SUSE-SA:2010:043 -- SUSE kernel local privilege escalationID: oval:org.secpod.oval:def:400046 | Date: (C)2012-01-31 (M)2024-01-02 |
Class: PATCH | Family: unix |
The SUSE Linux Enterprise 11 GA and openSUSE 11.1 kernels were updated to fix 3 critical security issues. Following security bugs were fixed: CVE-2010-3301: Mismatch between 32bit and 64bit register usage in the system call entry paths could be used by local attackers to gain root privileges. This problem only affects x86_64 kernels. CVE-2010-3081: Incorrect buffer handling in the biarch-compat buffer handling could be used by local attackers to gain root privileges. This problem affects foremost x86_64 where a exploit exists, and potentially other biarch platforms, like PowerPC and S/390. CVE-2010-2959: Integer overflow in net/can/bcm.c in the Controller Area Network implementation in the Linux kernel allowed attackers to execute arbitrary code or cause a denial of service via crafted CAN traffic. No other bugs were fixed in this update.