SuSE 11.1 Security Update : Linux Kernel (SAT Patch Numbers 2760 / 2763 / 2764)

Critical Nessus Plugin ID 51609

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 8.5

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

This SUSE Linux Enterprise 11 Service Pack 1 kernel contains various security fixes and other bugfixes.

Notable larger bug fixes and changes :

- A deadlock in virtual interface handling in XEN introduced by the last update has been fixed.

- The btrfs file system received backports of lots of fixes from 2.6.35.

- An OCFS2 data corruption during high load has been fixed.

- Custom truncation length has been added for authentication mechanisms in XFRM to enable IPv6 certification. The following security issues have been fixed :

- Several buffer overflows in the Novell Client novfs kernel module could be abused by local users to execute code in kernel space.

- On ext4 file systems, the MOVE_EXT ioctl() can overwrite append-only files. (CVE-2010-2066)

- A NULL pointer de-reference in the l2tp protocol can cause an oops, which leads to a denial of service.
(CVE-2010-2495)

- Insufficient permission checking for the setflags ioctl() in the gfs2 filesystem. (CVE-2010-1641)

Solution

Apply SAT patch number 2760 / 2763 / 2764 as appropriate.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=501563

https://bugzilla.novell.com/show_bug.cgi?id=557710

https://bugzilla.novell.com/show_bug.cgi?id=574006

https://bugzilla.novell.com/show_bug.cgi?id=594362

https://bugzilla.novell.com/show_bug.cgi?id=596113

https://bugzilla.novell.com/show_bug.cgi?id=598308

https://bugzilla.novell.com/show_bug.cgi?id=599671

https://bugzilla.novell.com/show_bug.cgi?id=603528

https://bugzilla.novell.com/show_bug.cgi?id=606575

https://bugzilla.novell.com/show_bug.cgi?id=607123

https://bugzilla.novell.com/show_bug.cgi?id=608435

https://bugzilla.novell.com/show_bug.cgi?id=608576

https://bugzilla.novell.com/show_bug.cgi?id=609506

https://bugzilla.novell.com/show_bug.cgi?id=610362

https://bugzilla.novell.com/show_bug.cgi?id=611104

https://bugzilla.novell.com/show_bug.cgi?id=612457

https://bugzilla.novell.com/show_bug.cgi?id=613171

https://bugzilla.novell.com/show_bug.cgi?id=613542

https://bugzilla.novell.com/show_bug.cgi?id=614793

https://bugzilla.novell.com/show_bug.cgi?id=615003

https://bugzilla.novell.com/show_bug.cgi?id=616088

https://bugzilla.novell.com/show_bug.cgi?id=616369

https://bugzilla.novell.com/show_bug.cgi?id=616612

https://bugzilla.novell.com/show_bug.cgi?id=617248

https://bugzilla.novell.com/show_bug.cgi?id=618767

https://bugzilla.novell.com/show_bug.cgi?id=619007

https://bugzilla.novell.com/show_bug.cgi?id=619416

https://bugzilla.novell.com/show_bug.cgi?id=619536

https://bugzilla.novell.com/show_bug.cgi?id=619840

https://bugzilla.novell.com/show_bug.cgi?id=620020

https://bugzilla.novell.com/show_bug.cgi?id=620021

https://bugzilla.novell.com/show_bug.cgi?id=620904

https://bugzilla.novell.com/show_bug.cgi?id=623472

http://support.novell.com/security/cve/CVE-2010-1641.html

http://support.novell.com/security/cve/CVE-2010-2066.html

http://support.novell.com/security/cve/CVE-2010-2495.html

Plugin Details

Severity: Critical

ID: 51609

File Name: suse_11_kernel-100721.nasl

Version: 1.9

Type: local

Agent: unix

Published: 2011/01/21

Updated: 2019/10/25

Dependencies: 12634

Risk Information

Risk Factor: Critical

VPR Score: 8.5

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:btrfs-kmp-default, p-cpe:/a:novell:suse_linux:11:btrfs-kmp-pae, p-cpe:/a:novell:suse_linux:11:btrfs-kmp-xen, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen, p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-default, p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-pae, p-cpe:/a:novell:suse_linux:11:kernel-default, p-cpe:/a:novell:suse_linux:11:kernel-default-base, p-cpe:/a:novell:suse_linux:11:kernel-default-devel, p-cpe:/a:novell:suse_linux:11:kernel-default-extra, p-cpe:/a:novell:suse_linux:11:kernel-default-man, p-cpe:/a:novell:suse_linux:11:kernel-desktop-devel, p-cpe:/a:novell:suse_linux:11:kernel-pae, p-cpe:/a:novell:suse_linux:11:kernel-pae-base, p-cpe:/a:novell:suse_linux:11:kernel-pae-devel, p-cpe:/a:novell:suse_linux:11:kernel-pae-extra, p-cpe:/a:novell:suse_linux:11:kernel-source, p-cpe:/a:novell:suse_linux:11:kernel-syms, p-cpe:/a:novell:suse_linux:11:kernel-trace, p-cpe:/a:novell:suse_linux:11:kernel-trace-base, p-cpe:/a:novell:suse_linux:11:kernel-trace-devel, p-cpe:/a:novell:suse_linux:11:kernel-xen, p-cpe:/a:novell:suse_linux:11:kernel-xen-base, p-cpe:/a:novell:suse_linux:11:kernel-xen-devel, p-cpe:/a:novell:suse_linux:11:kernel-xen-extra, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/07/21

Reference Information

CVE: CVE-2010-1641, CVE-2010-2066, CVE-2010-2495