openSUSE Security Update : kernel (kernel-932)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This Linux kernel update for openSUSE 11.1 fixes lots of bugs and some
security issues. The kernel was also updated to the 2.6.27.23 stable
release.

Following security issues have been fixed: CVE-2009-1439: Buffer
overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and
earlier allows remote attackers to cause a denial of service (crash)
or potential code execution via a long nativeFileSystem field in a
Tree Connect response to an SMB mount request.

This requires that kernel can be made to mount a 'cifs' filesystem
from a malicious CIFS server.

CVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux
kernel did not restrict exit signals when the CAP_KILL capability is
held, which allows local users to send an arbitrary signal to a
process by running a program that modifies the exit_signal field and
then uses an exec system call to launch a setuid application.

The GCC option -fwrapv has been added to compilation to work around
potentially removing integer overflow checks.

CVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in
the Linux kernel might allow attackers to obtain sensitive information
via a large length value, which causes 'garbage' memory to be sent.

CVE-2009-1242: The vmx_set_msr function in arch/x86/kvm/vmx.c in the
VMX implementation in the KVM subsystem in the Linux kernel on the
i386 platform allows guest OS users to cause a denial of service
(OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the
Extended Feature Enable Register (EFER) model-specific register, which
is specific to the x86_64 platform.

CVE-2009-1360: The __inet6_check_established function in
net/ipv6/inet6_hashtables.c in the Linux kernel, when Network
Namespace Support (aka NET_NS) is enabled, allows remote attackers to
cause a denial of service (NULL pointer dereference and system crash)
via vectors involving IPv6 packets.

CVE-2009-1192: drivers/char/agp/generic.c in the agp subsystem in the
Linux kernel does not zero out pages that may later be available to a
user-space process, which allows local users to obtain sensitive
information by reading these pages.

Additionaly a lot of bugs have been fixed and are listed in the RPM
changelog.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=408304
https://bugzilla.novell.com/show_bug.cgi?id=459065
https://bugzilla.novell.com/show_bug.cgi?id=460284
https://bugzilla.novell.com/show_bug.cgi?id=464360
https://bugzilla.novell.com/show_bug.cgi?id=465854
https://bugzilla.novell.com/show_bug.cgi?id=467518
https://bugzilla.novell.com/show_bug.cgi?id=474062
https://bugzilla.novell.com/show_bug.cgi?id=483706
https://bugzilla.novell.com/show_bug.cgi?id=484931
https://bugzilla.novell.com/show_bug.cgi?id=486430
https://bugzilla.novell.com/show_bug.cgi?id=486803
https://bugzilla.novell.com/show_bug.cgi?id=487106
https://bugzilla.novell.com/show_bug.cgi?id=487755
https://bugzilla.novell.com/show_bug.cgi?id=487987
https://bugzilla.novell.com/show_bug.cgi?id=489005
https://bugzilla.novell.com/show_bug.cgi?id=489105
https://bugzilla.novell.com/show_bug.cgi?id=490368
https://bugzilla.novell.com/show_bug.cgi?id=490608
https://bugzilla.novell.com/show_bug.cgi?id=490902
https://bugzilla.novell.com/show_bug.cgi?id=491289
https://bugzilla.novell.com/show_bug.cgi?id=491430
https://bugzilla.novell.com/show_bug.cgi?id=492282
https://bugzilla.novell.com/show_bug.cgi?id=492760
https://bugzilla.novell.com/show_bug.cgi?id=492768
https://bugzilla.novell.com/show_bug.cgi?id=493392
https://bugzilla.novell.com/show_bug.cgi?id=493991
https://bugzilla.novell.com/show_bug.cgi?id=494463
https://bugzilla.novell.com/show_bug.cgi?id=495068
https://bugzilla.novell.com/show_bug.cgi?id=495515
https://bugzilla.novell.com/show_bug.cgi?id=495668
https://bugzilla.novell.com/show_bug.cgi?id=495816
https://bugzilla.novell.com/show_bug.cgi?id=496027
https://bugzilla.novell.com/show_bug.cgi?id=496353
https://bugzilla.novell.com/show_bug.cgi?id=496398
https://bugzilla.novell.com/show_bug.cgi?id=496399
https://bugzilla.novell.com/show_bug.cgi?id=496502
https://bugzilla.novell.com/show_bug.cgi?id=496878
https://bugzilla.novell.com/show_bug.cgi?id=497807
https://bugzilla.novell.com/show_bug.cgi?id=498042
https://bugzilla.novell.com/show_bug.cgi?id=498237
https://bugzilla.novell.com/show_bug.cgi?id=499558
https://bugzilla.novell.com/show_bug.cgi?id=499772
https://bugzilla.novell.com/show_bug.cgi?id=499845
https://bugzilla.novell.com/show_bug.cgi?id=500508
https://bugzilla.novell.com/show_bug.cgi?id=501114
https://bugzilla.novell.com/show_bug.cgi?id=501160
https://bugzilla.novell.com/show_bug.cgi?id=501224
https://bugzilla.novell.com/show_bug.cgi?id=501234
https://bugzilla.novell.com/show_bug.cgi?id=502026
https://bugzilla.novell.com/show_bug.cgi?id=502425
https://bugzilla.novell.com/show_bug.cgi?id=502733
https://bugzilla.novell.com/show_bug.cgi?id=502903
https://bugzilla.novell.com/show_bug.cgi?id=503038
https://bugzilla.novell.com/show_bug.cgi?id=503101
https://bugzilla.novell.com/show_bug.cgi?id=503161
https://bugzilla.novell.com/show_bug.cgi?id=503457
https://bugzilla.novell.com/show_bug.cgi?id=505831
https://bugzilla.novell.com/show_bug.cgi?id=505925

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 40250 ()

Bugtraq ID:

CVE ID: CVE-2009-1192
CVE-2009-1242
CVE-2009-1265
CVE-2009-1337
CVE-2009-1360
CVE-2009-1439

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now