openSUSE Security Update : kernel (openSUSE-SU-2011:1221-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE 11.3 kernel was updated to fix various bugs and security

Following security issues have been fixed: CVE-2011-1833: Added a
kernel option to ensure ecryptfs is mounting only on paths belonging
to the current ui, which would have allowed local attackers to
potentially gain privileges via symlink attacks.

CVE-2011-3363: Always check the path in CIFS mounts to avoid
interesting filesystem path interaction issues and potential crashes.

CVE-2011-2918: In the perf framework software event overflows could
deadlock or delete an uninitialized timer.

CVE-2011-3353: In the fuse filesystem, FUSE_NOTIFY_INVAL_ENTRY did not
check the length of the write so the message processing could overrun
and result in a BUG_ON() in fuse_copy_fill(). This flaw could be used
by local users able to mount FUSE filesystems to crash the system.

CVE-2011-3191: A signedness issue in CIFS could possibly have lead to
to memory corruption, if a malicious server could send crafted replies
to the host.

CVE-2011-1776: The is_gpt_valid function in fs/partitions/efi.c in the
Linux kernel did not check the size of an Extensible Firmware
Interface (EFI) GUID Partition Table (GPT) entry, which allowed
physically proximate attackers to cause a denial of service
(heap-based buffer overflow and OOPS) or obtain sensitive information
from kernel heap memory by connecting a crafted GPT storage device, a
different vulnerability than CVE-2011-1577.

Following non security bugs were fixed :

- drm/radeon/kms: Fix I2C mask definitions (bnc#712023).

- ext4: Fix max file size and logical block counting of
extent format file (bnc#706374).

- TTY: pty, fix pty counting (bnc#711203).

- Update Xen patches to

- xen/blkfront: fix data size for xenbus_gather in

- xen/xenbus: fix xenbus_transaction_start() hang caused
by double xenbus_transaction_end().

- xen/blkback: don't fail empty barrier requests.

- xen/blktap: fix locking (bnc#685276).

- xen/xenbus: don't BUG() on user mode induced conditions

- xen/blkfront: avoid NULL de-reference in CDROM ioctl
handling (bnc#701355).

- intr-remap: allow disabling source id checking

See also :

Solution :

Update the affected kernel packages.

Risk factor :

Critical / CVSS Base Score : 10.0

Family: SuSE Local Security Checks

Nessus Plugin ID: 75556 ()

Bugtraq ID:

CVE ID: CVE-2011-1577

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now