SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1079 / 1087)

High Nessus Plugin ID 51607

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

The SUSE Linux Enterprise 11 kernel was updated to fix various bugs and several security issues. It was also updated to the stable release 2.6.27.25.

The following security issues were fixed :

- A local denial of service problem in the splice(2) system call was fixed. (CVE-2009-1961)

- A crash on r8169 network cards when receiving large packets was fixed. (CVE-2009-1389)

- Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size. (CVE-2009-1385)

- The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.
(CVE-2009-1630)

Solution

Apply SAT patch number 1079 / 1087 as appropriate.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=185164

https://bugzilla.novell.com/show_bug.cgi?id=191648

https://bugzilla.novell.com/show_bug.cgi?id=395775

https://bugzilla.novell.com/show_bug.cgi?id=439775

https://bugzilla.novell.com/show_bug.cgi?id=450658

https://bugzilla.novell.com/show_bug.cgi?id=475149

https://bugzilla.novell.com/show_bug.cgi?id=476525

https://bugzilla.novell.com/show_bug.cgi?id=476822

https://bugzilla.novell.com/show_bug.cgi?id=478462

https://bugzilla.novell.com/show_bug.cgi?id=481074

https://bugzilla.novell.com/show_bug.cgi?id=484716

https://bugzilla.novell.com/show_bug.cgi?id=485768

https://bugzilla.novell.com/show_bug.cgi?id=487247

https://bugzilla.novell.com/show_bug.cgi?id=491802

https://bugzilla.novell.com/show_bug.cgi?id=493214

https://bugzilla.novell.com/show_bug.cgi?id=495065

https://bugzilla.novell.com/show_bug.cgi?id=495091

https://bugzilla.novell.com/show_bug.cgi?id=497341

https://bugzilla.novell.com/show_bug.cgi?id=497648

https://bugzilla.novell.com/show_bug.cgi?id=498358

https://bugzilla.novell.com/show_bug.cgi?id=498369

https://bugzilla.novell.com/show_bug.cgi?id=499152

https://bugzilla.novell.com/show_bug.cgi?id=499278

https://bugzilla.novell.com/show_bug.cgi?id=499845

https://bugzilla.novell.com/show_bug.cgi?id=500429

https://bugzilla.novell.com/show_bug.cgi?id=501396

https://bugzilla.novell.com/show_bug.cgi?id=501651

https://bugzilla.novell.com/show_bug.cgi?id=502675

https://bugzilla.novell.com/show_bug.cgi?id=502903

https://bugzilla.novell.com/show_bug.cgi?id=503353

https://bugzilla.novell.com/show_bug.cgi?id=503635

https://bugzilla.novell.com/show_bug.cgi?id=503855

https://bugzilla.novell.com/show_bug.cgi?id=505578

https://bugzilla.novell.com/show_bug.cgi?id=506361

https://bugzilla.novell.com/show_bug.cgi?id=507557

https://bugzilla.novell.com/show_bug.cgi?id=509071

https://bugzilla.novell.com/show_bug.cgi?id=509544

https://bugzilla.novell.com/show_bug.cgi?id=509822

https://bugzilla.novell.com/show_bug.cgi?id=511243

https://bugzilla.novell.com/show_bug.cgi?id=514644

https://bugzilla.novell.com/show_bug.cgi?id=516213

https://bugzilla.novell.com/show_bug.cgi?id=516827

http://support.novell.com/security/cve/CVE-2009-1385.html

http://support.novell.com/security/cve/CVE-2009-1389.html

http://support.novell.com/security/cve/CVE-2009-1630.html

http://support.novell.com/security/cve/CVE-2009-1961.html

Plugin Details

Severity: High

ID: 51607

File Name: suse_11_kernel-090708.nasl

Version: Revision: 1.5

Type: local

Agent: unix

Published: 2011/01/21

Updated: 2016/12/21

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen, p-cpe:/a:novell:suse_linux:11:kernel-default, p-cpe:/a:novell:suse_linux:11:kernel-default-base, p-cpe:/a:novell:suse_linux:11:kernel-default-extra, p-cpe:/a:novell:suse_linux:11:kernel-default-man, p-cpe:/a:novell:suse_linux:11:kernel-source, p-cpe:/a:novell:suse_linux:11:kernel-syms, p-cpe:/a:novell:suse_linux:11:kernel-xen, p-cpe:/a:novell:suse_linux:11:kernel-xen-base, p-cpe:/a:novell:suse_linux:11:kernel-xen-extra, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2009/07/08

Reference Information

CVE: CVE-2009-1385, CVE-2009-1389, CVE-2009-1630, CVE-2009-1961

CWE: 119, 189, 264, 362