openSUSE Security Update : kernel (kernel-2089)

high Nessus Plugin ID 45010

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

The openSUSE 11.0 kernel was updated to fix following security issues :

CVE-2009-4020: Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c.

CVE-2010-0307: The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.

CVE-2010-0622: The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space.

CVE-2010-0410: drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages.

CVE-2010-0415: The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set.

Solution

Update the affected kernel packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=564374

https://bugzilla.novell.com/show_bug.cgi?id=575644

https://bugzilla.novell.com/show_bug.cgi?id=576927

https://bugzilla.novell.com/show_bug.cgi?id=577753

https://bugzilla.novell.com/show_bug.cgi?id=579439

https://bugzilla.novell.com/show_bug.cgi?id=581718

Plugin Details

Severity: High

ID: 45010

File Name: suse_11_0_kernel-100301.nasl

Version: 1.15

Type: local

Agent: unix

Published: 3/9/2010

Updated: 1/14/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:ivtv-kmp-debug, p-cpe:/a:novell:opensuse:vmware-kmp-debug, p-cpe:/a:novell:opensuse:pcc-acpi-kmp-debug, p-cpe:/a:novell:opensuse:kernel-pae, p-cpe:/a:novell:opensuse:appleir-kmp-debug, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:wlan-ng-kmp-debug, p-cpe:/a:novell:opensuse:kqemu-kmp-debug, p-cpe:/a:novell:opensuse:nouveau-kmp-debug, p-cpe:/a:novell:opensuse:at76_usb-kmp-debug, p-cpe:/a:novell:opensuse:omnibook-kmp-debug, p-cpe:/a:novell:opensuse:atl2-kmp-debug, p-cpe:/a:novell:opensuse:gspcav-kmp-debug, p-cpe:/a:novell:opensuse:aufs-kmp-debug, p-cpe:/a:novell:opensuse:dazuko-kmp-debug, p-cpe:/a:novell:opensuse:tpctl-kmp-debug, cpe:/o:novell:opensuse:11.0, p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug, p-cpe:/a:novell:opensuse:uvcvideo-kmp-debug, p-cpe:/a:novell:opensuse:kernel-debug, p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug, p-cpe:/a:novell:opensuse:drbd-kmp-debug, p-cpe:/a:novell:opensuse:kernel-xen, p-cpe:/a:novell:opensuse:acx-kmp-debug, p-cpe:/a:novell:opensuse:kernel-vanilla, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:pcfclock-kmp-debug, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:acerhk-kmp-debug

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/1/2010

Reference Information

CVE: CVE-2009-4020, CVE-2010-0307, CVE-2010-0410, CVE-2010-0415, CVE-2010-0622

CWE: 119, 399