openSUSE Security Update : kernel (kernel-2146)

High Nessus Plugin ID 45128

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 8.9

Synopsis

The remote openSUSE host is missing a security update.

Description

This update of the openSUSE 11.2 kernel contains a lot of bug and security fixes.

Following security issues were fixed: CVE-2010-0622: The wake_futex_pi function in kernel/futex.c in the Linux kernel does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space.

CVE-2010-0623: The futex_lock_pi function in kernel/futex.c in the Linux kernel does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via vectors involving an unmount of an ext3 filesystem.

CVE-2010-0415: The do_pages_move function in mm/migrate.c in the Linux kernel does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set.

CVE-2010-0410: drivers/connector/connector.c in the Linux kernel allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages.

CVE-2009-4031: The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support.

This update also contains a large rollup of fixes for the rt2860 and rt3090 wireless drivers from the mainline kernel.

Solution

Update the affected kernel packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=474773

https://bugzilla.novell.com/show_bug.cgi?id=492961

https://bugzilla.novell.com/show_bug.cgi?id=510449

https://bugzilla.novell.com/show_bug.cgi?id=544760

https://bugzilla.novell.com/show_bug.cgi?id=555747

https://bugzilla.novell.com/show_bug.cgi?id=558269

https://bugzilla.novell.com/show_bug.cgi?id=561078

https://bugzilla.novell.com/show_bug.cgi?id=565962

https://bugzilla.novell.com/show_bug.cgi?id=566634

https://bugzilla.novell.com/show_bug.cgi?id=568319

https://bugzilla.novell.com/show_bug.cgi?id=570314

https://bugzilla.novell.com/show_bug.cgi?id=574654

https://bugzilla.novell.com/show_bug.cgi?id=576927

https://bugzilla.novell.com/show_bug.cgi?id=577747

https://bugzilla.novell.com/show_bug.cgi?id=577753

https://bugzilla.novell.com/show_bug.cgi?id=578064

https://bugzilla.novell.com/show_bug.cgi?id=578222

https://bugzilla.novell.com/show_bug.cgi?id=578550

https://bugzilla.novell.com/show_bug.cgi?id=578708

https://bugzilla.novell.com/show_bug.cgi?id=579076

https://bugzilla.novell.com/show_bug.cgi?id=579219

https://bugzilla.novell.com/show_bug.cgi?id=579439

https://bugzilla.novell.com/show_bug.cgi?id=579989

https://bugzilla.novell.com/show_bug.cgi?id=580799

https://bugzilla.novell.com/show_bug.cgi?id=581271

https://bugzilla.novell.com/show_bug.cgi?id=581718

https://bugzilla.novell.com/show_bug.cgi?id=582552

https://bugzilla.novell.com/show_bug.cgi?id=582907

https://bugzilla.novell.com/show_bug.cgi?id=584320

Plugin Details

Severity: High

ID: 45128

File Name: suse_11_2_kernel-100317.nasl

Version: 1.9

Type: local

Agent: unix

Published: 2010/03/23

Updated: 2019/10/25

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 8.9

CVSS v2.0

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-debug-devel, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-default-devel, p-cpe:/a:novell:opensuse:kernel-desktop, p-cpe:/a:novell:opensuse:kernel-desktop-base, p-cpe:/a:novell:opensuse:kernel-desktop-devel, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:kernel-pae-devel, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-trace, p-cpe:/a:novell:opensuse:kernel-trace-base, p-cpe:/a:novell:opensuse:kernel-trace-devel, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-vanilla-base, p-cpe:/a:novell:opensuse:kernel-vanilla-devel, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:kernel-xen-devel, p-cpe:/a:novell:opensuse:preload-kmp-default, p-cpe:/a:novell:opensuse:preload-kmp-desktop, cpe:/o:novell:opensuse:11.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/03/17

Reference Information

CVE: CVE-2009-4031, CVE-2010-0410, CVE-2010-0415, CVE-2010-0622, CVE-2010-0623

CWE: 20, 399