openSUSE Security Update : kernel (kernel-67)

Medium Nessus Plugin ID 40007


The remote openSUSE host is missing a security update.


The openSUSE 11.0 kernel was updated to

It fixes two security problems: CVE-2008-2372: A resource starvation issue within mmap was fixed, which could have been used by local attackers to hang the machine.

CVE-2008-2826: A integer overflow in SCTP was fixed, which might have been used by remote attackers to crash the machine or potentially execute code.

The update also has lots of other bugfixes that are listed in the RPM changelog.


Update the affected kernel packages.

See Also

Plugin Details

Severity: Medium

ID: 40007

File Name: suse_11_0_kernel-080630.nasl

Version: $Revision: 1.9 $

Type: local

Agent: unix

Published: 2009/07/21

Modified: 2016/12/21

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-rt, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-xen, cpe:/o:novell:opensuse:11.0

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2008/06/30

Reference Information

CVE: CVE-2008-2372, CVE-2008-2826

CWE: 20, 189