SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7812)

critical Nessus Plugin ID 57214
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel.

The following security issues have been fixed :

- A USB string descriptor overflow in the auerwald USB driver was fixed, which could be used by physically proximate attackers to cause a kernel crash.
(CVE-2009-4067)

- Always check the path in CIFS mounts to avoid interesting filesystem path interaction issues and potential crashes. (CVE-2011-3363)

- A malicious CIFS server could cause a integer overflow on the local machine on directory index operations, in turn causing memory corruption. (CVE-2011-3191)

- The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel did not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allowed physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577.
(CVE-2011-1776)

The following non-security issues have been fixed :

- md: fix deadlock in md/raid1 and md/raid10 when handling a read error. (bnc#628343)

- md: fix possible raid1/raid10 deadlock on read error during resync. (bnc#628343)

- Add timeo parameter to /proc/mounts for nfs filesystems.
(bnc#616256)

- virtio: indirect ring entries (VIRTIO_RING_F_INDIRECT_DESC). (bnc#713876)

- virtio: teach virtio_has_feature() about transport features. (bnc#713876)

- nf_nat: do not add NAT extension for confirmed conntracks. (bnc#709213)

- 8250: Oxford Semiconductor Devices. (bnc#717126)

- 8250_pci: Add support for the Digi/IBM PCIe 2-port Adapter. (bnc#717126)

- 8250: Fix capabilities when changing the port type.
(bnc#717126)

- 8250: Add EEH support. (bnc#717126)

- xfs: fix memory reclaim recursion deadlock on locked inode buffer. (bnc#699355 / bnc#699354 / bnc#721830)

- ipmi: do not grab locks in run-to-completion mode.
(bnc#717421)

- cifs: add fallback in is_path_accessible for old servers. (bnc#718028)

- cciss: do not attempt to read from a write-only register. (bnc#683101)

- s390: kernel: System hang if hangcheck timer expires (bnc#712009,LTC#74157).

- s390: kernel: NSS creation with initrd fails (bnc#712009,LTC#74207).

- s390: kernel: remove code to handle topology interrupts (bnc#712009,LTC#74440).

- xen: Added 1083-kbdfront-absolute-coordinates.patch.
(bnc#717585)

- acpi: Use a spinlock instead of mutex to guard gbl_lock access. (bnc#707439)

- Allow balance_dirty_pages to help other filesystems.
(bnc#709369)

- nfs: fix congestion control. (bnc#709369)

- NFS: Separate metadata and page cache revalidation mechanisms. (bnc#709369)

- jbd: Fix oops in journal_remove_journal_head().
(bnc#694315)

- xen/blkfront: avoid NULL de-reference in CDROM ioctl handling. (bnc#701355)

- xen/x86: replace order-based range checking of M2P table by linear one.

- xen/x86: use dynamically adjusted upper bound for contiguous regions. (bnc#635880)

- Fix type in patches.fixes/libiscsi-dont-run-scsi-eh-if-iscsi-task-is
-making-progress.

- s390: cio: Add timeouts for internal IO (bnc#701550,LTC#72691).

- s390: kernel: first time swap use results in heavy swapping (bnc#701550,LTC#73132).

- s390: qeth: wrong number of output queues for HiperSockets (bnc#701550,LTC#73814).

Solution

Apply ZYPP patch number 7812.

See Also

http://support.novell.com/security/cve/CVE-2009-4067.html

http://support.novell.com/security/cve/CVE-2011-1577.html

http://support.novell.com/security/cve/CVE-2011-1776.html

http://support.novell.com/security/cve/CVE-2011-3191.html

http://support.novell.com/security/cve/CVE-2011-3363.html

Plugin Details

Severity: Critical

ID: 57214

File Name: suse_kernel-7812.nasl

Version: 1.6

Type: local

Agent: unix

Published: 12/13/2011

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 10/21/2011

Reference Information

CVE: CVE-2009-4067, CVE-2011-1577, CVE-2011-1776, CVE-2011-3191, CVE-2011-3363