crap as mainline for this for now.
Input: add Lenovo 3000 N100 to nomux blacklist
- patches.suse/bonding-bh-locking: Add missing chunks. The
SLES10 SP1 version of the patch was updated in May 2007
but the openSuse 10.3 version was forgotten (260069).
n-krb.patch: knfsd: Allow NFSv2/3 WRITE calls to succeed when krb5i
etc is used. (348737).
- patches.fixes/md-fix-an-occasional-deadlock-in-raid5.patch: md: fix
an occasional deadlock in raid5 (357088).
- patches.drivers/libata-quirk_amd_ide_mode: PCI: modify
SATA IDE mode quirk (345124).
- Fix section mismatch build failure w/ gcc 4.1.2. bug
libata: implement libata.force module parameter
Lots of XEN Fixes (not detailed listed). Lots of RT Fixes (not
- Update to 184.108.40.206
- removes upstreamed patch :
- patches.fixes/vmsplice-pipe-exploit (CVE-2008-0600)
See also :
Update the affected kernel packages.
Risk factor :
High / CVSS Base Score : 7.8
Public Exploit Available : true
Family: SuSE Local Security Checks
Nessus Plugin ID: 33253 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now