SuSE 10 Security Update : Linux Kernel (x86_64) (ZYPP Patch Number 5735)

Medium Nessus Plugin ID 59134

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 8.3

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues.

The following security issues are addressed :

- fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. (CVE-2008-4210)

- The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.
(CVE-2008-3528)

- fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716)

All other bugfixes can be found by looking at the RPM changelog.

Solution

Apply ZYPP patch number 5735.

See Also

http://support.novell.com/security/cve/CVE-2007-6716.html

http://support.novell.com/security/cve/CVE-2008-3528.html

http://support.novell.com/security/cve/CVE-2008-4210.html

Plugin Details

Severity: Medium

ID: 59134

File Name: suse_kernel-5735.nasl

Version: 1.5

Type: local

Agent: unix

Published: 2012/05/17

Updated: 2019/10/25

Dependencies: 12634

Risk Information

Risk Factor: Medium

VPR Score: 8.3

CVSS v2.0

Base Score: 4.7

Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2008/11/03

Reference Information

CVE: CVE-2007-6716, CVE-2008-3528, CVE-2008-4210

CWE: 264