Lucene search
Copyright (C) 2009 E-Soft Inc.OPENVAS:136141256231063846HistoryApr 20, 2009 - 12:00 a.m.
SuSE Security Advisory SUSE-SA:2009:021 (kernel)
2009-04-2000:00:00
Copyright (C) 2009 E-Soft Inc.
plugins.openvas.org
21
5.8 Medium
AI Score
Confidence
High
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:C/A:N
0.969 High
EPSS
Percentile
99.7%
The remote host is missing updates announced in
advisory SUSE-SA:2009:021.
# SPDX-FileCopyrightText: 2009 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.63846");
script_version("2023-07-18T05:05:36+0000");
script_tag(name:"last_modification", value:"2023-07-18 05:05:36 +0000 (Tue, 18 Jul 2023)");
script_tag(name:"creation_date", value:"2009-04-20 23:45:17 +0200 (Mon, 20 Apr 2009)");
script_cve_id("CVE-2009-0676", "CVE-2009-0835", "CVE-2009-1072");
script_tag(name:"cvss_base", value:"4.9");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:C/A:N");
script_name("SuSE Security Advisory SUSE-SA:2009:021 (kernel)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 E-Soft Inc.");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms", re:"ssh/login/release=openSUSE11\.1");
script_tag(name:"insight", value:"The Linux kernel was updated for SUSE Linux Enterprise 11 and openSUSE
11.1 fixing lots of bugs and some security issues.
The kernel was also updated to the 2.6.27.21 stable release.
CVE-2009-1072: nfsd in the Linux kernel does not drop the CAP_MKNOD
capability before handling a user request in a thread, which allows
local users to create device nodes, as demonstrated on a filesystem
that has been exported with the root_squash option.
CVE-2009-0676: The sock_getsockopt function in net/core/sock.c in
the Linux kernel does not initialize a certain structure member,
which allows local users to obtain potentially sensitive information
from kernel memory via an SO_BSDCOMPAT getsockopt request.
The fix for this was previously incomplete.
CVE-2009-0835: The __secure_computing function in kernel/seccomp.c
in the seccomp subsystem in the Linux kernel on the x86_64 platform,
when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit
process making a 64-bit syscall or (2) a 64-bit process making a
32-bit syscall, which allows local users to bypass intended access
restrictions via crafted syscalls that are misinterpreted as (a)
stat or (b) chmod.
The openSUSE 11.1 kernel was released before the easter weekend
already.");
script_tag(name:"solution", value:"Update your system with the packages as indicated in
the referenced security advisory.");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:021");
script_tag(name:"summary", value:"The remote host is missing updates announced in
advisory SUSE-SA:2009:021.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
res = "";
report = "";
if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-debug-base", rpm:"kernel-debug-base~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-debug-extra", rpm:"kernel-debug-extra~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-default-base", rpm:"kernel-default-base~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-default-extra", rpm:"kernel-default-extra~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-pae", rpm:"kernel-pae~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-pae-base", rpm:"kernel-pae-base~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-pae-extra", rpm:"kernel-pae-extra~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.27.21~0.1.1", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.27.21~0.1.1", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-trace", rpm:"kernel-trace~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-trace-base", rpm:"kernel-trace-base~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-trace-extra", rpm:"kernel-trace-extra~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-vanilla", rpm:"kernel-vanilla~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-xen-base", rpm:"kernel-xen-base~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-xen-extra", rpm:"kernel-xen-extra~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"module-init-tools", rpm:"module-init-tools~3.4~56.10.1", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-docs", rpm:"kernel-docs~2.6.3~3.13.13", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ppc64", rpm:"kernel-ppc64~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ppc64-base", rpm:"kernel-ppc64-base~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ppc64-extra", rpm:"kernel-ppc64-extra~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ps3", rpm:"kernel-ps3~2.6.27.21~0.1.2", rls:"openSUSE11.1")) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
Related
suse
suse
local privilege escalation in kernel
2009-04-16 18:23:52
potential remote code execution in kernel
2009-05-20 19:00:49
remote code execution in kernel
2009-06-08 17:54:43
openvas
openvas
SLES11: Security update for Linux kernel
2009-10-11 00:00:00
SLES11: Security update for Linux kernel
2009-10-11 00:00:00
SuSE Security Advisory SUSE-SA:2009:021 (kernel)
2009-04-20 00:00:00
nessus
nessus
SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 713 / 715 / 716)
2009-09-24 00:00:00
openSUSE Security Update : kernel (kernel-733)
2009-07-21 00:00:00
SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6237)
2009-09-24 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:30:28
Access Control Bypass
2020-04-10 00:37:50
Privilege Escalation
2020-04-10 00:33:57
prion
prion
Server side request forgery (ssrf)
2009-02-22 22:30:00
Design/Logic Flaw
2009-03-25 01:30:00
Design/Logic Flaw
2009-03-06 11:30:00
ubuntucve
ubuntucve
f5
f5
K16349 : Linux kernel vulnerability CVE-2009-0676
2015-04-01 00:00:00
SOL16349 - Linux kernel vulnerability CVE-2009-0676
2015-04-01 00:00:00
cve
cve
checkpoint_advisories
checkpoint_advisories
Linux Kernel nfsd CAP_MKNOD Security Bypass - Ver2 (CVE-2009-1072)
2015-03-26 00:00:00
Linux Kernel nfsd CAP_MKNOD Security Bypass (CVE-2009-1072)
2009-11-08 00:00:00
seebug
seebug
Linux Kernel sock.c SO_BSDCOMPATιι‘ΉδΏ‘ζ―ζ³ι²ζΌζ΄
2009-02-23 00:00:00
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2009-03-12 00:00:00
[ MDVSA-2009:071 ] kernel
2009-03-12 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-04-07 00:00:00
Linux kernel vulnerabilities
2009-04-06 00:00:00
Linux kernel vulnerabilities
2009-07-02 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2009-05-01 00:00:00
kernel security and bug fix update
2009-07-01 00:00:00
kernel security and bug fix update
2009-06-17 00:00:00
redhat
redhat
(RHSA-2009:0459) Important: kernel security and bug fix update
2009-04-30 00:00:00
(RHSA-2009:0360) Important: kernel-rt security and bug fix update
2009-03-26 00:00:00
(RHSA-2009:1132) Important: kernel security and bug fix update
2009-06-30 00:00:00
centos
centos
kernel security update
2009-05-01 10:39:17
kernel security update
2009-06-19 09:44:15
kernel security update
2009-04-01 23:53:03
osv
osv
linux-2.6 user-mode-linux - several vulnerabilities
2009-05-15 00:00:00
linux-2.6 - several vulnerabilities
2009-03-20 00:00:00
linux-2.6 - multiple vulnerabilities
2009-05-06 00:00:00
debian
debian
5.8 Medium
AI Score
Confidence
High
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:C/A:N
0.969 High
EPSS
Percentile
99.7%
Related for OPENVAS:136141256231063846