remote denial of service

Please Install the Updated Packages.

The openSUSE 11.0 kernel was updated to 2.6.25.16. It fixes various stability bugs and also security bugs. CVE-2008-1673: Fixed the range checking in the ASN.1 decoder in NAT for SNMP and CIFS, which could have been used by a remote attacker to crash the machine. CVE-2008-3276: An integer overflow flaw was found in the Linux kernel dccp_setsockopt_change() function. An attacker may leverage this vulnerability to trigger a kernel panic on a victim's machine remotely. CVE-2008-3272: The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information. CVE-2008-3275: The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service (&quot overflow&quot of the UBIFS orphan area) via a series of attempted file creations within deleted directories. Also lots of bugs were fixed.

kernel on openSUSE 11.0

• http://www.novell.com/linux/security/advisories/2008_44_kernel.html

---

Updated on 2015-03-25