SuSE 10 Security Update : Linux Kernel (x86_64) (ZYPP Patch Number 5735)

Medium Nessus Plugin ID 59134


The remote SuSE 10 host is missing a security-related patch.


This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues.

The following security issues are addressed :

- fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. (CVE-2008-4210)

- The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.

- fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716)

All other bugfixes can be found by looking at the RPM changelog.


Apply ZYPP patch number 5735.

See Also

Plugin Details

Severity: Medium

ID: 59134

File Name: suse_kernel-5735.nasl

Version: $Revision: 1.2 $

Type: local

Agent: unix

Published: 2012/05/17

Modified: 2012/10/03

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 4.7

Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2008/11/03

Reference Information

CVE: CVE-2007-6716, CVE-2008-3528, CVE-2008-4210

CWE: 264