New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 8.9
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionThis update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel.
The following security issues were fixed: CVE-2009-3547: A race condition during pipe open could be used by local attackers to elevate privileges.
- On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. (CVE-2009-2910)
- The randomness of the ASLR methods used in the kernel was increased. (CVE-2009-3238)
- A information leak from the kernel due to uninitialized memory in AGP handling was fixed. (CVE-2009-1192)
- A signed comparison in the ax25 sockopt handler was fixed which could be used to crash the kernel or potentially execute code. (CVE-2009-2909)
- The execve function in the Linux kernel did not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. (CVE-2009-2848)
- Fixed various sockethandler getname leaks, which could disclose memory previously used by the kernel or other userland processes to the local attacker.
- Multiple buffer overflows in the cifs subsystem in the Linux kernel allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. (CVE-2009-1633)
Also see the RPM changelog for more changes.
SolutionApply ZYPP patch number 6632.