New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 5.9
Synopsis
The remote openSUSE host is missing a security update.
Description
The openSUSE 11.3 kernel was updated to fix various bugs and security issues.
Following security issues have been fixed: CVE-2011-1833: Added a kernel option to ensure ecryptfs is mounting only on paths belonging to the current ui, which would have allowed local attackers to potentially gain privileges via symlink attacks.
CVE-2011-3363: Always check the path in CIFS mounts to avoid interesting filesystem path interaction issues and potential crashes.
CVE-2011-2918: In the perf framework software event overflows could deadlock or delete an uninitialized timer.
CVE-2011-3353: In the fuse filesystem, FUSE_NOTIFY_INVAL_ENTRY did not check the length of the write so the message processing could overrun and result in a BUG_ON() in fuse_copy_fill(). This flaw could be used by local users able to mount FUSE filesystems to crash the system.
CVE-2011-3191: A signedness issue in CIFS could possibly have lead to to memory corruption, if a malicious server could send crafted replies to the host.
CVE-2011-1776: The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel did not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allowed physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577.
Following non security bugs were fixed :
- drm/radeon/kms: Fix I2C mask definitions (bnc#712023).
- ext4: Fix max file size and logical block counting of extent format file (bnc#706374).
- TTY: pty, fix pty counting (bnc#711203).
- Update Xen patches to 2.6.34.10.
- xen/blkfront: fix data size for xenbus_gather in connect().
- xen/xenbus: fix xenbus_transaction_start() hang caused by double xenbus_transaction_end().
- xen/blkback: don't fail empty barrier requests.
- xen/blktap: fix locking (bnc#685276).
- xen/xenbus: don't BUG() on user mode induced conditions (bnc#696107).
- xen/blkfront: avoid NULL de-reference in CDROM ioctl handling (bnc#701355).
- intr-remap: allow disabling source id checking (bnc#710352).
Solution
Update the affected kernel packages.