openSUSE Security Update : kernel (kernel-559)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update fixes several security issues and hundreds of bugs in the
openSUSE 11.1 kernel.

The kernel was also updated to the stable version and is now
the same kernel as we are planning to ship with SUSE Linux Enterprise

This introduces kABI changes, so all kernel module packages also need
to be rebuilt and reapplied.

Following security issues are fixed: CVE-2009-0029: The ABI in the
Linux kernel on s390, powerpc, sparc64, and mips 64-bit platforms
requires that a 32-bit argument in a 64-bit register was properly sign
extended when sent from a user-mode application, but cannot verify
this, which allows local users to cause a denial of service (crash) or
possibly gain privileges via a crafted system call.

CVE-2008-5079: net/atm/svc.c in the ATM subsystem in the Linux kernel
allows local users to cause a denial of service (kernel infinite loop)
by making two calls to svc_listen for the same socket, and then
reading a /proc/net/atm/*vc file, related to corruption of the vcc

CVE-2009-0028: A minor signal handling vulnerability was fixed, where
a child could send his parent a arbitrary signal.

See also :

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 7.2
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 40248 ()

Bugtraq ID:

CVE ID: CVE-2008-5079

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now