New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 9.4
SynopsisThe remote SuSE 11 host is missing one or more security updates.
DescriptionThe SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix a critical privilege escalation security issue :
- The futex acquisition code in kernel/futex.c can be used to gain ring0 access via the futex syscall. This could be used for privilege escalation by non-root users.
SolutionApply SAT patch number 9328 / 9329 / 9330 as appropriate.