Detections
Analytics
openSUSE Security Update : kernel (kernel-932)
high Nessus Plugin ID 40250
Synopsis
The remote openSUSE host is missing a security update.Description
This Linux kernel update for openSUSE 11.1 fixes lots of bugs and some security issues. The kernel was also updated to the 2.6.27.23 stable release.Following security issues have been fixed: CVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.
This requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.
CVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.
The GCC option -fwrapv has been added to compilation to work around potentially removing integer overflow checks.
CVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent.
CVE-2009-1242: The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform.
CVE-2009-1360: The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets.
CVE-2009-1192: drivers/char/agp/generic.c in the agp subsystem in the Linux kernel does not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages.
Additionaly a lot of bugs have been fixed and are listed in the RPM changelog.
Solution
Update the affected kernel packages.See Also
https://bugzilla.novell.com/show_bug.cgi?id=408304
https://bugzilla.novell.com/show_bug.cgi?id=459065
https://bugzilla.novell.com/show_bug.cgi?id=460284
https://bugzilla.novell.com/show_bug.cgi?id=464360
https://bugzilla.novell.com/show_bug.cgi?id=465854
https://bugzilla.novell.com/show_bug.cgi?id=467518
https://bugzilla.novell.com/show_bug.cgi?id=474062
https://bugzilla.novell.com/show_bug.cgi?id=483706
https://bugzilla.novell.com/show_bug.cgi?id=484931
https://bugzilla.novell.com/show_bug.cgi?id=486430
https://bugzilla.novell.com/show_bug.cgi?id=486803
https://bugzilla.novell.com/show_bug.cgi?id=487106
https://bugzilla.novell.com/show_bug.cgi?id=487755
https://bugzilla.novell.com/show_bug.cgi?id=487987
https://bugzilla.novell.com/show_bug.cgi?id=489005
https://bugzilla.novell.com/show_bug.cgi?id=489105
https://bugzilla.novell.com/show_bug.cgi?id=490368
https://bugzilla.novell.com/show_bug.cgi?id=490608
https://bugzilla.novell.com/show_bug.cgi?id=490902
https://bugzilla.novell.com/show_bug.cgi?id=491289
https://bugzilla.novell.com/show_bug.cgi?id=491430
https://bugzilla.novell.com/show_bug.cgi?id=492282
https://bugzilla.novell.com/show_bug.cgi?id=492760
https://bugzilla.novell.com/show_bug.cgi?id=492768
https://bugzilla.novell.com/show_bug.cgi?id=493392
https://bugzilla.novell.com/show_bug.cgi?id=493991
https://bugzilla.novell.com/show_bug.cgi?id=494463
https://bugzilla.novell.com/show_bug.cgi?id=495068
https://bugzilla.novell.com/show_bug.cgi?id=495515
https://bugzilla.novell.com/show_bug.cgi?id=495668
https://bugzilla.novell.com/show_bug.cgi?id=495816
https://bugzilla.novell.com/show_bug.cgi?id=496027
https://bugzilla.novell.com/show_bug.cgi?id=496353
https://bugzilla.novell.com/show_bug.cgi?id=496398
https://bugzilla.novell.com/show_bug.cgi?id=496399
https://bugzilla.novell.com/show_bug.cgi?id=496502
https://bugzilla.novell.com/show_bug.cgi?id=496878
https://bugzilla.novell.com/show_bug.cgi?id=497807
https://bugzilla.novell.com/show_bug.cgi?id=498042
https://bugzilla.novell.com/show_bug.cgi?id=498237
https://bugzilla.novell.com/show_bug.cgi?id=499558
https://bugzilla.novell.com/show_bug.cgi?id=499772
https://bugzilla.novell.com/show_bug.cgi?id=499845
https://bugzilla.novell.com/show_bug.cgi?id=500508
https://bugzilla.novell.com/show_bug.cgi?id=501114
https://bugzilla.novell.com/show_bug.cgi?id=501160
https://bugzilla.novell.com/show_bug.cgi?id=501224
https://bugzilla.novell.com/show_bug.cgi?id=501234
https://bugzilla.novell.com/show_bug.cgi?id=502026
https://bugzilla.novell.com/show_bug.cgi?id=502425
https://bugzilla.novell.com/show_bug.cgi?id=502733
https://bugzilla.novell.com/show_bug.cgi?id=502903
https://bugzilla.novell.com/show_bug.cgi?id=503038
https://bugzilla.novell.com/show_bug.cgi?id=503101
https://bugzilla.novell.com/show_bug.cgi?id=503161
https://bugzilla.novell.com/show_bug.cgi?id=503457
Plugin Details
Severity: High
ID: 40250
File Name: suse_11_1_kernel-090527.nasl
Version: 1.16
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 7/21/2009
Updated: 1/14/2021
Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.0
CVSS v2
Risk Factor: High
Base Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
Vulnerability Information
CPE: p-cpe:/a:novell:opensuse:kqemu-kmp-trace, p-cpe:/a:novell:opensuse:vmware-kmp-debug, p-cpe:/a:novell:opensuse:pcfclock-kmp-trace, p-cpe:/a:novell:opensuse:ofed-kmp-trace, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:ofed-kmp-debug, p-cpe:/a:novell:opensuse:intel-iamt-heci-kmp-debug, p-cpe:/a:novell:opensuse:kernel-trace-base, p-cpe:/a:novell:opensuse:vmware-kmp-trace, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:kqemu-kmp-debug, p-cpe:/a:novell:opensuse:intel-iamt-heci-kmp-trace, p-cpe:/a:novell:opensuse:iscsitarget-kmp-trace, p-cpe:/a:novell:opensuse:oracleasm-kmp-trace, p-cpe:/a:novell:opensuse:kernel-pae-extra, p-cpe:/a:novell:opensuse:kernel-xen-base, p-cpe:/a:novell:opensuse:oracleasm-kmp-debug, p-cpe:/a:novell:opensuse:dazuko-kmp-trace, p-cpe:/a:novell:opensuse:brocade-bfa-kmp-trace, p-cpe:/a:novell:opensuse:kernel-default-extra, p-cpe:/a:novell:opensuse:kvm-kmp-trace, p-cpe:/a:novell:opensuse:aufs-kmp-debug, p-cpe:/a:novell:opensuse:dazuko-kmp-debug, p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-trace, p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug, p-cpe:/a:novell:opensuse:kernel-debug-extra, p-cpe:/a:novell:opensuse:kernel-trace-extra, cpe:/o:novell:opensuse:11.1, p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug, p-cpe:/a:novell:opensuse:drbd-kmp-debug, p-cpe:/a:novell:opensuse:kernel-trace, p-cpe:/a:novell:opensuse:drbd-kmp-trace, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-pae-base, p-cpe:/a:novell:opensuse:lirc-kmp-trace, p-cpe:/a:novell:opensuse:aufs-kmp-trace, p-cpe:/a:novell:opensuse:kernel-xen-extra, p-cpe:/a:novell:opensuse:kernel-debug-base, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:pcfclock-kmp-debug, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:brocade-bfa-kmp-debug
Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu
Patch Publication Date: 5/27/2009
Reference Information
CVE: CVE-2009-1192, CVE-2009-1242, CVE-2009-1265, CVE-2009-1337, CVE-2009-1360, CVE-2009-1439