SuSE 11.2 Security Update: kernel (2010-01-28)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The Linux kernel for openSUSE 11.2 was updated to 2.6.31.12 to fix the
following bugs and security issues :

- The permission of the devtmpfs root directory was
incorrectly 1777 (instead of 755). If it was used, local
attackers could escalate privileges. (openSUSE 11.2 does
not use this filesystem by default). (CVE-2010-0299)

- The poll_mode_io file for the megaraid_sas driver in the
Linux kernel 2.6.31.6 and earlier has world-writable
permissions, which allows local users to change the I/O
mode of the driver by modifying this file.
(CVE-2009-3939)

- ebtables was lacking a CAP_NET_ADMIN check, making it
possible for local unprivileged attackers to modify the
network bridge management. (CVE-2010-0007)

- An information leakage on fatal signals on x86_64
machines was fixed. (CVE-2010-0003)

- A race condition in fasync handling could be used by
local attackers to crash the machine or potentially
execute code. (CVE-2009-4141)

- The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the
Linux kernel before 2.6.32.4, when network namespaces
are enabled, allows remote attackers to cause a denial
of service (NULL pointer dereference) via an invalid
IPv6 jumbogram. (CVE-2010-0006)

- drivers/net/e1000/e1000_main.c in the e1000 driver in
the Linux kernel 2.6.32.3 and earlier handles Ethernet
frames that exceed the MTU by processing certain
trailing payload data as if it were a complete frame,
which allows remote attackers to bypass packet filters
via a large packet with a crafted payload.
(CVE-2009-4536)

- drivers/net/e1000e/netdev.c in the e1000e driver in the
Linux kernel 2.6.32.3 and earlier does not properly
check the size of an Ethernet frame that exceeds the
MTU, which allows remote attackers to have an
unspecified impact via crafted packets. (CVE-2009-4538)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=565027
https://bugzilla.novell.com/show_bug.cgi?id=574664
https://bugzilla.novell.com/show_bug.cgi?id=573050
https://bugzilla.novell.com/show_bug.cgi?id=565904
https://bugzilla.novell.com/show_bug.cgi?id=492233
https://bugzilla.novell.com/show_bug.cgi?id=552353
https://bugzilla.novell.com/show_bug.cgi?id=557180
https://bugzilla.novell.com/show_bug.cgi?id=540589
https://bugzilla.novell.com/show_bug.cgi?id=565083
https://bugzilla.novell.com/show_bug.cgi?id=569902
https://bugzilla.novell.com/show_bug.cgi?id=570606
https://bugzilla.novell.com/show_bug.cgi?id=568231
https://bugzilla.novell.com/show_bug.cgi?id=567340
https://bugzilla.novell.com/show_bug.cgi?id=568120
https://bugzilla.novell.com/show_bug.cgi?id=537016
https://bugzilla.novell.com/show_bug.cgi?id=568120
https://bugzilla.novell.com/show_bug.cgi?id=569902
https://bugzilla.novell.com/show_bug.cgi?id=568305
https://bugzilla.novell.com/show_bug.cgi?id=551356
https://bugzilla.novell.com/show_bug.cgi?id=535939
https://bugzilla.novell.com/show_bug.cgi?id=564940

Solution :

Update the affected kernel packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now