SUSE-SA:2004:024: kernel

low Nessus Plugin ID 14231

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SUSE-SA:2004:024 (kernel).

This kernel is vulnerable to a race condition in the 64-bit file offset handling code.

The file offset pointer (f_pos) is changed during reading, writing, and seeking through a file to point to the current position in a file.
The Linux kernel offers a 32bit and a 64bit API. Unfortunately the value conversion between this two APIs as well as the access to the f_pos pointer is defective.

An attacker, exploiting this flaw, would need local access to the machine. Upon successful exploitation, an attacker would be able to read potentially confidential kernel memory.

Additionally a bug in the implementation of chown(2) for updating inode times, and a denial-of-service condition that can occur while handling signals was fixed.

Solution

http://www.suse.de/security/2004_24_kernel.html

Plugin Details

Severity: Low

ID: 14231

File Name: suse_SA_2004_024.nasl

Version: 1.14

Agent: unix

Family: SuSE Local Security Checks

Published: 8/9/2004

Updated: 1/14/2021

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.7

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2004-0415

BID: 10852

Detections

Analytics