SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7915)

High Nessus Plugin ID 59161

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel.

This update fixes the following security issues :

- X.25 remote DoS. (CVE-2010-3873). (bnc#651219)

- X.25 remote Dos. (CVE-2010-4164). (bnc#653260)

- 1 socket local DoS. (CVE-2010-4249). (bnc#655696)

- ebtables infoleak. (CVE-2011-1080). (bnc#676602)

- netfilter: arp_tables infoleak to userspace.
(CVE-2011-1170). (bnc#681180)

- netfilter: ip_tables infoleak to userspace.
(CVE-2011-1171). (bnc#681181)

- netfilter: ip6_tables infoleak to userspace.
(CVE-2011-1172). (bnc#681185)

- econet 4 byte infoleak. (CVE-2011-1173). (bnc#681186)

- hfs NULL pointer dereference. (CVE-2011-2203).
(bnc#699709)

- inet_diag infinite loop. (CVE-2011-2213). (bnc#700879)

- netfilter: ipt_CLUSTERIP buffer overflow.
(CVE-2011-2534). (bnc#702037)

- ipv6: make fragment identifications less predictable.
(CVE-2011-2699). (bnc#707288)

- clock_gettime() panic. (CVE-2011-3209). (bnc#726064)

- qdisc NULL dereference (CVE-2011-2525) This update also fixes the following non-security issues:. (bnc#735612)

- New timesource for VMware platform. (bnc#671124)

- usblp crashes after the printer is unplugged for the second time. (bnc#673343)

- Data corruption with mpt2sas driver. (bnc#704253)

- NIC Bond no longer works when booting the XEN kernel.
(bnc#716437)

- 'reboot=b' kernel command line hangs system on reboot.
(bnc#721267)

- kernel panic at iscsi_xmitwork function. (bnc#721351)

- NFS supplementary group permissions. (bnc#725878)

- IBM LTC System z Maintenance Kernel Patches (#59).
(bnc#726843)

- NFS slowness. (bnc#727597)

- IBM LTC System z maintenance kernel patches (#60).
(bnc#728341)

- propagate MAC-address to VLAN-interface. (bnc#729117)

- ipmi deadlock in start_next_msg. (bnc#730749)

- ext3 filesystem corruption after crash. (bnc#731770)

- IBM LTC System z maintenance kernel patches (#61).
(bnc#732375)

- hangs when offlining a CPU core. (bnc#733407)

Solution

Apply ZYPP patch number 7915.

See Also

http://support.novell.com/security/cve/CVE-2010-3873.html

http://support.novell.com/security/cve/CVE-2010-4164.html

http://support.novell.com/security/cve/CVE-2010-4249.html

http://support.novell.com/security/cve/CVE-2011-1080.html

http://support.novell.com/security/cve/CVE-2011-1170.html

http://support.novell.com/security/cve/CVE-2011-1171.html

http://support.novell.com/security/cve/CVE-2011-1172.html

http://support.novell.com/security/cve/CVE-2011-1173.html

http://support.novell.com/security/cve/CVE-2011-2203.html

http://support.novell.com/security/cve/CVE-2011-2213.html

http://support.novell.com/security/cve/CVE-2011-2525.html

http://support.novell.com/security/cve/CVE-2011-2534.html

http://support.novell.com/security/cve/CVE-2011-2699.html

http://support.novell.com/security/cve/CVE-2011-3209.html

Plugin Details

Severity: High

ID: 59161

File Name: suse_kernel-7915.nasl

Version: Revision: 1.3

Type: local

Agent: unix

Published: 2012/05/17

Updated: 2012/07/24

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2012/01/10

Reference Information

CVE: CVE-2010-3873, CVE-2010-4164, CVE-2010-4249, CVE-2011-1080, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1173, CVE-2011-2203, CVE-2011-2213, CVE-2011-2525, CVE-2011-2534, CVE-2011-2699, CVE-2011-3209