SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6632)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.

Synopsis :

The remote SuSE 10 host is missing a security-related patch.

Description :

This update fixes a several security issues and various bugs in the
SUSE Linux Enterprise 10 SP 2 kernel.

The following security issues were fixed: CVE-2009-3547: A race
condition during pipe open could be used by local attackers to elevate

- On x86_64 systems a information leak of high register
contents (upper 32bit) was fixed. (CVE-2009-2910)

- The randomness of the ASLR methods used in the kernel
was increased. (CVE-2009-3238)

- A information leak from the kernel due to uninitialized
memory in AGP handling was fixed. (CVE-2009-1192)

- A signed comparison in the ax25 sockopt handler was
fixed which could be used to crash the kernel or
potentially execute code. (CVE-2009-2909)

- The execve function in the Linux kernel did not properly
clear the current->clear_child_tid pointer, which allows
local users to cause a denial of service (memory
corruption) or possibly gain privileges via a clone
system call with CLONE_CHILD_SETTID or
CLONE_CHILD_CLEARTID enabled, which is not properly
handled during thread creation and exit. (CVE-2009-2848)

- Fixed various sockethandler getname leaks, which could
disclose memory previously used by the kernel or other
userland processes to the local attacker.

- Multiple buffer overflows in the cifs subsystem in the
Linux kernel allow remote CIFS servers to cause a denial
of service (memory corruption) and possibly have
unspecified other impact via (1) a malformed Unicode
string, related to Unicode string area alignment in
fs/cifs/sess.c; or (2) long Unicode characters, related
to fs/cifs/cifssmb.c and the cifs_readdir function in
fs/cifs/readdir.c. (CVE-2009-1633)

Also see the RPM changelog for more changes.

See also :

Solution :

Apply ZYPP patch number 6632.

Risk factor :

High / CVSS Base Score : 7.8
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 42465 ()

Bugtraq ID:

CVE ID: CVE-2009-1192

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now