openSUSE 10 Security Update : kernel (kernel-2705)

high Nessus Plugin ID 27293

Synopsis

The remote openSUSE host is missing a security update.

Description

This kernel update fixes the following security problems :

- CVE-2006-5751: An integer overflow in the networking bridge ioctl starting with Kernel 2.6.7 could be used by local attackers to overflow kernel memory buffers and potentially escalate privileges [#222656]

- CVE-2006-6106: Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel allowed remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.
[#227603]

- CVE-2006-5749: The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux kernel does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash. [#229619]

- CVE-2006-5753: Unspecified vulnerability in the listxattr system call in Linux kernel, when a 'bad inode' is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges. [#230270]

- CVE-2007-0006: The key serial number collision avoidance code in the key_alloc_serial function allows local users to cause a denial of service (crash) via vectors that trigger a null dereference. [#243003]

- CVE-2007-0772: A remote denial of service problem on NFSv2 mounts with ACL enabled was fixed. [#244909]

Furthermore, it catches up to the mainline kernel, version 2.6.18.8, and contains a large number of additional fixes for non security bugs.

Solution

Update the affected kernel packages.

Plugin Details

Severity: High

ID: 27293

File Name: suse_kernel-2705.nasl

Version: 1.14

Type: local

Agent: unix

Published: 10/17/2007

Updated: 1/14/2021

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-xenpae, p-cpe:/a:novell:opensuse:kernel-source, cpe:/o:novell:opensuse:10.2, p-cpe:/a:novell:opensuse:kernel-bigsmp, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-xen

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 3/6/2007

Reference Information

CVE: CVE-2006-5749, CVE-2006-5751, CVE-2006-5753, CVE-2006-6106, CVE-2007-0006, CVE-2007-0772

CWE: 399