openSUSE Security Update : kernel (kernel-932)

High Nessus Plugin ID 40250


The remote openSUSE host is missing a security update.


This Linux kernel update for openSUSE 11.1 fixes lots of bugs and some security issues. The kernel was also updated to the stable release.

Following security issues have been fixed: CVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.

This requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.

CVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.

The GCC option -fwrapv has been added to compilation to work around potentially removing integer overflow checks.

CVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent.

CVE-2009-1242: The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform.

CVE-2009-1360: The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets.

CVE-2009-1192: drivers/char/agp/generic.c in the agp subsystem in the Linux kernel does not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages.

Additionaly a lot of bugs have been fixed and are listed in the RPM changelog.


Update the affected kernel packages.

See Also

Plugin Details

Severity: High

ID: 40250

File Name: suse_11_1_kernel-090527.nasl

Version: $Revision: 1.13 $

Type: local

Agent: unix

Published: 2009/07/21

Modified: 2016/12/21

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:aufs-kmp-debug, p-cpe:/a:novell:opensuse:aufs-kmp-trace, p-cpe:/a:novell:opensuse:brocade-bfa-kmp-debug, p-cpe:/a:novell:opensuse:brocade-bfa-kmp-trace, p-cpe:/a:novell:opensuse:dazuko-kmp-debug, p-cpe:/a:novell:opensuse:dazuko-kmp-trace, p-cpe:/a:novell:opensuse:drbd-kmp-debug, p-cpe:/a:novell:opensuse:drbd-kmp-trace, p-cpe:/a:novell:opensuse:intel-iamt-heci-kmp-debug, p-cpe:/a:novell:opensuse:intel-iamt-heci-kmp-trace, p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug, p-cpe:/a:novell:opensuse:iscsitarget-kmp-trace, p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-extra, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-extra, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:kernel-pae-extra, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-trace, p-cpe:/a:novell:opensuse:kernel-trace-base, p-cpe:/a:novell:opensuse:kernel-trace-extra, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:kernel-xen-extra, p-cpe:/a:novell:opensuse:kqemu-kmp-debug, p-cpe:/a:novell:opensuse:kqemu-kmp-trace, p-cpe:/a:novell:opensuse:kvm-kmp-trace, p-cpe:/a:novell:opensuse:lirc-kmp-trace, p-cpe:/a:novell:opensuse:ofed-kmp-debug, p-cpe:/a:novell:opensuse:ofed-kmp-trace, p-cpe:/a:novell:opensuse:oracleasm-kmp-debug, p-cpe:/a:novell:opensuse:oracleasm-kmp-trace, p-cpe:/a:novell:opensuse:pcfclock-kmp-debug, p-cpe:/a:novell:opensuse:pcfclock-kmp-trace, p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug, p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-trace, p-cpe:/a:novell:opensuse:vmware-kmp-debug, p-cpe:/a:novell:opensuse:vmware-kmp-trace, cpe:/o:novell:opensuse:11.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2009/05/27

Reference Information

CVE: CVE-2009-1192, CVE-2009-1242, CVE-2009-1265, CVE-2009-1337, CVE-2009-1360, CVE-2009-1439

CWE: 119, 264