SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5734)

medium Nessus Plugin ID 35026
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues.

The following security issues are addressed :

- fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. (CVE-2008-4210)

- The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.
(CVE-2008-3528)

- fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716)

All other bugfixes can be found by looking at the RPM changelog.

Solution

Apply ZYPP patch number 5734.

See Also

http://support.novell.com/security/cve/CVE-2007-6716.html

http://support.novell.com/security/cve/CVE-2008-3528.html

http://support.novell.com/security/cve/CVE-2008-4210.html

Plugin Details

Severity: Medium

ID: 35026

File Name: suse_kernel-5734.nasl

Version: 1.20

Type: local

Agent: unix

Published: 12/3/2008

Updated: 1/14/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: High

Score: 8.8

CVSS v2

Risk Factor: Medium

Base Score: 4.7

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/3/2008

Reference Information

CVE: CVE-2007-6716, CVE-2008-3528, CVE-2008-4210

CWE: 264