openSUSE Security Update : kernel (openSUSE-SU-2013:1005-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE 12.1 kernel was updated to fix a critical security issue
and also some reiserfs bugs.

CVE-2013-2850: Incorrect strncpy usage in the network listening part
of the iscsi target driver could have been used by remote attackers to
crash the kernel or execute code.

This required the iscsi target running on the machine and the attacker
able to make a network connection to it (aka not filtered by

Bugs :

- reiserfs: fix spurious multiple-fill in
reiserfs_readdir_dentry (bnc#822722).

- reiserfs: fix problems with chowning setuid file w/
xattrs (bnc#790920).

See also :

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 7.9

Family: SuSE Local Security Checks

Nessus Plugin ID: 75024 ()

Bugtraq ID:

CVE ID: CVE-2013-2850

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now