SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6437)
High Nessus Plugin ID 59138
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionThis patch updates the SUSE Linux Enterprise 10 SP2 kernel to fix various bugs and some security issues.
The following security issues were fixed: CVE-2009-2692: A missing NULL pointer check in the socket sendpage function can be used by local attackers to gain root privileges.
(No cve yet) A information leak from using sigaltstack was fixed.
Enabled -fno-delete-null-pointer-checks to avoid optimizing away NULL pointer checks and fixed Makefiles to make sure
-fwrapv is used everywhere. CVE-2009-1758: The hypervisor_callback function in Xen allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in 'certain address ranges.'
- A crash on r8169 network cards when receiving large packets was fixed. (CVE-2009-1389)
- The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.
SolutionApply ZYPP patch number 6437.