openSUSE Security Update : kernel (kernel-559)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update fixes several security issues and hundreds of bugs in the
openSUSE 11.1 kernel.

The kernel was also updated to the stable version 2.6.27.19 and is now
the same kernel as we are planning to ship with SUSE Linux Enterprise
11.

This introduces kABI changes, so all kernel module packages also need
to be rebuilt and reapplied.

Following security issues are fixed: CVE-2009-0029: The ABI in the
Linux kernel on s390, powerpc, sparc64, and mips 64-bit platforms
requires that a 32-bit argument in a 64-bit register was properly sign
extended when sent from a user-mode application, but cannot verify
this, which allows local users to cause a denial of service (crash) or
possibly gain privileges via a crafted system call.

CVE-2008-5079: net/atm/svc.c in the ATM subsystem in the Linux kernel
allows local users to cause a denial of service (kernel infinite loop)
by making two calls to svc_listen for the same socket, and then
reading a /proc/net/atm/*vc file, related to corruption of the vcc
table.

CVE-2009-0028: A minor signal handling vulnerability was fixed, where
a child could send his parent a arbitrary signal.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=362159
https://bugzilla.novell.com/show_bug.cgi?id=395775
https://bugzilla.novell.com/show_bug.cgi?id=398270
https://bugzilla.novell.com/show_bug.cgi?id=399966
https://bugzilla.novell.com/show_bug.cgi?id=417294
https://bugzilla.novell.com/show_bug.cgi?id=426159
https://bugzilla.novell.com/show_bug.cgi?id=429984
https://bugzilla.novell.com/show_bug.cgi?id=430738
https://bugzilla.novell.com/show_bug.cgi?id=438608
https://bugzilla.novell.com/show_bug.cgi?id=438954
https://bugzilla.novell.com/show_bug.cgi?id=440497
https://bugzilla.novell.com/show_bug.cgi?id=440959
https://bugzilla.novell.com/show_bug.cgi?id=441335
https://bugzilla.novell.com/show_bug.cgi?id=441793
https://bugzilla.novell.com/show_bug.cgi?id=442668
https://bugzilla.novell.com/show_bug.cgi?id=442923
https://bugzilla.novell.com/show_bug.cgi?id=443379
https://bugzilla.novell.com/show_bug.cgi?id=443667
https://bugzilla.novell.com/show_bug.cgi?id=444199
https://bugzilla.novell.com/show_bug.cgi?id=444346
https://bugzilla.novell.com/show_bug.cgi?id=444597
https://bugzilla.novell.com/show_bug.cgi?id=446733
https://bugzilla.novell.com/show_bug.cgi?id=447249
https://bugzilla.novell.com/show_bug.cgi?id=447371
https://bugzilla.novell.com/show_bug.cgi?id=447406
https://bugzilla.novell.com/show_bug.cgi?id=447564
https://bugzilla.novell.com/show_bug.cgi?id=447624
https://bugzilla.novell.com/show_bug.cgi?id=447835
https://bugzilla.novell.com/show_bug.cgi?id=449519
https://bugzilla.novell.com/show_bug.cgi?id=449799
https://bugzilla.novell.com/show_bug.cgi?id=449812
https://bugzilla.novell.com/show_bug.cgi?id=450579
https://bugzilla.novell.com/show_bug.cgi?id=450658
https://bugzilla.novell.com/show_bug.cgi?id=455929
https://bugzilla.novell.com/show_bug.cgi?id=456405
https://bugzilla.novell.com/show_bug.cgi?id=456408
https://bugzilla.novell.com/show_bug.cgi?id=456433
https://bugzilla.novell.com/show_bug.cgi?id=456532
https://bugzilla.novell.com/show_bug.cgi?id=456654
https://bugzilla.novell.com/show_bug.cgi?id=456747
https://bugzilla.novell.com/show_bug.cgi?id=457029
https://bugzilla.novell.com/show_bug.cgi?id=457041
https://bugzilla.novell.com/show_bug.cgi?id=457043
https://bugzilla.novell.com/show_bug.cgi?id=457062
https://bugzilla.novell.com/show_bug.cgi?id=457526
https://bugzilla.novell.com/show_bug.cgi?id=457886
https://bugzilla.novell.com/show_bug.cgi?id=457896
https://bugzilla.novell.com/show_bug.cgi?id=457897
https://bugzilla.novell.com/show_bug.cgi?id=457898
https://bugzilla.novell.com/show_bug.cgi?id=457909
https://bugzilla.novell.com/show_bug.cgi?id=458037
https://bugzilla.novell.com/show_bug.cgi?id=458186
https://bugzilla.novell.com/show_bug.cgi?id=458192
https://bugzilla.novell.com/show_bug.cgi?id=458222
https://bugzilla.novell.com/show_bug.cgi?id=458380
https://bugzilla.novell.com/show_bug.cgi?id=458393
https://bugzilla.novell.com/show_bug.cgi?id=458499
https://bugzilla.novell.com/show_bug.cgi?id=458625
https://bugzilla.novell.com/show_bug.cgi?id=459557
https://bugzilla.novell.com/show_bug.cgi?id=461108
https://bugzilla.novell.com/show_bug.cgi?id=462527
https://bugzilla.novell.com/show_bug.cgi?id=462551
https://bugzilla.novell.com/show_bug.cgi?id=463313
https://bugzilla.novell.com/show_bug.cgi?id=464329
https://bugzilla.novell.com/show_bug.cgi?id=465953
https://bugzilla.novell.com/show_bug.cgi?id=472789
https://bugzilla.novell.com/show_bug.cgi?id=472896
https://bugzilla.novell.com/show_bug.cgi?id=473537
https://bugzilla.novell.com/show_bug.cgi?id=473602
https://bugzilla.novell.com/show_bug.cgi?id=473604
https://bugzilla.novell.com/show_bug.cgi?id=473916
https://bugzilla.novell.com/show_bug.cgi?id=473918
https://bugzilla.novell.com/show_bug.cgi?id=473932
https://bugzilla.novell.com/show_bug.cgi?id=474043
https://bugzilla.novell.com/show_bug.cgi?id=474301
https://bugzilla.novell.com/show_bug.cgi?id=475107
https://bugzilla.novell.com/show_bug.cgi?id=475619
https://bugzilla.novell.com/show_bug.cgi?id=475903
https://bugzilla.novell.com/show_bug.cgi?id=476206
https://bugzilla.novell.com/show_bug.cgi?id=476877
https://bugzilla.novell.com/show_bug.cgi?id=477843
https://bugzilla.novell.com/show_bug.cgi?id=477927
https://bugzilla.novell.com/show_bug.cgi?id=477931
https://bugzilla.novell.com/show_bug.cgi?id=477953
https://bugzilla.novell.com/show_bug.cgi?id=477999
https://bugzilla.novell.com/show_bug.cgi?id=478158
https://bugzilla.novell.com/show_bug.cgi?id=478551
https://bugzilla.novell.com/show_bug.cgi?id=478586

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 40248 ()

Bugtraq ID:

CVE ID: CVE-2008-5079
CVE-2009-0028
CVE-2009-0029

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now