remote denial of service

Please Install the Updated Packages.

The Linux kernel on the SUSE Linux Enterprise 10 Service Pack 1 line of products was updated to fix quite a number of security problems: CVE-2007-6282: A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets (default filtered by the firewall). CVE-2008-2136: A problem in SIT IPv6 tunnel handling could be used by remote attackers to immediately crash the machine. CVE-2008-1615: On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. CVE-2007-6206: An information leakage during core dumping of root processes was fixed. CVE-2008-1669: Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. CVE-2008-1375: Fixed a dnotify race condition, which could be used by local attackers to potentially execute code. CVE-2007-5500: A ptrace bug could be used by local attackers to hang their own processes indefinitely. CVE-2008-1367: Clear the &quot direction&quot flag before calling signal handlers. For specific not yet identified programs under specific timing conditions this could potentially have caused memory corruption or code execution. CVE-2007-6151: The isdn_ioctl function in isdn_common.c allowed local users to cause a denial of service via a crafted ioctl struct in which ioctls is not null terminated, which triggers a buffer overflow. Non security related changes: OCFS2 was updated to version v1.2.9-1-r3100. Also a huge number of bugs were fixed. Please refer to the RPM changelog for a detailed list.

kernel on SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1

• http://www.novell.com/linux/security/advisories/2008_32_kernel.html

---

Updated on 2015-03-25