SuSE Update For Kernel SUSE-SA:2010:053 Network Vulnerability

Impact

local privilege escalation

Solution

Please Install the Updated Packages.

Insight

The openSUSE 11.2 and 11.3 kernels were updated to fix 2 critical security issues and some small bugs. Following security issues were fixed: CVE-2010-3904: A local privilege escalation in RDS sockets allowed local attackers to gain root privileges. We thank Dan Rosenberg for reporting this problem. CVE-2010-2963: A problem in the compat ioctl handling in video4linux allowed local attackers with a video device plugged in to gain root privileges on x86_64 systems. We thank Kees Cook for reporting this problem.

Affected

kernel on openSUSE 11.2

References

http://www.novell.com/linux/security/advisories/2010_53_kernel.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2963, CVE-2010-3904

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SLES10: Security update for compat-curl2
SLES10: Security update for nagios
SLES10: Security update for libxslt
SLES10: Security update for liblcms
SLES10: Security update for net-snmp

SuSE Update for kernel SUSE-SA:2010:053

Take action and discover your vulnerabilities