Lucene search
SuSE Update for kernel SUSE-SA:2010:046
🗓️ 01 Oct 2010 00:00:00Reported by Copyright (c) 2010 Greenbone Networks GmbHType 
openvas🔗 plugins.openvas.org👁 32 Views
SuSE Update for kernel SUSE-SA:2010:046 addressing multiple security issues and bug
Show more
| Reporter | Title | Published | Views | Family All 199 |
|---|---|---|---|---|
| SuSE Update for kernel SUSE-SA:2010:046 | 1 Oct 201000:00 | – | openvas |
| SuSE Update for kernel SUSE-SA:2010:047 | 11 Jan 201100:00 | – | openvas |
| SuSE Update for kernel SUSE-SA:2010:047 | 11 Jan 201100:00 | – | openvas |
| Fedora Update for kernel FEDORA-2010-14890 | 22 Sep 201000:00 | – | openvas |
| Fedora Update for kernel FEDORA-2010-14890 | 22 Sep 201000:00 | – | openvas |
| Fedora Update for kernel FEDORA-2010-14235 | 10 Sep 201000:00 | – | openvas |
| Fedora Update for kernel FEDORA-2010-14235 | 10 Sep 201000:00 | – | openvas |
| Fedora Update for kernel FEDORA-2010-14878 | 22 Sep 201000:00 | – | openvas |
| Fedora Update for kernel FEDORA-2010-14878 | 22 Sep 201000:00 | – | openvas |
| Debian: Security Advisory (DSA-2110-1) | 10 Oct 201000:00 | – | openvas |
10
###############################################################################
# OpenVAS Vulnerability Test
#
# SuSE Update for kernel SUSE-SA:2010:046
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "This openSUSE 11.2 kernel was updated to 2.6.31.14, fixing several
security issues and bugs.
A lot of ext4 filesystem stability fixes were also added.
Following security issues have been fixed:
CVE-2010-3301: Mismatch between 32bit and 64bit register usage in the
system call entry path could be used by local attackers to gain root
privileges. This problem only affects x86_64 kernels.
CVE-2010-3081: Incorrect buffer handling in the biarch-compat buffer
handling could be used by local attackers to gain root privileges. This
problem affects foremost x86_64, or potentially other biarch platforms,
like PowerPC and S390x.
CVE-2010-2959: Integer overflow in net/can/bcm.c in the Controller
Area Network (CAN) implementation in the Linux kernel allowed attackers
to execute arbitrary code or cause a denial of service (system crash)
via crafted CAN traffic.
CVE-2010-3084: A buffer overflow in the ETHTOOL_GRXCLSRLALL code
could be used to crash the kernel or potentially execute code.
CVE-2010-2955: A kernel information leak via the WEXT ioctl was fixed.
CVE-2010-2960: The keyctl_session_to_parent function in
security/keys/keyctl.c in the Linux kernel expects that a certain
parent session keyring exists, which allowed local users to cause
a denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT
argument to the keyctl function.
CVE-2010-3080: A double free in an alsa error path was fixed, which
could lead to kernel crashes.
CVE-2010-3079: Fixed a ftrace NULL pointer dereference problem which
could lead to kernel crashes.
CVE-2010-3298: Fixed a kernel information leak in the net/usb/hso driver.
CVE-2010-3296: Fixed a kernel information leak in the cxgb3 driver.
CVE-2010-3297: Fixed a kernel information leak in the net/eql driver.
CVE-2010-3078: Fixed a kernel information leak in the xfs filesystem.
CVE-2010-2942: Fixed a kernel information leak in the net scheduler code.
CVE-2010-2954: The irda_bind function in net/irda/af_irda.c in the
Linux kernel did not properly handle failure of the irda_open_tsap
function, which allowed local users to cause a denial of service
(NULL pointer dereference and panic) and possibly have unspecified
other impact via multiple unsuccessful calls to bind on an AF_IRDA
(aka PF_IRDA) socket.
CVE-2010-2226: The xfs_swapext function in fs/xfs/xfs_dfrag.c in the
Linux kernel did not properly check the file descriptors passed to
the SWAPEXT ioctl, which allowed local users to leverag ...
Description truncated, for more information please check the Reference URL";
tag_solution = "Please Install the Updated Packages.";
tag_impact = "local privilege escalation";
tag_affected = "kernel on openSUSE 11.2";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.850143");
script_version("$Revision: 8207 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-21 08:30:12 +0100 (Thu, 21 Dec 2017) $");
script_tag(name:"creation_date", value:"2010-10-01 08:16:52 +0200 (Fri, 01 Oct 2010)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name: "SUSE-SA", value: "2010-046");
script_cve_id("CVE-2009-1389", "CVE-2009-4537", "CVE-2010-1087", "CVE-2010-1146", "CVE-2010-1148", "CVE-2010-1162", "CVE-2010-1437", "CVE-2010-1636", "CVE-2010-1641", "CVE-2010-2066", "CVE-2010-2071", "CVE-2010-2226", "CVE-2010-2248", "CVE-2010-2478", "CVE-2010-2492", "CVE-2010-2495", "CVE-2010-2521", "CVE-2010-2524", "CVE-2010-2537", "CVE-2010-2538", "CVE-2010-2798", "CVE-2010-2803", "CVE-2010-2942", "CVE-2010-2946", "CVE-2010-2954", "CVE-2010-2955", "CVE-2010-2959", "CVE-2010-2960", "CVE-2010-3015", "CVE-2010-3078", "CVE-2010-3079", "CVE-2010-3080", "CVE-2010-3081", "CVE-2010-3084", "CVE-2010-3296", "CVE-2010-3297", "CVE-2010-3298", "CVE-2010-3301");
script_name("SuSE Update for kernel SUSE-SA:2010:046");
script_tag(name: "summary" , value: "Check for the Version of kernel");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "openSUSE11.2")
{
if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug-base", rpm:"kernel-debug-base~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default-base", rpm:"kernel-default-base~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default-devel", rpm:"kernel-default-devel~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-desktop", rpm:"kernel-desktop~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-desktop-base", rpm:"kernel-desktop-base~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-desktop-devel", rpm:"kernel-desktop-devel~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-pae", rpm:"kernel-pae~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-pae-base", rpm:"kernel-pae-base~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-pae-devel", rpm:"kernel-pae-devel~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-trace", rpm:"kernel-trace~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-trace-base", rpm:"kernel-trace-base~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-trace-devel", rpm:"kernel-trace-devel~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-vanilla", rpm:"kernel-vanilla~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-vanilla-base", rpm:"kernel-vanilla-base~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-vanilla-devel", rpm:"kernel-vanilla-devel~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen-base", rpm:"kernel-xen-base~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~2.6.31.14~0.1.1", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"preload-kmp-default", rpm:"preload-kmp-default~1.1_2.6.31.14_0.1~6.9.26", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"preload-kmp-desktop", rpm:"preload-kmp-desktop~1.1_2.6.31.14_0.1~6.9.26", rls:"openSUSE11.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo01 Oct 2010 00:00Current
0.4Low risk
Vulners AI Score0.4
EPSS0.29082