Impact
remote code execution
Solution
Please Install the Updated Packages.
Insight
The SUSE Linux Enterprise 11 and openSUSE 11.1 Kernel was updated to 2.6.27.42 fixing various bugs and security issues.
Following security issues were fixed:
CVE-2009-4536: A underflow in the e1000 jumbo Ethernet frame handling could be use by link-local remote attackers to crash the machine, bypass firewalls or potentially execute code in kernel context.
This requires the attacker to be able to send Jumbo Frames to the target machine.
CVE-2009-4538: A underflow in the e1000e jumbo Ethernet frame handling could be use by link-local remote attackers to crash the machine, bypass firewalling or potentially execute code in kernel context.
This requires the attacker to be able to send Jumbo Frames to the target machine.
CVE-2009-4138: drivers/firewire/ohci.c in the Linux kernel, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field.
CVE-2009-4307: The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value).
CVE-2009-4308: The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal.
CVE-2009-3939: The poll_mode_io file for the megaraid_sas driver in the Linux kernel has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
CVE-2009-4005: The collect_rx_frame function in
drivers/isdn/hisax/hfc_usb.c in the Linux kernel allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read.
CVE-2009-3080: A negative offset in a ioctl in the GDTH RAID driver was fixed.
CVE-2009-4020: Stack-based buffer overflow in the hfs subsystem in the Linux kernel allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c.
For a complete list of changes, please look at the RPM changelog.
Affected
kernel on openSUSE 11.1, SLES 11
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-3080, CVE-2009-3939, CVE-2009-4005, CVE-2009-4020, CVE-2009-4138, CVE-2009-4307, CVE-2009-4308, CVE-2009-4536, CVE-2009-4537, CVE-2009-4538 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities