English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2012.0115.2
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2012:0115-2)
Summary:The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2012:0115-2 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux kernel' package(s) announced via the SUSE-SU-2012:0115-2 advisory.

Vulnerability Insight:
This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel.

This update fixes the following security issues:

* bnc#651219: X.25 remote DoS (CVE-2010-3873)
* bnc#653260: X.25 remote Dos (CVE-2010-4164)
* bnc#655696: 1 socket local DoS (CVE-2010-4249)
* bnc#676602: ebtables infoleak (CVE-2011-1080)
* bnc#681180: netfilter: arp_tables infoleak to userspace (CVE-2011-1170)
* bnc#681181: netfilter: ip_tables infoleak to userspace (CVE-2011-1171)
* bnc#681185: netfilter: ip6_tables infoleak to userspace (CVE-2011-1172)
* bnc#681186: econet 4 byte infoleak (CVE-2011-1173)
* bnc#699709: hfs NULL pointer dereference
(CVE-2011-2203)
* bnc#700879: inet_diag infinite loop (CVE-2011-2213)
* bnc#702037: netfilter: ipt_CLUSTERIP buffer overflow
(CVE-2011-2534)
* bnc#707288: ipv6: make fragment identifications less predictable (CVE-2011-2699)
* bnc#726064: clock_gettime() panic (CVE-2011-3209)
* bnc#735612: qdisc NULL dereference (CVE-2011-2525)

This update also fixes the following non-security issues:

* bnc#671124: New timesource for VMware platform
* bnc#673343: usblp crashes after the printer is unplugged for the second time
* bnc#704253: Data corruption with mpt2sas driver
* bnc#716437: NIC Bond no longer works when booting the XEN kernel
* bnc#721267: 'reboot=b' kernel command line hangs system on reboot
* bnc#721351: kernel panic at iscsi_xmitwork function
* bnc#725878: NFS supplementary group permissions
* bnc#726843: IBM LTC System z Maintenance Kernel Patches (#59)
* bnc#727597: NFS slowness
* bnc#728341: IBM LTC System z maintenance kernel patches (#60)
* bnc#729117: propagate MAC-address to VLAN-interface
* bnc#730749: ipmi deadlock in start_next_msg
* bnc#731770: ext3 filesystem corruption after crash
* bnc#732375: IBM LTC System z maintenance kernel patches (#61)
* bnc#733407: hangs when offlining a CPU core

Security Issue references:

* CVE-2011-2534
>
* CVE-2011-2525
>
* CVE-2011-2203
>
* CVE-2011-2699
>
* CVE-2010-4249
>
* CVE-2011-1173
>
* CVE-2011-1170
>
* CVE-2011-1171
>
* CVE-2010-3873
>
* CVE-2011-1080
>
* CVE-2011-2213
>
* CVE-2011-3209
>
* CVE-2011-1172
>
* CVE-2010-4164
>

