SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3068 / 3069 / 3070)

This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

This SUSE Linux Enterprise 11 Service Pack 1 kernel contains various
security fixes and lots of other bugfixes.

Notable larger bugfixes and changes :

- 603464: Fix system freezewhen doing a network crashdump
with a netxen_nic driver

- 610828: Avoid kernel failure on connects/disconnects to
a novell server with Novell Client 2.0

- 612009: Fix Oracle issues due to problems with OCFS

- 614332: Fix SMB processes stuck in uninteruptible sleep
when using (LVS/ClusteredIP) + CTDB + OCFS2

- 619525: Fix igb driver regression

- 626321: Add patch for Apparent OCFS2 corruption after
removing a bunch of reflinks

- 627518: Avoid System hangs up after failed to copy files
from smb server

- 629552: Skip Tape rewind during boot or a scsi scan The
following security issues were fixed :

- insufficient range checks on the ETHTOOL_GRXCLSRLALL
command allowed local users to at least crash the
kernel. (CVE-2010-2478)

- Specially crafted NFS write requests could crash the
kernel. (CVE-2010-2521)

- a malicious local user could fill the cache used by CIFS
do perform dns lookups with chosen data, therefore
tricking the kernel into mounting a wrong CIFS server.
(CVE-2010-2524)

- a local user could overwrite append-only files on a
btrfs file system. (CVE-2010-2537)

- a local user could read kernel memory of a btrfs file
system. (CVE-2010-2538)

- local users could trigger a NULL derefence via gfs2 file
system. (CVE-2010-2798)

- driver specific drm ioctl could leak kernel memory to
users with access to dri devices. (CVE-2010-2803)

- 'tc dump' could leak some kernel memory. (CVE-2010-2942)

- the 'os2' xaddr namespace could be used to bypass xattr
namespace rules. (CVE-2010-2946)

- integer overflows in the CAN subsystem allowed attackers
to crash the kernel or gain privileges. (CVE-2010-2959)

- certain write operations on an ext4 filesystem could
crash the kernel. (CVE-2010-3015)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=529535
https://bugzilla.novell.com/show_bug.cgi?id=577967
https://bugzilla.novell.com/show_bug.cgi?id=600579
https://bugzilla.novell.com/show_bug.cgi?id=602150
https://bugzilla.novell.com/show_bug.cgi?id=603464
https://bugzilla.novell.com/show_bug.cgi?id=609172
https://bugzilla.novell.com/show_bug.cgi?id=610828
https://bugzilla.novell.com/show_bug.cgi?id=611094
https://bugzilla.novell.com/show_bug.cgi?id=612009
https://bugzilla.novell.com/show_bug.cgi?id=613273
https://bugzilla.novell.com/show_bug.cgi?id=613330
https://bugzilla.novell.com/show_bug.cgi?id=614332
https://bugzilla.novell.com/show_bug.cgi?id=615557
https://bugzilla.novell.com/show_bug.cgi?id=616464
https://bugzilla.novell.com/show_bug.cgi?id=617464
https://bugzilla.novell.com/show_bug.cgi?id=618157
https://bugzilla.novell.com/show_bug.cgi?id=618424
https://bugzilla.novell.com/show_bug.cgi?id=618444
https://bugzilla.novell.com/show_bug.cgi?id=619002
https://bugzilla.novell.com/show_bug.cgi?id=619525
https://bugzilla.novell.com/show_bug.cgi?id=620372
https://bugzilla.novell.com/show_bug.cgi?id=621111
https://bugzilla.novell.com/show_bug.cgi?id=621598
https://bugzilla.novell.com/show_bug.cgi?id=621715
https://bugzilla.novell.com/show_bug.cgi?id=622635
https://bugzilla.novell.com/show_bug.cgi?id=622727
https://bugzilla.novell.com/show_bug.cgi?id=624340
https://bugzilla.novell.com/show_bug.cgi?id=624436
https://bugzilla.novell.com/show_bug.cgi?id=624587
https://bugzilla.novell.com/show_bug.cgi?id=624606
https://bugzilla.novell.com/show_bug.cgi?id=625167
https://bugzilla.novell.com/show_bug.cgi?id=625666
https://bugzilla.novell.com/show_bug.cgi?id=626321
https://bugzilla.novell.com/show_bug.cgi?id=627060
https://bugzilla.novell.com/show_bug.cgi?id=627386
https://bugzilla.novell.com/show_bug.cgi?id=627447
https://bugzilla.novell.com/show_bug.cgi?id=627518
https://bugzilla.novell.com/show_bug.cgi?id=628604
https://bugzilla.novell.com/show_bug.cgi?id=629263
https://bugzilla.novell.com/show_bug.cgi?id=629552
https://bugzilla.novell.com/show_bug.cgi?id=630068
https://bugzilla.novell.com/show_bug.cgi?id=630121
https://bugzilla.novell.com/show_bug.cgi?id=630132
https://bugzilla.novell.com/show_bug.cgi?id=631801
https://bugzilla.novell.com/show_bug.cgi?id=632309
https://bugzilla.novell.com/show_bug.cgi?id=632974
https://bugzilla.novell.com/show_bug.cgi?id=632975
https://bugzilla.novell.com/show_bug.cgi?id=633581
https://bugzilla.novell.com/show_bug.cgi?id=633585
http://support.novell.com/security/cve/CVE-2010-2478.html
http://support.novell.com/security/cve/CVE-2010-2521.html
http://support.novell.com/security/cve/CVE-2010-2524.html
http://support.novell.com/security/cve/CVE-2010-2537.html
http://support.novell.com/security/cve/CVE-2010-2538.html
http://support.novell.com/security/cve/CVE-2010-2798.html
http://support.novell.com/security/cve/CVE-2010-2803.html
http://support.novell.com/security/cve/CVE-2010-2942.html
http://support.novell.com/security/cve/CVE-2010-2946.html
http://support.novell.com/security/cve/CVE-2010-2959.html
http://support.novell.com/security/cve/CVE-2010-3015.html

Solution :

Apply SAT patch number 3068 / 3069 / 3070 as appropriate.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now