SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7811)

Critical Nessus Plugin ID 59160

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.7

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel.

The following security issues have been fixed :

- A USB string descriptor overflow in the auerwald USB driver was fixed, which could be used by physically proximate attackers to cause a kernel crash.
(CVE-2009-4067)

- Always check the path in CIFS mounts to avoid interesting filesystem path interaction issues and potential crashes. (CVE-2011-3363)

- A malicious CIFS server could cause a integer overflow on the local machine on directory index operations, in turn causing memory corruption. (CVE-2011-3191)

- The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel did not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allowed physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577.
(CVE-2011-1776)

The following non-security issues have been fixed :

- md: fix deadlock in md/raid1 and md/raid10 when handling a read error. (bnc#628343)

- md: fix possible raid1/raid10 deadlock on read error during resync. (bnc#628343)

- Add timeo parameter to /proc/mounts for nfs filesystems.
(bnc#616256)

- virtio: indirect ring entries (VIRTIO_RING_F_INDIRECT_DESC). (bnc#713876)

- virtio: teach virtio_has_feature() about transport features. (bnc#713876)

- nf_nat: do not add NAT extension for confirmed conntracks. (bnc#709213)

- 8250: Oxford Semiconductor Devices. (bnc#717126)

- 8250_pci: Add support for the Digi/IBM PCIe 2-port Adapter. (bnc#717126)

- 8250: Fix capabilities when changing the port type.
(bnc#717126)

- 8250: Add EEH support. (bnc#717126)

- xfs: fix memory reclaim recursion deadlock on locked inode buffer. (bnc#699355 / bnc#699354 / bnc#721830)

- ipmi: do not grab locks in run-to-completion mode.
(bnc#717421)

- cifs: add fallback in is_path_accessible for old servers. (bnc#718028)

- cciss: do not attempt to read from a write-only register. (bnc#683101)

- s390: kernel: System hang if hangcheck timer expires (bnc#712009,LTC#74157).

- s390: kernel: NSS creation with initrd fails (bnc#712009,LTC#74207).

- s390: kernel: remove code to handle topology interrupts (bnc#712009,LTC#74440).

- xen: Added 1083-kbdfront-absolute-coordinates.patch.
(bnc#717585)

- acpi: Use a spinlock instead of mutex to guard gbl_lock access. (bnc#707439)

- Allow balance_dirty_pages to help other filesystems.
(bnc#709369)

- nfs: fix congestion control. (bnc#709369)

- NFS: Separate metadata and page cache revalidation mechanisms. (bnc#709369)

- jbd: Fix oops in journal_remove_journal_head().
(bnc#694315)

- xen/blkfront: avoid NULL de-reference in CDROM ioctl handling. (bnc#701355)

- xen/x86: replace order-based range checking of M2P table by linear one.

- xen/x86: use dynamically adjusted upper bound for contiguous regions. (bnc#635880)

- Fix type in patches.fixes/libiscsi-dont-run-scsi-eh-if-iscsi-task-is
-making-progress.

- s390: cio: Add timeouts for internal IO (bnc#701550,LTC#72691).

- s390: kernel: first time swap use results in heavy swapping (bnc#701550,LTC#73132).

- s390: qeth: wrong number of output queues for HiperSockets (bnc#701550,LTC#73814).

Solution

Apply ZYPP patch number 7811.

See Also

http://support.novell.com/security/cve/CVE-2009-4067.html

http://support.novell.com/security/cve/CVE-2011-1577.html

http://support.novell.com/security/cve/CVE-2011-1776.html

http://support.novell.com/security/cve/CVE-2011-3191.html

http://support.novell.com/security/cve/CVE-2011-3363.html

Plugin Details

Severity: Critical

ID: 59160

File Name: suse_kernel-7811.nasl

Version: 1.4

Type: local

Agent: unix

Published: 2012/05/17

Updated: 2019/10/25

Dependencies: 12634

Risk Information

Risk Factor: Critical

VPR Score: 6.7

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2011/10/21

Reference Information

CVE: CVE-2009-4067, CVE-2011-1577, CVE-2011-1776, CVE-2011-3191, CVE-2011-3363