This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
This is a respin of the previous kernel update, which got retracted
due to an IDE-CDROM regression, where any IDE CDROM access would hang
or crash the system. Only this problem was fixed additionally.
This kernel update fixes the following security problems :
- On x86_64 a denial of service attack could be used by
local attackers to immediately panic / crash the
- Fixed a SMP ordering problem in fcntl_setlk could
potentially allow local attackers to execute code by
timing file locking. (CVE-2008-1669)
- Fixed a resource starvation problem in the handling of
ZERO mmap pages. (CVE-2008-2372)
- The asn1 implementation in (a) the Linux kernel, as used
in the cifs and ip_nat_snmp_basic modules does not
properly validate length values during decoding of ASN.1
BER data, which allows remote attackers to cause a
denial of service (crash) or execute arbitrary code via
(1) a length greater than the working buffer, which can
lead to an unspecified overflow; (2) an oid length of
zero, which can lead to an off-by-one error; or (3) an
indefinite length for a primitive encoding.
- Various tty / serial devices did not check
functionpointers for NULL before calling them, leading
to potential crashes or code execution. The devices
affected are usually only accessible by the root user
- A missing permission check in mount changing was added
which could have been used by local attackers to change
the mountdirectory. (CVE-2008-2931)
Additionally a very large number of bugs was fixed. Details can be
found in the RPM changelog of the included packages.
OCFS2 has been upgraded to the 1.4.1 release :
- Endian fixes
- Use slab caches for DLM objects
- Export DLM state info to debugfs
- Avoid ENOSPC in rare conditions when free inodes are
reserved by other nodes
- Error handling fix in ocfs2_start_walk_page_trans()
- Cleanup lockres printing
- Allow merging of extents
- Fix to allow changing permissions of symlinks
- Merged local fixes upstream (no code change)
See also :
Apply ZYPP patch number 5477.
Risk factor :
Critical / CVSS Base Score : 10.0
Family: SuSE Local Security Checks
Nessus Plugin ID: 59129 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now