[Forgot Password]
Login  Register Subscribe

23631

 
 

122183

 
 

98060

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SA:2010:031 -- SUSE kernel remote denial of service

ID: oval:org.secpod.oval:def:400050Date: (C)2012-01-31   (M)2017-10-04
Class: PATCHFamily: unix




The SUSE Linux Enterprise 11 GA Kernel was updated to 2.6.27.48 fixing various bugs and security issues. CVE-2010-1641: The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request. CVE-2010-1087: The nfs_wait_on_request function in fs/nfs/pagelist.c in the Linux kernel allows attackers to cause a denial of service via unknown vectors related to truncating a file and an operation that is not interruptible. CVE-2010-1643: mm/shmem.c in the Linux kernel, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2010-1437: Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel allows local users to cause a denial of service or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function. CVE-2010-1446: arch/1/mm/fsl_booke_mmu.c in KGDB in the Linux kernel, when running on PowerPC, does not properly perform a security check for access to a kernel page, which allows local users to overwrite arbitrary kernel memory, related to Fsl booke. CVE-2010-1162: The release_one_tty function in drivers/char/tty_io.c in the Linux kernel omits certain required calls to the put_pid function, which has unspecified impact and local attack vectors. CVE-2009-4537: drivers/net/r8169.c in the r8169 driver in the Linux kernel does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to cause a denial of service via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or cause a denial of service via a packet with a crafted size, in conjunction with certain packets containing "0" characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389. Code execution might be possible.

Platform:
openSUSE 11.1
Product:
kernel
Reference:
SUSE-SA:2010:031
CVE-2009-1389
CVE-2009-4537
CVE-2010-1087
CVE-2010-1162
CVE-2010-1437
CVE-2010-1446
CVE-2010-1641
CVE-2010-1643
CVE    8
CVE-2010-1087
CVE-2010-1162
CVE-2010-1437
CVE-2010-1446
...

© 2013 SecPod Technologies