SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5924)

high Nessus Plugin ID 41537

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

The SUSE Linux Enterprise 10 Service Pack 2 kernel was updated to fix some security issues and various bugs.

The following security problems have been fixed :

- net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/ *vc file, related to corruption of the vcc table. (CVE-2008-5079)

- The __scm_destroy function in net/core/scm.c makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. (CVE-2008-5029)

- Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function. (CVE-2008-4933)

- Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.
(CVE-2008-5025)

- The inotify functionality might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.
(CVE-2008-5182)

A lot of other bugs were fixed, a detailed list can be found in the RPM changelog.

Solution

Apply ZYPP patch number 5924.

See Also

http://support.novell.com/security/cve/CVE-2008-4933.html

http://support.novell.com/security/cve/CVE-2008-5025.html

http://support.novell.com/security/cve/CVE-2008-5029.html

http://support.novell.com/security/cve/CVE-2008-5079.html

http://support.novell.com/security/cve/CVE-2008-5182.html

Plugin Details

Severity: High

ID: 41537

File Name: suse_kernel-5924.nasl

Version: 1.14

Type: local

Agent: unix

Published: 9/24/2009

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.9

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/18/2009

Reference Information

CVE: CVE-2008-4933, CVE-2008-5025, CVE-2008-5029, CVE-2008-5079, CVE-2008-5182

CWE: 119, 362, 399