SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3068 / 3069 / 3070)

critical Nessus Plugin ID 51610
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote SuSE 11 host is missing one or more security updates.


This SUSE Linux Enterprise 11 Service Pack 1 kernel contains various security fixes and lots of other bugfixes.

Notable larger bugfixes and changes :

- 603464: Fix system freezewhen doing a network crashdump with a netxen_nic driver

- 610828: Avoid kernel failure on connects/disconnects to a novell server with Novell Client 2.0

- 612009: Fix Oracle issues due to problems with OCFS

- 614332: Fix SMB processes stuck in uninteruptible sleep when using (LVS/ClusteredIP) + CTDB + OCFS2

- 619525: Fix igb driver regression

- 626321: Add patch for Apparent OCFS2 corruption after removing a bunch of reflinks

- 627518: Avoid System hangs up after failed to copy files from smb server

- 629552: Skip Tape rewind during boot or a scsi scan The following security issues were fixed :

- insufficient range checks on the ETHTOOL_GRXCLSRLALL command allowed local users to at least crash the kernel. (CVE-2010-2478)

- Specially crafted NFS write requests could crash the kernel. (CVE-2010-2521)

- a malicious local user could fill the cache used by CIFS do perform dns lookups with chosen data, therefore tricking the kernel into mounting a wrong CIFS server.

- a local user could overwrite append-only files on a btrfs file system. (CVE-2010-2537)

- a local user could read kernel memory of a btrfs file system. (CVE-2010-2538)

- local users could trigger a NULL derefence via gfs2 file system. (CVE-2010-2798)

- driver specific drm ioctl could leak kernel memory to users with access to dri devices. (CVE-2010-2803)

- 'tc dump' could leak some kernel memory. (CVE-2010-2942)

- the 'os2' xaddr namespace could be used to bypass xattr namespace rules. (CVE-2010-2946)

- integer overflows in the CAN subsystem allowed attackers to crash the kernel or gain privileges. (CVE-2010-2959)

- certain write operations on an ext4 filesystem could crash the kernel. (CVE-2010-3015)


Apply SAT patch number 3068 / 3069 / 3070 as appropriate.

See Also

Plugin Details

Severity: Critical

ID: 51610

File Name: suse_11_kernel-100903.nasl

Version: 1.8

Type: local

Agent: unix

Published: 1/21/2011

Updated: 1/14/2021

Dependencies: ssh_get_info.nasl

Risk Information


Risk Factor: High

Score: 8.9


Risk Factor: Critical

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:btrfs-kmp-default, p-cpe:/a:novell:suse_linux:11:btrfs-kmp-pae, p-cpe:/a:novell:suse_linux:11:btrfs-kmp-xen, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae, p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen, p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-default, p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-pae, p-cpe:/a:novell:suse_linux:11:kernel-default, p-cpe:/a:novell:suse_linux:11:kernel-default-base, p-cpe:/a:novell:suse_linux:11:kernel-default-devel, p-cpe:/a:novell:suse_linux:11:kernel-default-extra, p-cpe:/a:novell:suse_linux:11:kernel-default-man, p-cpe:/a:novell:suse_linux:11:kernel-desktop-devel, p-cpe:/a:novell:suse_linux:11:kernel-pae, p-cpe:/a:novell:suse_linux:11:kernel-pae-base, p-cpe:/a:novell:suse_linux:11:kernel-pae-devel, p-cpe:/a:novell:suse_linux:11:kernel-pae-extra, p-cpe:/a:novell:suse_linux:11:kernel-source, p-cpe:/a:novell:suse_linux:11:kernel-syms, p-cpe:/a:novell:suse_linux:11:kernel-trace, p-cpe:/a:novell:suse_linux:11:kernel-trace-base, p-cpe:/a:novell:suse_linux:11:kernel-trace-devel, p-cpe:/a:novell:suse_linux:11:kernel-xen, p-cpe:/a:novell:suse_linux:11:kernel-xen-base, p-cpe:/a:novell:suse_linux:11:kernel-xen-devel, p-cpe:/a:novell:suse_linux:11:kernel-xen-extra, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/3/2010

Reference Information

CVE: CVE-2010-2478, CVE-2010-2521, CVE-2010-2524, CVE-2010-2537, CVE-2010-2538, CVE-2010-2798, CVE-2010-2803, CVE-2010-2942, CVE-2010-2946, CVE-2010-2959, CVE-2010-3015