Lucene search
Copyright (c) 2010 Greenbone Networks GmbHOPENVAS:850125HistoryFeb 19, 2010 - 12:00 a.m.
SuSE Update for kernel SUSE-SA:2010:012
2010-02-1900:00:00
Copyright (c) 2010 Greenbone Networks GmbH
plugins.openvas.org
16
0.086 Low
EPSS
Percentile
93.8%
Check for the Version of kernel
###############################################################################
# OpenVAS Vulnerability Test
#
# SuSE Update for kernel SUSE-SA:2010:012
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "This kernel update for openSUSE 11.0 fixes some bugs and several
security problems.
The following security issues are fixed:
CVE-2009-4536: drivers/net/e1000/e1000_main.c in the e1000 driver
in the Linux kernel handles Ethernet frames that exceed the MTU by
processing certain trailing payload data as if it were a complete
frame, which allows remote attackers to bypass packet filters via a
large packet with a crafted payload.
CVE-2009-4538: drivers/net/e1000e/netdev.c in the e1000e driver in
the Linux kernel does not properly check the size of an Ethernet
frame that exceeds the MTU, which allows remote attackers to have an
unspecified impact via crafted packets.
CVE-2010-0007: Missing CAP_NET_ADMIN checks in the ebtables netfilter
code might have allowed local attackers to modify bridge firewall
settings.
CVE-2010-0003: An information leakage on fatal signals on x86_64
machines was fixed.
CVE-2009-4138: drivers/firewire/ohci.c in the Linux kernel, when
packet-per-buffer mode is used, allows local users to cause a denial
of service (NULL pointer dereference and system crash) or possibly
have unknown other impact via an unspecified ioctl associated with
receiving an ISO packet that contains zero in the payload-length field.
CVE-2009-4308: The ext4_decode_error function in fs/ext4/super.c
in the ext4 filesystem in the Linux kernel before 2.6.32 allows
user-assisted remote attackers to cause a denial of service (NULL
pointer dereference), and possibly have unspecified other impact,
via a crafted read-only filesystem that lacks a journal.
CVE-2009-3939: The poll_mode_io file for the megaraid_sas driver in
the Linux kernel 2.6.31.6 and earlier has world-writable permissions,
which allows local users to change the I/O mode of the driver by
modifying this file.
CVE-2009-4021: The fuse_direct_io function in fs/fuse/file.c in the
fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow
attackers to cause a denial of service (invalid pointer dereference
and OOPS) via vectors possibly related to a memory-consumption attack.
CVE-2009-3547: A race condition in the pipe(2) system call could be
used by local attackers to hang the machine. The kernel in Moblin
2.0 uses NULL ptr protection which avoids code execution possibilities.
CVE-2009-2903: Memory leak in the AppleTalk subsystem in the Linux
kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the
AppleTalk and ipddp modules are loaded but the ipddp"N" device is
not found, allows remote ...
Description truncated, for more information please check the Reference URL";
tag_impact = "local privilege escalation, remote denial of service";
tag_affected = "kernel on openSUSE 11.0";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_id(850125);
script_version("$Revision: 8205 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-21 07:30:37 +0100 (Thu, 21 Dec 2017) $");
script_tag(name:"creation_date", value:"2010-02-19 13:38:15 +0100 (Fri, 19 Feb 2010)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name: "SUSE-SA", value: "2010-012");
script_cve_id("CVE-2009-1633", "CVE-2009-2848", "CVE-2009-2903", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3238", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3939", "CVE-2009-4021", "CVE-2009-4138", "CVE-2009-4308", "CVE-2009-4536", "CVE-2009-4538", "CVE-2010-0003", "CVE-2010-0007");
script_name("SuSE Update for kernel SUSE-SA:2010:012");
script_tag(name: "summary" , value: "Check for the Version of kernel");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "openSUSE11.0")
{
if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug-debugsource", rpm:"kernel-debug-debugsource~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default-debuginfo", rpm:"kernel-default-debuginfo~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default-debugsource", rpm:"kernel-default-debugsource~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-pae-debuginfo", rpm:"kernel-pae-debuginfo~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-pae-debugsource", rpm:"kernel-pae-debugsource~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-source-debuginfo", rpm:"kernel-source-debuginfo~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-vanilla-debuginfo", rpm:"kernel-vanilla-debuginfo~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-vanilla-debugsource", rpm:"kernel-vanilla-debugsource~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen-debugsource", rpm:"kernel-xen-debugsource~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"acerhk-kmp-debug", rpm:"acerhk-kmp-debug~0.5.35_2.6.25.20_0.6~98.