This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes
various bugs and security issues.
The following security issues are addressed :
- fs/open.c in the Linux kernel before 2.6.22 does not
properly strip setuid and setgid bits when there is a
write to a file, which allows local users to gain the
privileges of a different group, and obtain sensitive
information or possibly have unspecified other impact,
by creating an executable file in a setgid directory
through the (1) truncate or (2) ftruncate function in
conjunction with memory-mapped I/O. (CVE-2008-4210)
- The ext filesystem code fails to properly handle
corrupted data structures. With a mounted filesystem
image or partition that have corrupted dir->i_size and
dir->i_blocks, a user performing either a read or write
operation on the mounted image or partition can lead to
a possible denial of service by spamming the logfile.
- fs/direct-io.c in the dio subsystem in the Linux kernel
did not properly zero out the dio struct, which allows
local users to cause a denial of service (OOPS), as
demonstrated by a certain fio test. (CVE-2007-6716)
All other bugfixes can be found by looking at the RPM changelog.
See also :
Apply ZYPP patch number 5735.
Risk factor :
Medium / CVSS Base Score : 4.7