SuseSUSE-SA:2005:021local privilege escalation in kernel
0.0004 Low
EPSS
Percentile
8.1%
This Linux kernel security update fixes a problem within the Bluetooth kernel stack which can be used by a local attacker to gain root access or crash the machine.
Solution
Please install the updated packages. A workaround is to disable Bluetooth by using: - Remove or move away the bluetooth core module. On 2.6 kernels this is the file: /lib/modules/<kernel version>/kernel/net/bluetooth/bluetooth.ko On 2.4 kernels this is the file: /lib/modules/<kernel version>/kernel/net/bluetooth/bluez.o - Disable auto load of the bluetooth protocol module by commenting out the line: alias net-pf-31 bluez in /etc/modules.conf (2.4 systems) or the line: alias net-pf-31 bluetooth in /etc/modprobe.conf (2.6 systems). Make sure the module is not loaded, or run "rmmod bluetooth" / "rmmod bluez".
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 9.0 | i586 | intel-536ep | < 4.62-24 | Intel-536ep-4.62-24.i586.rpm |
| openSUSE | 9.2 | i586 | kernel-bigsmp | < 2.6.8-24.14 | kernel-bigsmp-2.6.8-24.14.i586.rpm |
| openSUSE | 9.0 | i586 | k_athlon | < 2.4.21-286 | k_athlon-2.4.21-286.i586.rpm |
| openSUSE | 9.0 | x86_64 | k_deflt | < 2.4.21-286 | k_deflt-2.4.21-286.x86_64.rpm |
| openSUSE | 9.2 | x86_64 | kernel-syms | < 2.6.8-24.14 | kernel-syms-2.6.8-24.14.x86_64.rpm |
| openSUSE | 9.0 | x86_64 | kernel-source | < 2.4.21-286 | kernel-source-2.4.21-286.x86_64.rpm |
| openSUSE | 9.2 | i586 | kernel-bigsmp-nongpl | < 2.6.8-24.14 | kernel-bigsmp-nongpl-2.6.8-24.14.i586.rpm |
| openSUSE | 9.0 | x86_64 | k_smp | < 2.4.21-286 | k_smp-2.4.21-286.x86_64.rpm |
| openSUSE | 8.2 | i586 | k_psmp | < 2.4.20-133 | k_psmp-2.4.20-133.i586.rpm |
| openSUSE | 9.2 | x86_64 | kernel-source | < 2.6.8-24.14 | kernel-source-2.6.8-24.14.x86_64.rpm |
Related