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"acx-kmp-debug-20080210", rpm:"acx-kmp-debug-20080210~2.6.25.20_0.6~4.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"appleir-kmp-debug", rpm:"appleir-kmp-debug~1.1_2.6.25.20_0.6~108.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"at76_usb-kmp-debug", rpm:"at76_usb-kmp-debug~0.17_2.6.25.20_0.6~2.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"atl2-kmp-debug", rpm:"atl2-kmp-debug~2.0.4_2.6.25.20_0.6~4.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"aufs-kmp-debug-cvs20080429", rpm:"aufs-kmp-debug-cvs20080429~2.6.25.20_0.6~13.3", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"dazuko-kmp-debug", rpm:"dazuko-kmp-debug~2.3.4.4_2.6.25.20_0.6~42.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"drbd-kmp-debug", rpm:"drbd-kmp-debug~8.2.6_2.6.25.20_0.6~0.2", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gspcav-kmp-debug", rpm:"gspcav-kmp-debug~01.00.20_2.6.25.20_0.6~1.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"iscsitarget-kmp-debug", rpm:"iscsitarget-kmp-debug~0.4.15_2.6.25.20_0.6~63.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ivtv-kmp-debug", rpm:"ivtv-kmp-debug~1.0.3_2.6.25.20_0.6~66.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-pae", rpm:"kernel-pae~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-vanilla", rpm:"kernel-vanilla~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.25.20~0.6", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kqemu-kmp-debug", rpm:"kqemu-kmp-debug~1.3.0pre11_2.6.25.20_0.6~7.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"nouveau-kmp-debug", rpm:"nouveau-kmp-debug~0.10.1.20081112_2.6.25.20_0.6~0.4", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"omnibook-kmp-debug-20080313", rpm:"omnibook-kmp-debug-20080313~2.6.25.20_0.6~1.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"pcc-acpi-kmp-debug", rpm:"pcc-acpi-kmp-debug~0.9_2.6.25.20_0.6~4.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"pcfclock-kmp-debug", rpm:"pcfclock-kmp-debug~0.44_2.6.25.20_0.6~207.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"tpctl-kmp-debug", rpm:"tpctl-kmp-debug~4.17_2.6.25.20_0.6~189.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"uvcvideo-kmp-debug-r200", rpm:"uvcvideo-kmp-debug-r200~2.6.25.20_0.6~2.4", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"virtualbox-ose-kmp-debug", rpm:"virtualbox-ose-kmp-debug~1.5.6_2.6.25.20_0.6~33.5", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"vmware-kmp-debug", rpm:"vmware-kmp-debug~2008.04.14_2.6.25.20_0.6~21.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"wlan-ng-kmp-debug", rpm:"wlan-ng-kmp-debug~0.2.8_2.6.25.20_0.6~107.1", rls:"openSUSE11.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
References
Related
suse
suse
local privilege escalation, remote denial of in kernel
2010-02-15 16:54:24
remote denial of service in kernel
2009-12-02 17:15:31
local privilege escalation in kernel
2009-11-16 13:03:36
openvas
openvas
SuSE Update for kernel SUSE-SA:2010:012
2010-02-19 00:00:00
SuSE Security Advisory SUSE-SA:2009:060 (kernel)
2009-12-10 00:00:00
SLES11: Security update for Linux kernel
2009-12-03 00:00:00
nessus
nessus
openSUSE Security Update : kernel (kernel-1908)
2010-02-16 00:00:00
openSUSE Security Update : kernel (kernel-1593)
2009-12-01 00:00:00
redhat
redhat
(RHSA-2009:1670) Important: kernel security and bug fix update
2009-12-15 00:00:00
(RHSA-2009:1671) Important: kernel security and bug fix update
2009-12-15 00:00:00
centos
centos
kernel security update
2009-12-17 12:56:30
kernel security update
2009-12-18 19:00:39
kernel security update
2010-03-18 10:55:12
oraclelinux
oraclelinux
kernel security and bug fix update
2009-12-16 00:00:00
kernel security and bug fix update
2009-12-16 00:00:00
kernel security and bug fix update
2010-03-17 00:00:00
osv
osv
linux-2.6 - several vulnerabilities
2009-11-05 00:00:00
linux-2.6.24 - several vulnerabilities
2009-11-05 00:00:00
linux-2.6 - several vulnerabilities
2009-11-05 00:00:00
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2009-11-08 00:00:00
debian
debian
ubuntu
ubuntu
Linux kernel vulnerabilities
2010-02-05 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: kernel-2.6.30.10-105.2.4.fc11
2010-01-22 22:36:26
[SECURITY] Fedora 11 Update: kernel-2.6.30.10-105.2.13.fc11
2010-02-05 01:48:41
[SECURITY] Fedora 11 Update: kernel-2.6.30.10-105.2.23.fc11
2010-02-12 04:48:05
ubuntucve
ubuntucve
CVE-2009-4538
2010-01-12 00:00:00