The Linux kernel for openSUSE 11.2 was updated to 2.6.31.8 fixing lots of bugs and several security issues. Following security issues were fixed: CVE-2009-4131: A file overwrite issue on the ext4 filesystem could be used by local attackers that have write access to a filesystem to change/overwrite files of other users, including root. CVSS v2 Base Score: 7.2 CVE-2009-1298: A remote denial of service by sending overly long packets could be used by remote attackers to crash a machine. CVSS v2 Base Score: 7.8 CVE-2009-4026: The mac80211 subsystem in the Linux kernel allows remote attackers to cause a denial of service via a crafted Delete Block ACK packet, related to an erroneous &qt code shuffling patch. &qt CVSS v2 Base Score: 7.8 CVE-2009-4027: Race condition in the mac80211 subsystem in the Linux kernel allows remote attackers to cause a denial of service via a Delete Block ACK packet that triggers a certain state change in the absence of an aggregation session. CVSS v2 Base Score: 7.1 CVE-2009-3939: The poll_mode_io file for the megaraid_sas driver in the Linux kernel has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file. CVSS v2 Base Score: 6.6 CVE-2009-4005: The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. This requires the attacker to access the machine on ISDN protocol level. CVSS v2 Base Score: 7.2 CVE-2009-3080: Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. CVSS v2 Base Score: 7.2 CVE-2009-3624: The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service via vectors involving calls to this function without specifying a keyring by ID, as demonstrated by a series of keyctl request2 and keyctl list commands. CVSS v2 Base Score: 4.6 CVE-2009-4021: The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel might allow attackers to cause a denial of service via vectors possibly related to a memory-consumption attack. CVSS v2 Base Score: 4.9 CVE-2009-3547: Multiple race conditions in fs/pipe.c in the Linux kernel allow local users to cause a denial of service or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. As openSUSE 11.2 by default sets mmap_min_addr protection, this issue will just Oops the kernel and not be able to execute code. CVSS v2 Base Score: 6.9 CVE-2009-3621: net/unix/af_unix.c in the Linux kernel allows local users to cause a denial of service by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. CVSS v2 Base Score: 4.9 CVE-2009-4138: drivers/firewire/ohci.c in the Linux kernel when packet-per-buffer mode is used, allows local users to cause a denial of service or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field. CVSS v2 Base Score: 4.7 CVE-2009-4308: The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel allows user-assisted remote attackers to cause a denial of service , and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal. CVSS v2 Base Score: 7.1 CVE-2009-4307: The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel allows user-assisted remote attackers to cause a denial of service via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size . CVSS v2 Base Score: 7.1 CVE-2009-4306: Unspecified vulnerability in the EXT4_IOC_MOVE_EXT ioctl implementation in the ext4 filesystem in the Linux kernel allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2009-4131. CVSS v2 Base Score: 4.9 CVE-2009-4131: The EXT4_IOC_MOVE_EXT ioctl implementation in the ext4 filesystem in the Linux kernel allows local users to overwrite arbitrary files via a crafted request, related to insufficient checks for file permissions. This can lead to privilege escalations. CVSS v2 Base Score: 7.2 Also, the rt2870 and rt2860 drivers were refreshed to the level they are in the Linux 2.6.32 kernel, bringing new device support and new functionality.