openSUSE 10 Security Update : kernel (kernel-2705)

High Nessus Plugin ID 27293


The remote openSUSE host is missing a security update.


This kernel update fixes the following security problems :

- CVE-2006-5751: An integer overflow in the networking bridge ioctl starting with Kernel 2.6.7 could be used by local attackers to overflow kernel memory buffers and potentially escalate privileges [#222656]

- CVE-2006-6106: Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel allowed remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.

- CVE-2006-5749: The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux kernel does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash. [#229619]

- CVE-2006-5753: Unspecified vulnerability in the listxattr system call in Linux kernel, when a 'bad inode' is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges. [#230270]

- CVE-2007-0006: The key serial number collision avoidance code in the key_alloc_serial function allows local users to cause a denial of service (crash) via vectors that trigger a null dereference. [#243003]

- CVE-2007-0772: A remote denial of service problem on NFSv2 mounts with ACL enabled was fixed. [#244909]

Furthermore, it catches up to the mainline kernel, version, and contains a large number of additional fixes for non security bugs.


Update the affected kernel packages.

Plugin Details

Severity: High

ID: 27293

File Name: suse_kernel-2705.nasl

Version: $Revision: 1.9 $

Type: local

Agent: unix

Published: 2007/10/17

Modified: 2014/06/13

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-bigsmp, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xenpae, cpe:/o:novell:opensuse:10.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2007/03/06

Reference Information

CVE: CVE-2006-5749, CVE-2006-5751, CVE-2006-5753, CVE-2006-6106, CVE-2007-0006, CVE-2007-0772

CWE: 399