SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 4472)

High Nessus Plugin ID 59124


The remote SuSE 10 host is missing a security-related patch.


This kernel update fixes the following security problems :

- It was possible for local user to become root by exploiting a bug in the IA32 system call emulation. This affects x86_64 platforms with kernel 2.4.x and 2.6.x before only. (CVE-2007-4573)

- An information disclosure vulnerability in the ALSA driver can be exploited by local users to read sensitive data from the kernel memory. (CVE-2007-4571)

and the following non security bugs :

- patches.xen/xen-blkback-cdrom: CDROM removable media-present attribute plus handling code [#159907]

- patches.drivers/libata-add-pata_dma-kernel-parameter:
libata: Add a drivers/ide style DMA disable [#229260] [#272786]

- patches.drivers/libata-sata_via-kill-SATA_PATA_SHARING:
sata_via: kill SATA_PATA_SHARING register handling [#254158] [#309069]

- patches.drivers/libata-sata_via-add-PCI-IDs: sata_via:
add PCI IDs [#254158] [#326647]

- supported.conf: Marked 8250 and 8250_pci as supported (only Xen kernels build them as modules) [#260686]

- patches.fixes/bridge-module-get-put.patch: Module use count must be updated as bridges are created/destroyed [#267651]

- patches.fixes/iscsi-netware-fix: Linux Initiator hard hangs writing files to NetWare target [#286566]

- patches.fixes/lockd-chroot-fix: Allow lockd to work reliably with applications in a chroot [#288376] [#305480]

- add patches.fixes/x86_64-hangcheck_timer-fix.patch fix monotonic_clock() and hangcheck_timer [#291633]

- patches.arch/sn_hwperf_cpuinfo_fix.diff: Correctly count CPU objects for SGI ia64/sn hwperf interface [#292240]

- Extend reiserfs to properly support file systems up to 16 TiB [#294754]

- patches.fixes/reiserfs-signedness-fixes.diff: reiserfs:
fix usage of signed ints for block numbers

- patches.fixes/reiserfs-fix-large-fs.diff: reiserfs:
ignore s_bmap_nr on disk for file systems >= 8 TiB

- patches.suse/ocfs2-06-per-resource-events.diff: Deliver events without a specified resource unconditionally.

- patches.fixes/proc-readdir-race-fix.patch: Fix the race in proc_pid_readdir [#297232]

- patches.xen/xen3-patch- XEN: update to Linux [#298719]

- patches.fixes/pm-ordering-fix.patch: PM: Fix ACPI suspend / device suspend ordering [#302207]

- patches.drivers/ibmvscsi-slave_configure.patch add

->slave_configure() to allow device restart [#304138]

- patches.arch/ppc-power6-ebus-unique_location.patch Prevent bus_id collisions [#306482]

- patches.xen/30-bit-field-booleans.patch: Fix packet loss in DomU xen netback driver [#306896]

- config/i386/kdump: Enable ahci module [#308556]

- update patches.drivers/ppc-power6-ehea.patch fix link state detection for bonding [#309553]

- patches.drivers/ibmveth-fixup-pool_deactivate.patch patches.drivers/ibmveth-large-frames.patch patches.drivers/ibmveth-large-mtu.patch: fix serveral crashes when changing ibmveth sysfs values [#326164]

- patches.drivers/libata-sata_sil24-fix-IRQ-clearing-race- on-I RQ_WOC: sata_sil24: fix IRQ clearing race when PCIX_IRQ_WOC is used [#327536]

- update patches.drivers/ibmvscsis.patch set blocksize to PAGE_CACHE_SIZE to fix flood of bio allocation warnings/failures [#328219]


Apply ZYPP patch number 4472.

See Also

Plugin Details

Severity: High

ID: 59124

File Name: suse_kernel-4472.nasl

Version: $Revision: 1.1 $

Type: local

Agent: unix

Published: 2012/05/17

Modified: 2012/05/17

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2007/10/02

Reference Information

CVE: CVE-2007-4571, CVE-2007-4573

CWE: 264