NASLDB: SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7915)
General
ID: 59161
Name: SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7915)
Summary: Checks rpm output for the updated packages
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS Temporal Vector: –
Port: 0
Family: SuSE Local Security Checks
Type: Local
Description
This Linux kernel update fixes various security issues and bugs in the
SUSE Linux Enterprise 10 SP4 kernel.
This update fixes the following security issues :
– X.25 remote DoS. (CVE-2010-3873). (bnc#651219)
– X.25 remote Dos. (CVE-2010-4164). (bnc#653260)
– 1 socket local DoS. (CVE-2010-4249). (bnc#655696)
– ebtables infoleak. (CVE-2011-1080). (bnc#676602)
– netfilter: arp_tables infoleak to userspace.
(CVE-2011-1170). (bnc#681180)
– netfilter: ip_tables infoleak to userspace.
(CVE-2011-1171). (bnc#681181)
– netfilter: ip6_tables infoleak to userspace.
(CVE-2011-1172). (bnc#681185)
– econet 4 byte infoleak. (CVE-2011-1173). (bnc#681186)
– hfs NULL pointer dereference. (CVE-2011-2203).
(bnc#699709)
– inet_diag infinite loop. (CVE-2011-2213). (bnc#700879)
– netfilter: ipt_CLUSTERIP buffer overflow.
(CVE-2011-2534). (bnc#702037)
– ipv6: make fragment identifications less predictable.
(CVE-2011-2699). (bnc#707288)
– clock_gettime() panic. (CVE-2011-3209). (bnc#726064)
– qdisc NULL dereference (CVE-2011-2525) This update also
fixes the following non-security issues:. (bnc#735612)
– New timesource for VMware platform. (bnc#671124)
– usblp crashes after the printer is unplugged for the
second time. (bnc#673343)
– Data corruption with mpt2sas driver. (bnc#704253)
– NIC Bond no longer works when booting the XEN kernel.
(bnc#716437)
– ‘reboot=b’ kernel command line hangs system on reboot.
(bnc#721267)
– kernel panic at iscsi_xmitwork function. (bnc#721351)
– NFS supplementary group permissions. (bnc#725878)
– IBM LTC System z Maintenance Kernel Patches (#59).
(bnc#726843)
– NFS slowness. (bnc#727597)
– IBM LTC System z maintenance kernel patches (#60).
(bnc#728341)
– propagate MAC-address to VLAN-interface. (bnc#729117)
– ipmi deadlock in start_next_msg. (bnc#730749)
– ext3 filesystem corruption after crash. (bnc#731770)
– IBM LTC System z maintenance kernel patches (#61).
(bnc#732375)
– hangs when offlining a CPU core. (bnc#733407)
Exploiting
Exploit Available: –
Exploitability Ease: –
Sources
CVE: CVE-2010-3873
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: 2012/01/10
Plugin Release: 2012/05/17
Plugin
Version: 1.3
Filename: suse_kernel-7915.nasl
Filesize: 7584 bytes
MD5 Hash: 530ff9bcc17e19b156ceaca789e7449e
Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list
Dependencies: "ssh_get_info.nasl"
Copyright: This script is Copyright© 2012 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack