openSUSE Security Update : kernel (openSUSE-SU-2010:0895-2)

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This security update of the SUSE Linux Enterprise 11 GA kernel updates
the kernel to 2.6.27.54 and fixes various security issues and other
bugs.

Following security issues were fixed: CVE-2010-3310: Multiple integer
signedness errors in net/rose/af_rose.c in the Linux kernel allowed
local users to cause a denial of service (heap memory corruption) or
possibly have unspecified other impact via a rose_getname function
call, related to the rose_bind and rose_connect functions.

CVE-2010-2955: A kernel information leak via the WEXT ioctl was fixed.

CVE-2010-3080: A double free in an alsa error path was fixed, which
could lead to kernel crashes.

CVE-2010-3078: Fixed a kernel information leak in the xfs filesystem.

CVE-2010-3296: Fixed a kernel information leak in the cxgb3 driver.

CVE-2010-3297: Fixed a kernel information leak in the net/eql driver.

CVE-2010-2954: The irda_bind function in net/irda/af_irda.c in the
Linux kernel did not properly handle failure of the irda_open_tsap
function, which allowed local users to cause a denial of service (NULL
pointer dereference and panic) and possibly have unspecified other
impact via multiple unsuccessful calls to bind on an AF_IRDA (aka
PF_IRDA) socket.

CVE-2010-2946: The 'os2' xattr namespace on the jfs filesystem could
be used to bypass xattr namespace rules.

CVE-2010-2942: Fixed a kernel information leak in the net scheduler
code.

CVE-2010-3015: Integer overflow in the ext4_ext_get_blocks function in
fs/ext4/extents.c in the Linux kernel allowed local users to cause a
denial of service (BUG and system crash) via a write operation on the
last block of a large file, followed by a sync operation.

CVE-2010-2803: The drm_ioctl function in drivers/gpu/drm/drm_drv.c in
the Direct Rendering Manager (DRM) subsystem in the Linux kernel
allowed local users to obtain potentially sensitive information from
kernel memory by requesting a large memory-allocation amount.

CVE-2010-2798: The gfs2_dirent_find_space function in fs/gfs2/dir.c in
the Linux kernel used an incorrect size value in calculations
associated with sentinel directory entries, which allowed local users
to cause a denial of service (NULL pointer dereference and panic) and
possibly have unspecified other impact by renaming a file in a GFS2
filesystem, related to the gfs2_rename function in
fs/gfs2/ops_inode.c.

See also :

http://lists.opensuse.org/opensuse-updates/2010-11/msg00004.html
https://bugzilla.novell.com/show_bug.cgi?id=472432
https://bugzilla.novell.com/show_bug.cgi?id=524981
https://bugzilla.novell.com/show_bug.cgi?id=536699
https://bugzilla.novell.com/show_bug.cgi?id=576344
https://bugzilla.novell.com/show_bug.cgi?id=577967
https://bugzilla.novell.com/show_bug.cgi?id=598293
https://bugzilla.novell.com/show_bug.cgi?id=601283
https://bugzilla.novell.com/show_bug.cgi?id=603411
https://bugzilla.novell.com/show_bug.cgi?id=607123
https://bugzilla.novell.com/show_bug.cgi?id=608994
https://bugzilla.novell.com/show_bug.cgi?id=609506
https://bugzilla.novell.com/show_bug.cgi?id=610362
https://bugzilla.novell.com/show_bug.cgi?id=613273
https://bugzilla.novell.com/show_bug.cgi?id=615143
https://bugzilla.novell.com/show_bug.cgi?id=616080
https://bugzilla.novell.com/show_bug.cgi?id=619470
https://bugzilla.novell.com/show_bug.cgi?id=620443
https://bugzilla.novell.com/show_bug.cgi?id=624850
https://bugzilla.novell.com/show_bug.cgi?id=627386
https://bugzilla.novell.com/show_bug.cgi?id=627447
https://bugzilla.novell.com/show_bug.cgi?id=628604
https://bugzilla.novell.com/show_bug.cgi?id=631801
https://bugzilla.novell.com/show_bug.cgi?id=632309
https://bugzilla.novell.com/show_bug.cgi?id=632568
https://bugzilla.novell.com/show_bug.cgi?id=633543
https://bugzilla.novell.com/show_bug.cgi?id=633585
https://bugzilla.novell.com/show_bug.cgi?id=633593
https://bugzilla.novell.com/show_bug.cgi?id=634991
https://bugzilla.novell.com/show_bug.cgi?id=635413
https://bugzilla.novell.com/show_bug.cgi?id=635425
https://bugzilla.novell.com/show_bug.cgi?id=636112
https://bugzilla.novell.com/show_bug.cgi?id=636461
https://bugzilla.novell.com/show_bug.cgi?id=636850
https://bugzilla.novell.com/show_bug.cgi?id=637436
https://bugzilla.novell.com/show_bug.cgi?id=638277
https://bugzilla.novell.com/show_bug.cgi?id=638324
https://bugzilla.novell.com/show_bug.cgi?id=639481
https://bugzilla.novell.com/show_bug.cgi?id=639482
https://bugzilla.novell.com/show_bug.cgi?id=639709
https://bugzilla.novell.com/show_bug.cgi?id=640660
https://bugzilla.novell.com/show_bug.cgi?id=640721

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now