SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1079 / 1087)

This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.

Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

The SUSE Linux Enterprise 11 kernel was updated to fix various bugs
and several security issues. It was also updated to the stable release

The following security issues were fixed :

- A local denial of service problem in the splice(2)
system call was fixed. (CVE-2009-1961)

- A crash on r8169 network cards when receiving large
packets was fixed. (CVE-2009-1389)

- Integer underflow in the e1000_clean_rx_irq function in
drivers/net/e1000/e1000_main.c in the e1000 driver in
the Linux kernel, the e1000e driver in the Linux kernel,
and Intel Wired Ethernet (aka e1000) before 7.5.5 allows
remote attackers to cause a denial of service (panic)
via a crafted frame size. (CVE-2009-1385)

- The nfs_permission function in fs/nfs/dir.c in the NFS
client implementation in the Linux kernel, when
atomic_open is available, does not check execute (aka
EXEC or MAY_EXEC) permission bits, which allows local
users to bypass permissions and execute files, as
demonstrated by files on an NFSv4 fileserver.

See also :

Solution :

Apply SAT patch number 1079 / 1087 as appropriate.

Risk factor :

High / CVSS Base Score : 7.8

Family: SuSE Local Security Checks

Nessus Plugin ID: 51607 ()

Bugtraq ID:

CVE ID: CVE-2009-1385

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now