Impact
remote denial of service
Solution
Please Install the Updated Packages.
Insight
This update fixes various security issues and some bugs in the SUSE Linux Enterprise 9 kernel.
Following security issues were fixed:
CVE-2010-2521: A crafted NFS write request might have caused a buffer overwrite, potentially causing a kernel crash.
CVE-2008-0598: The x86_64 copy_to_user implementation might have leaked kernel memory depending on specific user buffer setups.
CVE-2009-4537: drivers/net/r8169.c in the r8169 driver in the Linux kernel did not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters
or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.
CVE-2010-1188: Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux kernel 2.6 when IPV6_RECVPKTINFO is set on a listening socket, allowed remote attackers to cause a denial of service (kernel panic) via a SYN packet while the socket is in a listening (TCP_LISTEN) state, which is not properly handled causes the skb structure to be freed.
CVE-2008-3275: The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel did not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allowed local users to cause a denial of service (" overflow"
of
the UBIFS orphan area) via a series of attempted file creations within deleted directories.
CVE-2007-6733: The nfs_lock function in fs/nfs/file.c in the Linux kernel did not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on an NFS filesystem and then changing this files permissions, a related issue to CVE-2010-0727.
CVE-2007-6206: The do_coredump function in fs/exec.c in Linux kernel did not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might have allowed local users to obtain sensitive information.
CVE-2010-1088: fs/namei.c in the Linux kernel did not always follow NFS automount "
sy ...
Description truncated, for more information please check the Reference URL
Affected
kernel on SUSE SLES 9
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2007-6206, CVE-2007-6733, CVE-2008-0598, CVE-2008-3275, CVE-2009-1389, CVE-2009-4020, CVE-2009-4537, CVE-2010-0727, CVE-2010-1083, CVE-2010-1088, CVE-2010-1188, CVE-2010-2521 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities