Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SA:2008:049
HistoryOct 02, 2008 - 11:55 a.m.

remote denial of service in kernel

2008-10-0211:55:46
lists.opensuse.org
12

0.074 Low

EPSS

Percentile

93.4%

JSON

The SUSE Linux Enterprise 10 Service Pack 1 kernel was updated to fix lots of bugs and also contains several security fixes: CVE-2008-3525: Added missing capability checks in sbni_ioctl(). CVE-2008-0598: On AMD64 some string operations could leak kernel information into userspace. CVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules. CVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel. CVE-2008-3275: Fixed a memory leak when looking up deleted directories which could be used to run the system out of memory. CVE-2008-2931: The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. CVE-2008-2812: Various NULL ptr checks have been added to tty op functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited. For more information consult the RPM changelog. 2) Solution or Work-Around

Solution

There is no known workaround, please install the update packages.

OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Software Development Kit10.1ppckernel-kdump< 2.6.16.54-0.2.10kernel-kdump-2.6.16.54-0.2.10.ppc.rpm
SUSE Linux Enterprise Software Development Kit10.1x86_64kernel-xen< 2.6.16.54-0.2.11kernel-xen-2.6.16.54-0.2.11.x86_64.rpm
SUSE Linux Enterprise Software Development Kit10.1i586kernel-kdump< 2.6.16.54-0.2.10kernel-kdump-2.6.16.54-0.2.10.i586.rpm
SUSE Linux Enterprise Software Development Kit10.1i586kernel-debug< 2.6.16.54-0.2.10kernel-debug-2.6.16.54-0.2.10.i586.rpm
SUSE Linux Enterprise Software Development Kit10.1x86_64kernel-debug< 2.6.16.54-0.2.11kernel-debug-2.6.16.54-0.2.11.x86_64.rpm
SUSE Linux Enterprise Software Development Kit10.1i586kernel-xenpae< 2.6.16.54-0.2.10kernel-xenpae-2.6.16.54-0.2.10.i586.rpm
SUSE Linux Enterprise Software Development Kit10.1i586kernel-xen< 2.6.16.54-0.2.10kernel-xen-2.6.16.54-0.2.10.i586.rpm
SUSE Linux Enterprise Software Development Kit10.1x86_64kernel-kdump< 2.6.16.54-0.2.11kernel-kdump-2.6.16.54-0.2.11.x86_64.rpm
SUSE Linux Enterprise Software Development Kit10.1ia64kernel-debug< 2.6.16.54-0.2.10kernel-debug-2.6.16.54-0.2.10.ia64.rpm

Related

nessus 48
ubuntu 2
openvas 67
suse 8
osv 4
securityvulns 7
debian 5
redhat 9
centos 6
oraclelinux 7
prion 7
seebug 9
ubuntucve 7
cve 7
veracode 5
fedora 1
nessus
nessus
SuSE 10 Security Update : the Linux Kernel (x86) (ZYPP Patch Number 5566)
2008-10-02 00:00:00
SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5608)
2012-05-17 00:00:00
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/20/22 vulnerabilities (USN-637-1)
2008-08-26 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2008-08-25 00:00:00
Linux kernel vulnerabilities
2008-07-15 00:00:00
openvas
openvas
Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-637-1
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-637-1)
2009-03-23 00:00:00
SLES10: Security update for Linux Kernel (x86)
2009-10-13 00:00:00
suse
suse
remote denial of service in kernel
2008-10-01 17:25:47
remote denial of service in kernel
2008-10-01 15:09:37
remote denial of service in kernel
2008-09-11 13:24:55
osv
osv
fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
2008-08-21 00:00:00
linux-2.6 - overflow conditions
2008-06-09 00:00:00
linux-2.6.24 - several vulnerabilities
2008-09-11 00:00:00
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2008-08-21 00:00:00
[SECURITY] [DSA 1630-1] New Linux 2.6.18 packages fix several vulnerabilities
2008-08-21 00:00:00
[SECURITY] [DSA 1592-1] New Linux 2.6.18 packages fix overflow conditions
2008-06-09 00:00:00
debian
debian
[SECURITY] [DSA 1630-1] New Linux 2.6.18 packages fix several vulnerabilities
2008-08-21 16:34:06
[SECURITY] [DSA 1592-1] New Linux 2.6.18 packages fix overflow conditions
2008-06-09 06:37:30
[SECURITY] [DSA 1592-2] New Linux 2.6.18 packages fix overflow conditions
2008-06-09 17:15:28
redhat
redhat
(RHSA-2008:0973) Important: kernel security and bug fix update
2008-12-16 00:00:00
(RHSA-2008:0885) Important: kernel security and bug fix update
2008-09-24 00:00:00
(RHSA-2008:0665) Moderate: Updated kernel packages for Red Hat Enterprise Linux 4.7
2008-07-24 00:00:00
centos
centos
kernel security update
2008-12-17 15:30:17
kernel security update
2008-09-25 17:46:59
kernel security update
2008-06-26 11:40:24
oraclelinux
oraclelinux
kernel security and bug fix update
2008-09-24 00:00:00
kernel security and bug fix update
2008-12-18 00:00:00
kernel security and bug fix update
2008-06-26 00:00:00
prion
prion
Cross site request forgery (csrf)
2008-09-03 14:12:00
Design/Logic Flaw
2008-08-12 23:41:00
Design/Logic Flaw
2008-06-10 00:32:00
seebug
seebug
Linux Kernel UBIFS Orphan Inode Local Denial of Service Vulnerability
2008-10-04 00:00:00
Linux Kernel BER解码缓冲区溢出漏洞
2008-06-11 00:00:00
Linux Kernel 'snd_seq_oss_synth_make_info()' Information Disclosure Vulnerability
2008-10-04 00:00:00
ubuntucve
ubuntucve
CVE-2008-3525
2008-09-03 00:00:00
CVE-2008-3275
2008-08-12 00:00:00
CVE-2008-2931
2008-07-09 00:00:00
cve
cve
CVE-2008-3525
2008-09-03 14:12:00
CVE-2008-1673
2008-06-10 00:32:00
CVE-2008-3275
2008-08-12 23:41:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:26:03
Privilege Escalation
2020-04-10 00:26:00
Information Disclosure
2020-04-10 00:26:01
fedora
fedora
[SECURITY] Fedora 8 Update: kernel-2.6.25.6-27.fc8
2008-06-20 19:05:23

0.074 Low

EPSS

Percentile

93.4%

JSON
Related for SUSE-SA:2008:049
nessus48ubuntu2openvas67suse8osv4securityvulns7debian5redhat9centos6oraclelinux7prion7seebug9ubuntucve7cve7veracode5fedora1