SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 3358 / 3361 / 3362)

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

This security update of the SUSE Linux Enterprise 11 GA kernel updates
the kernel to 2.6.27.54 and fixes various security issues and other
bugs.

The following security issues were fixed :

- Multiple integer signedness errors in net/rose/af_rose.c
in the Linux kernel allowed local users to cause a
denial of service (heap memory corruption) or possibly
have unspecified other impact via a rose_getname
function call, related to the rose_bind and rose_connect
functions. (CVE-2010-3310)

- A kernel information leak via the WEXT ioctl was fixed.
(CVE-2010-2955)

- A double free in an alsa error path was fixed, which
could lead to kernel crashes. (CVE-2010-3080)

- Fixed a kernel information leak in the xfs filesystem.
(CVE-2010-3078)

- Fixed a kernel information leak in the cxgb3 driver.
(CVE-2010-3296)

- Fixed a kernel information leak in the net/eql driver.
(CVE-2010-3297)

- The irda_bind function in net/irda/af_irda.c in the
Linux kernel did not properly handle failure of the
irda_open_tsap function, which allowed local users to
cause a denial of service (NULL pointer dereference and
panic) and possibly have unspecified other impact via
multiple unsuccessful calls to bind on an AF_IRDA (aka
PF_IRDA) socket. (CVE-2010-2954)

- The 'os2' xattr namespace on the jfs filesystem could be
used to bypass xattr namespace rules. (CVE-2010-2946)

- Fixed a kernel information leak in the net scheduler
code. (CVE-2010-2942)

- Integer overflow in the ext4_ext_get_blocks function in
fs/ext4/extents.c in the Linux kernel allowed local
users to cause a denial of service (BUG and system
crash) via a write operation on the last block of a
large file, followed by a sync operation.
(CVE-2010-3015)

- The drm_ioctl function in drivers/gpu/drm/drm_drv.c in
the Direct Rendering Manager (DRM) subsystem in the
Linux kernel allowed local users to obtain potentially
sensitive information from kernel memory by requesting a
large memory-allocation amount. (CVE-2010-2803)

- The gfs2_dirent_find_space function in fs/gfs2/dir.c in
the Linux kernel used an incorrect size value in
calculations associated with sentinel directory entries,
which allowed local users to cause a denial of service
(NULL pointer dereference and panic) and possibly have
unspecified other impact by renaming a file in a GFS2
filesystem, related to the gfs2_rename function in
fs/gfs2/ops_inode.c. (CVE-2010-2798)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=472432
https://bugzilla.novell.com/show_bug.cgi?id=524981
https://bugzilla.novell.com/show_bug.cgi?id=536699
https://bugzilla.novell.com/show_bug.cgi?id=576344
https://bugzilla.novell.com/show_bug.cgi?id=577967
https://bugzilla.novell.com/show_bug.cgi?id=598293
https://bugzilla.novell.com/show_bug.cgi?id=601283
https://bugzilla.novell.com/show_bug.cgi?id=603411
https://bugzilla.novell.com/show_bug.cgi?id=607123
https://bugzilla.novell.com/show_bug.cgi?id=608994
https://bugzilla.novell.com/show_bug.cgi?id=609506
https://bugzilla.novell.com/show_bug.cgi?id=610362
https://bugzilla.novell.com/show_bug.cgi?id=613273
https://bugzilla.novell.com/show_bug.cgi?id=615143
https://bugzilla.novell.com/show_bug.cgi?id=616080
https://bugzilla.novell.com/show_bug.cgi?id=619470
https://bugzilla.novell.com/show_bug.cgi?id=620443
https://bugzilla.novell.com/show_bug.cgi?id=624850
https://bugzilla.novell.com/show_bug.cgi?id=627386
https://bugzilla.novell.com/show_bug.cgi?id=627447
https://bugzilla.novell.com/show_bug.cgi?id=628604
https://bugzilla.novell.com/show_bug.cgi?id=631801
https://bugzilla.novell.com/show_bug.cgi?id=632309
https://bugzilla.novell.com/show_bug.cgi?id=632568
https://bugzilla.novell.com/show_bug.cgi?id=633543
https://bugzilla.novell.com/show_bug.cgi?id=633585
https://bugzilla.novell.com/show_bug.cgi?id=633593
https://bugzilla.novell.com/show_bug.cgi?id=634991
https://bugzilla.novell.com/show_bug.cgi?id=635413
https://bugzilla.novell.com/show_bug.cgi?id=635425
https://bugzilla.novell.com/show_bug.cgi?id=636112
https://bugzilla.novell.com/show_bug.cgi?id=636461
https://bugzilla.novell.com/show_bug.cgi?id=636850
https://bugzilla.novell.com/show_bug.cgi?id=637436
https://bugzilla.novell.com/show_bug.cgi?id=638277
https://bugzilla.novell.com/show_bug.cgi?id=638324
https://bugzilla.novell.com/show_bug.cgi?id=639481
https://bugzilla.novell.com/show_bug.cgi?id=639482
https://bugzilla.novell.com/show_bug.cgi?id=639709
https://bugzilla.novell.com/show_bug.cgi?id=640660
https://bugzilla.novell.com/show_bug.cgi?id=640721
http://support.novell.com/security/cve/CVE-2010-2798.html
http://support.novell.com/security/cve/CVE-2010-2803.html
http://support.novell.com/security/cve/CVE-2010-2942.html
http://support.novell.com/security/cve/CVE-2010-2946.html
http://support.novell.com/security/cve/CVE-2010-2954.html
http://support.novell.com/security/cve/CVE-2010-2955.html
http://support.novell.com/security/cve/CVE-2010-3015.html
http://support.novell.com/security/cve/CVE-2010-3078.html
http://support.novell.com/security/cve/CVE-2010-3080.html
http://support.novell.com/security/cve/CVE-2010-3296.html
http://support.novell.com/security/cve/CVE-2010-3297.html
http://support.novell.com/security/cve/CVE-2010-3310.html

Solution :

Apply SAT patch number 3358 / 3361 / 3362 as appropriate.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now