|Category:||SuSE Local Security Checks|
|Title:||SuSE Security Advisory SUSE-SA:2005:003 (kernel)|
|Summary:||SuSE Security Advisory SUSE-SA:2005:003 (kernel)|
The remote host is missing updates announced in
Several exploitable security problems were identified and fixed in
the Linux kernel, the core of every SUSE Linux product.
- Due to missing locking in the sys_uselib system call a local attacker
can gain root access. This was found by Paul Starzetz and is tracked
by the Mitre CVE ID CVE-2004-1235.
- Paul Starzetz also found a race condition in SMP page table handling
which could lead to a local attacker gaining root access on SMP
machines. This is tracked by the Mitre CVE ID CVE-2005-0001.
- A local denial of service was found in the auditing subsystem which
have lead a local attacker crashing the machine. This was reported
and fixed by Redhat.
- The sendmsg / cmsg fix from the previous kernel update was faulty
on 64bit systems with 32bit compatibility layer and could lead to
32bit applications not working correctly on those 64bit systems.
- The smbfs security fixes from a before-previous kernel update were
faulty for some file write cases.
- A local denial of service with Direct I/O access to NFS file systems
could lead a local attacker to crash a machine with NFS mounts.
- grsecurity reported a signed integer problem in the SCSI ioctl
handling which had a missing boundary check.
Due to C language specifics, this evaluation was not correct and
there actually is no problem in this code.
The signed / unsigned mismatch was fixed nevertheless.
- Several more small non security problems were fixed.
Update your system with the packages as indicated in
the referenced security advisory.
Risk factor : High
Common Vulnerability Exposure (CVE) ID: CVE-2004-1235|
Bugtraq: 20050107 Linux kernel sys_uselib local root vulnerability (Google Search)
Conectiva Linux advisory: CLA-2005:930
Debian Security Information: DSA-1070 (Google Search)
Debian Security Information: DSA-1067 (Google Search)
Debian Security Information: DSA-1069 (Google Search)
Debian Security Information: DSA-1082 (Google Search)
SuSE Security Announcement: SUSE-SR:2005:001 (Google Search)
BugTraq ID: 12190
XForce ISS Database: linux-uselib-gain-privileges(18800)
Common Vulnerability Exposure (CVE) ID: CVE-2005-0001
Bugtraq: 20050112 Linux kernel i386 SMP page fault handler privilege escalation (Google Search)
Bugtraq: 20050114 [USN-60-0] Linux kernel vulnerabilities (Google Search)
BugTraq ID: 12244
XForce ISS Database: linux-fault-handler-gain-privileges(18849)
|Copyright||Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com|
|This is only one of 38907 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.