Impact
remote denial of service
Solution
Please Install the Updated Packages.
Insight
This kernel security update for SUSE Linux Enterprise 10 Service Pack 2 fixes lots of bugs and some security issues:
CVE-2008-0598: Fixed an information leak in the x86_64 version of the string copy routines.
CVE-2008-1673: Fixed range checking in previous ASN.1 fixes for CIFS and SNMP NAT netfilter module.
CVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel.
CVE-2008-3275: Fixed a memory leak when looking up deleted directories which could be used to run the system out of memory.
The full amount of changes can be reviewed in the RPM changelog.
Affected
kernel on SLE SDK 10 SP2, SUSE Linux Enterprise Desktop 10 SP2, SUSE Linux Enterprise 10 SP2 DEBUGINFO, SUSE Linux Enterprise Server 10 SP2
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-0598, CVE-2008-1673, CVE-2008-3272, CVE-2008-3275 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities