openSUSE Security Update : kernel (kernel-67)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE 11.0 kernel was updated to 2.6.25.9.

It fixes two security problems: CVE-2008-2372: A resource starvation
issue within mmap was fixed, which could have been used by local
attackers to hang the machine.

CVE-2008-2826: A integer overflow in SCTP was fixed, which might have
been used by remote attackers to crash the machine or potentially
execute code.

The update also has lots of other bugfixes that are listed in the RPM
changelog.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=300001
https://bugzilla.novell.com/show_bug.cgi?id=333043
https://bugzilla.novell.com/show_bug.cgi?id=351119
https://bugzilla.novell.com/show_bug.cgi?id=369558
https://bugzilla.novell.com/show_bug.cgi?id=374637
https://bugzilla.novell.com/show_bug.cgi?id=389656
https://bugzilla.novell.com/show_bug.cgi?id=390384
https://bugzilla.novell.com/show_bug.cgi?id=394566
https://bugzilla.novell.com/show_bug.cgi?id=396129
https://bugzilla.novell.com/show_bug.cgi?id=396311
https://bugzilla.novell.com/show_bug.cgi?id=397097
https://bugzilla.novell.com/show_bug.cgi?id=398270
https://bugzilla.novell.com/show_bug.cgi?id=398370
https://bugzilla.novell.com/show_bug.cgi?id=398573
https://bugzilla.novell.com/show_bug.cgi?id=400728
https://bugzilla.novell.com/show_bug.cgi?id=400729
https://bugzilla.novell.com/show_bug.cgi?id=400730
https://bugzilla.novell.com/show_bug.cgi?id=402607
https://bugzilla.novell.com/show_bug.cgi?id=402608
https://bugzilla.novell.com/show_bug.cgi?id=402612

Solution :

Update the affected kernel packages.

Risk factor :

Medium / CVSS Base Score : 4.9
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 40007 ()

Bugtraq ID:

CVE ID: CVE-2008-2372
CVE-2008-2826

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now