openSUSE Security Update : kernel (kernel-1415)

medium Nessus Plugin ID 42334
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote openSUSE host is missing a security update.

Description

The openSUSE 11.1 Kernel was updated to 2.6.27.37 fixing various bugs and security issues.

Following security issues were fixed: CVE-2009-2909: Unsigned check in the ax25 socket handler could allow local attackers to potentially crash the kernel or even execute code.

CVE-2009-3002: Fixed various sockethandler getname leaks, which could disclose memory previously used by the kernel or other userland processes to the local attacker.

CVE-2009-2910: A information leakage with upper 32bit register values on x86_64 systems was fixed.

Various KVM stability and security fixes have also been added.

Solution

Update the affected kernel packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=410452

https://bugzilla.novell.com/show_bug.cgi?id=441650

https://bugzilla.novell.com/show_bug.cgi?id=448410

https://bugzilla.novell.com/show_bug.cgi?id=459146

https://bugzilla.novell.com/show_bug.cgi?id=466279

https://bugzilla.novell.com/show_bug.cgi?id=466554

https://bugzilla.novell.com/show_bug.cgi?id=471396

https://bugzilla.novell.com/show_bug.cgi?id=472342

https://bugzilla.novell.com/show_bug.cgi?id=476582

https://bugzilla.novell.com/show_bug.cgi?id=477816

https://bugzilla.novell.com/show_bug.cgi?id=483375

https://bugzilla.novell.com/show_bug.cgi?id=483706

https://bugzilla.novell.com/show_bug.cgi?id=487412

https://bugzilla.novell.com/show_bug.cgi?id=490030

https://bugzilla.novell.com/show_bug.cgi?id=492547

https://bugzilla.novell.com/show_bug.cgi?id=498708

https://bugzilla.novell.com/show_bug.cgi?id=501563

https://bugzilla.novell.com/show_bug.cgi?id=504646

https://bugzilla.novell.com/show_bug.cgi?id=509753

https://bugzilla.novell.com/show_bug.cgi?id=511306

https://bugzilla.novell.com/show_bug.cgi?id=514022

https://bugzilla.novell.com/show_bug.cgi?id=515640

https://bugzilla.novell.com/show_bug.cgi?id=524242

https://bugzilla.novell.com/show_bug.cgi?id=527754

https://bugzilla.novell.com/show_bug.cgi?id=528769

https://bugzilla.novell.com/show_bug.cgi?id=531260

https://bugzilla.novell.com/show_bug.cgi?id=531384

https://bugzilla.novell.com/show_bug.cgi?id=531437

https://bugzilla.novell.com/show_bug.cgi?id=531533

https://bugzilla.novell.com/show_bug.cgi?id=531633

https://bugzilla.novell.com/show_bug.cgi?id=532063

https://bugzilla.novell.com/show_bug.cgi?id=532443

https://bugzilla.novell.com/show_bug.cgi?id=532598

https://bugzilla.novell.com/show_bug.cgi?id=533267

https://bugzilla.novell.com/show_bug.cgi?id=534065

https://bugzilla.novell.com/show_bug.cgi?id=534202

https://bugzilla.novell.com/show_bug.cgi?id=534214

https://bugzilla.novell.com/show_bug.cgi?id=534232

https://bugzilla.novell.com/show_bug.cgi?id=534961

https://bugzilla.novell.com/show_bug.cgi?id=534977

https://bugzilla.novell.com/show_bug.cgi?id=535380

https://bugzilla.novell.com/show_bug.cgi?id=535409

https://bugzilla.novell.com/show_bug.cgi?id=535497

https://bugzilla.novell.com/show_bug.cgi?id=535801

https://bugzilla.novell.com/show_bug.cgi?id=535880

https://bugzilla.novell.com/show_bug.cgi?id=535890

https://bugzilla.novell.com/show_bug.cgi?id=535947

https://bugzilla.novell.com/show_bug.cgi?id=536117

https://bugzilla.novell.com/show_bug.cgi?id=537435

https://bugzilla.novell.com/show_bug.cgi?id=539271

https://bugzilla.novell.com/show_bug.cgi?id=541403

https://bugzilla.novell.com/show_bug.cgi?id=544759

https://bugzilla.novell.com/show_bug.cgi?id=544779

https://bugzilla.novell.com/show_bug.cgi?id=545013

https://bugzilla.novell.com/show_bug.cgi?id=545236

https://bugzilla.novell.com/show_bug.cgi?id=546006

Plugin Details

Severity: Medium

ID: 42334

File Name: suse_11_1_kernel-091016.nasl

Version: 1.16

Type: local

Agent: unix

Published: 11/2/2009

Updated: 1/14/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: Medium

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-extra, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-extra, p-cpe:/a:novell:opensuse:kernel-ec2, p-cpe:/a:novell:opensuse:kernel-ec2-base, p-cpe:/a:novell:opensuse:kernel-ec2-extra, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:kernel-pae-extra, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-trace, p-cpe:/a:novell:opensuse:kernel-trace-base, p-cpe:/a:novell:opensuse:kernel-trace-extra, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:kernel-xen-extra, cpe:/o:novell:opensuse:11.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/16/2009

Reference Information

CVE: CVE-2009-2909, CVE-2009-2910, CVE-2009-3002

CWE: 189, 200