SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6632)

High Nessus Plugin ID 42465

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 9.2

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

This update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel.

The following security issues were fixed: CVE-2009-3547: A race condition during pipe open could be used by local attackers to elevate privileges.

- On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. (CVE-2009-2910)

- The randomness of the ASLR methods used in the kernel was increased. (CVE-2009-3238)

- A information leak from the kernel due to uninitialized memory in AGP handling was fixed. (CVE-2009-1192)

- A signed comparison in the ax25 sockopt handler was fixed which could be used to crash the kernel or potentially execute code. (CVE-2009-2909)

- The execve function in the Linux kernel did not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. (CVE-2009-2848)

- Fixed various sockethandler getname leaks, which could disclose memory previously used by the kernel or other userland processes to the local attacker.
(CVE-2009-3002)

- Multiple buffer overflows in the cifs subsystem in the Linux kernel allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. (CVE-2009-1633)

Also see the RPM changelog for more changes.

Solution

Apply ZYPP patch number 6632.

See Also

http://support.novell.com/security/cve/CVE-2009-1192.html

http://support.novell.com/security/cve/CVE-2009-1633.html

http://support.novell.com/security/cve/CVE-2009-2848.html

http://support.novell.com/security/cve/CVE-2009-2909.html

http://support.novell.com/security/cve/CVE-2009-2910.html

http://support.novell.com/security/cve/CVE-2009-3002.html

http://support.novell.com/security/cve/CVE-2009-3238.html

http://support.novell.com/security/cve/CVE-2009-3547.html

Plugin Details

Severity: High

ID: 42465

File Name: suse_kernel-6632.nasl

Version: 1.22

Type: local

Agent: unix

Published: 2009/11/11

Updated: 2019/10/25

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 9.2

CVSS v2.0

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/11/03

Exploitable With

CANVAS (CANVAS)

Reference Information

CVE: CVE-2009-1192, CVE-2009-1633, CVE-2009-2848, CVE-2009-2909, CVE-2009-2910, CVE-2009-3002, CVE-2009-3238, CVE-2009-3547

CWE: 119, 189, 200, 310, 362