SuSE Update for kernel SUSE-SA:2008:047

Impact
remote denial of service
Solution
Please Install the Updated Packages.
Insight
The Linux kernel in the SUSE Linux Enterprise Server 9 Service Pack 4 was released to fix various bugs and also some security problems: CVE-2007-6716: Zero the struct dio with kzalloc instead of doing it member-wise, this could have leaked information from the kernel. CVE-2008-3525: Added missing capability checks in sbni_ioctl(). CVE-2008-0598: On AMD64 some string operations could leak kernel information into user space. CVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules. CVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel. CVE-2008-2812: Various NULL ptr checks have been added to tty op functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited. More details are available in the package changelog.
Affected
kernel on SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9
References