openSUSE Security Update : kernel (kernel-111)

high Nessus Plugin ID 40008

Synopsis

The remote openSUSE host is missing a security update.

Description

The openSUSE 11.0 kernel was updated to 2.6.25.11.

It fixes following security problems: CVE-2008-2812: Various tty / serial devices did not check functionpointers for NULL before calling them, leading to potential crashes or code execution. The devices affected are usually only accessible by the root user though.

CVE-2008-2750: The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel allows remote attackers to cause a denial of service (kernel heap memory corruption and system crash) and possibly have unspecified other impact via a crafted PPPOL2TP packet that results in a large value for a certain length variable.

No CVE yet: On x86_64 systems, a incorrect buffersize in LDT handling might lead to local untrusted attackers causing a crash of the machine or potentially execute code with kernel privileges.

The update also has lots of other bugfixes that are listed in the RPM changelog.

Solution

Update the affected kernel packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=216857

https://bugzilla.novell.com/show_bug.cgi?id=400815

https://bugzilla.novell.com/show_bug.cgi?id=400874

https://bugzilla.novell.com/show_bug.cgi?id=404892

https://bugzilla.novell.com/show_bug.cgi?id=408734

Plugin Details

Severity: High

ID: 40008

File Name: suse_11_0_kernel-080721.nasl

Version: 1.11

Type: local

Agent: unix

Published: 7/21/2009

Updated: 1/14/2021

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:kernel-rt, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-xen, cpe:/o:novell:opensuse:11.0

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 7/21/2008

Reference Information

CVE: CVE-2008-2750, CVE-2008-2812

CWE: 20