SuSE 11 Security Update : Linux kernel (SAT Patch Number 1086)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

The SUSE Linux Enterprise 11 kernel was updated to fix various bugs
and several security issues. It was also updated to the stable release
2.6.27.25.

The following security issues were fixed :

- A local denial of service problem in the splice(2)
system call was fixed. (CVE-2009-1961)

- A crash on r8169 network cards when receiving large
packets was fixed. (CVE-2009-1389)

- Integer underflow in the e1000_clean_rx_irq function in
drivers/net/e1000/e1000_main.c in the e1000 driver in
the Linux kernel, the e1000e driver in the Linux kernel,
and Intel Wired Ethernet (aka e1000) before 7.5.5 allows
remote attackers to cause a denial of service (panic)
via a crafted frame size. (CVE-2009-1385)

- The nfs_permission function in fs/nfs/dir.c in the NFS
client implementation in the Linux kernel, when
atomic_open is available, does not check execute (aka
EXEC or MAY_EXEC) permission bits, which allows local
users to bypass permissions and execute files, as
demonstrated by files on an NFSv4 fileserver.
(CVE-2009-1630)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=185164
https://bugzilla.novell.com/show_bug.cgi?id=191648
https://bugzilla.novell.com/show_bug.cgi?id=395775
https://bugzilla.novell.com/show_bug.cgi?id=439775
https://bugzilla.novell.com/show_bug.cgi?id=450658
https://bugzilla.novell.com/show_bug.cgi?id=475149
https://bugzilla.novell.com/show_bug.cgi?id=476525
https://bugzilla.novell.com/show_bug.cgi?id=476822
https://bugzilla.novell.com/show_bug.cgi?id=478462
https://bugzilla.novell.com/show_bug.cgi?id=481074
https://bugzilla.novell.com/show_bug.cgi?id=484716
https://bugzilla.novell.com/show_bug.cgi?id=485768
https://bugzilla.novell.com/show_bug.cgi?id=487247
https://bugzilla.novell.com/show_bug.cgi?id=491802
https://bugzilla.novell.com/show_bug.cgi?id=493214
https://bugzilla.novell.com/show_bug.cgi?id=495065
https://bugzilla.novell.com/show_bug.cgi?id=495091
https://bugzilla.novell.com/show_bug.cgi?id=497341
https://bugzilla.novell.com/show_bug.cgi?id=497648
https://bugzilla.novell.com/show_bug.cgi?id=498358
https://bugzilla.novell.com/show_bug.cgi?id=498369
https://bugzilla.novell.com/show_bug.cgi?id=499152
https://bugzilla.novell.com/show_bug.cgi?id=499278
https://bugzilla.novell.com/show_bug.cgi?id=499845
https://bugzilla.novell.com/show_bug.cgi?id=500429
https://bugzilla.novell.com/show_bug.cgi?id=501396
https://bugzilla.novell.com/show_bug.cgi?id=501651
https://bugzilla.novell.com/show_bug.cgi?id=502675
https://bugzilla.novell.com/show_bug.cgi?id=502903
https://bugzilla.novell.com/show_bug.cgi?id=503353
https://bugzilla.novell.com/show_bug.cgi?id=503635
https://bugzilla.novell.com/show_bug.cgi?id=503855
https://bugzilla.novell.com/show_bug.cgi?id=505578
https://bugzilla.novell.com/show_bug.cgi?id=506361
https://bugzilla.novell.com/show_bug.cgi?id=507557
https://bugzilla.novell.com/show_bug.cgi?id=509071
https://bugzilla.novell.com/show_bug.cgi?id=509544
https://bugzilla.novell.com/show_bug.cgi?id=509822
https://bugzilla.novell.com/show_bug.cgi?id=511243
https://bugzilla.novell.com/show_bug.cgi?id=514644
https://bugzilla.novell.com/show_bug.cgi?id=516213
https://bugzilla.novell.com/show_bug.cgi?id=516827
http://support.novell.com/security/cve/CVE-2009-1385.html
http://support.novell.com/security/cve/CVE-2009-1389.html
http://support.novell.com/security/cve/CVE-2009-1630.html
http://support.novell.com/security/cve/CVE-2009-1961.html

Solution :

Apply SAT patch number 1086.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 41412 ()

Bugtraq ID:

CVE ID: CVE-2009-1385
CVE-2009-1389
CVE-2009-1630
CVE-2009-1961

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now