Affected Software/OS:
'Linux kernel' package(s) on SUSE Linux Enterprise Desktop 10-SP4, SUSE Linux Enterprise Server 10-SP4.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-3873
43291
http://secunia.com/advisories/43291
ADV-2011-0375
http://www.vupen.com/english/advisories/2011/0375
DSA-2126
http://www.debian.org/security/2010/dsa-2126
MDVSA-2011:029
http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
SUSE-SA:2011:008
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
[netdev] 20101102 [SECURITY] memory corruption in X.25 facilities parsing
http://www.spinics.net/lists/netdev/msg145786.html
[netdev] 20101104 Re: [SECURITY] memory corruption in X.25 facilities parsing
http://www.spinics.net/lists/netdev/msg145873.html
[oss-security] 20101103 CVE request: X.25 remote DoS
http://openwall.com/lists/oss-security/2010/11/03/2
[oss-security] 20101104 Re: CVE request: X.25 remote DoS
http://openwall.com/lists/oss-security/2010/11/04/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6331d6f9a4298173b413cf99a40cc86a9d92c37
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2
https://bugzilla.redhat.com/show_bug.cgi?id=649693
openSUSE-SU-2013:0925
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-4164
42778
http://secunia.com/advisories/42778
42801
http://secunia.com/advisories/42801
42932
http://secunia.com/advisories/42932
45055
http://www.securityfocus.com/bid/45055
ADV-2011-0012
http://www.vupen.com/english/advisories/2011/0012
ADV-2011-0124
http://www.vupen.com/english/advisories/2011/0124
ADV-2011-0298
http://www.vupen.com/english/advisories/2011/0298
SUSE-SA:2010:060
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html
SUSE-SA:2011:001
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
SUSE-SA:2011:002
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html
SUSE-SA:2011:004
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html
SUSE-SA:2011:007
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
[netdev] 20101111 [SECURITY] [PATCH] Prevent crashing when parsing bad X.25
http://marc.info/?l=linux-netdev&m=128951543005554&w=2
[oss-security] 20101111 CVE request: kernel: remote DoS in X.25
http://openwall.com/lists/oss-security/2010/11/11/2
[oss-security] 20101112 Re: CVE request: kernel: remote DoS in X.25
http://openwall.com/lists/oss-security/2010/11/12/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5ef41308f94dcbb3b7afc56cdef1c2ba53fa5d2f
https://bugzilla.redhat.com/show_bug.cgi?id=652517
Common Vulnerability Exposure (CVE) ID: CVE-2010-4249
15622
http://www.exploit-db.com/exploits/15622/
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
http://www.securityfocus.com/archive/1/520102/100/0/threaded
42354
http://secunia.com/advisories/42354
42745
http://secunia.com/advisories/42745
42890
http://secunia.com/advisories/42890
42963
http://secunia.com/advisories/42963
45037
http://www.securityfocus.com/bid/45037
46397
http://secunia.com/advisories/46397
ADV-2010-3321
http://www.vupen.com/english/advisories/2010/3321
ADV-2011-0168
http://www.vupen.com/english/advisories/2011/0168
FEDORA-2010-18983
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html
RHSA-2011:0007
http://www.redhat.com/support/errata/RHSA-2011-0007.html
RHSA-2011:0162
http://www.redhat.com/support/errata/RHSA-2011-0162.html
[linux-kernel] 20101123 Unix socket local DOS (OOM)
http://lkml.org/lkml/2010/11/23/395
[linux-kernel] 20101124 [PATCH net-next-2.6] scm: lower SCM_MAX_FD
http://lkml.org/lkml/2010/11/23/450
[linux-kernel] 20101125 Simple kernel attack using socketpair. easy, 100% reproductiblle, works under guest. no way to protect :(
http://lkml.org/lkml/2010/11/25/8
[netdev] 20101124 [PATCH] af_unix: limit unix_tot_inflight
http://marc.info/?l=linux-netdev&m=129059035929046&w=2
[oss-security] 20101124 CVE request: kernel: unix socket local dos
http://www.openwall.com/lists/oss-security/2010/11/24/2
[oss-security] 20101124 Re: CVE request: kernel: unix socket local dos
http://www.openwall.com/lists/oss-security/2010/11/24/10
http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=9915672d41273f5b77f1b3c29b391ffb7732b84b
http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.37-rc3-next-20101125.bz2
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
https://bugzilla.redhat.com/show_bug.cgi?id=656756
Common Vulnerability Exposure (CVE) ID: CVE-2011-1080
RHSA-2011:0833
http://rhn.redhat.com/errata/RHSA-2011-0833.html
[oss-security] 20110301 Re: CVE request: kernel: two bluetooth and one ebtables infoleaks/DoSes
http://www.openwall.com/lists/oss-security/2011/03/01/10
http://downloads.avaya.com/css/P8/documents/100145416
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d846f71195d57b0bbb143382647c2c6638b04c5a
https://bugzilla.redhat.com/show_bug.cgi?id=681262
https://github.com/torvalds/linux/commit/d846f71195d57b0bbb143382647c2c6638b04c5a
Common Vulnerability Exposure (CVE) ID: CVE-2011-1170
8278
http://securityreason.com/securityalert/8278
8282
http://securityreason.com/securityalert/8282
[netfilter-devel] 20110310 [PATCH] ipv4: netfilter: arp_tables: fix infoleak to userspace
http://marc.info/?l=netfilter-devel&m=129978081009955&w=2
[oss-security] 20110318 CVE request: kernel: netfilter & econet infoleaks
http://www.openwall.com/lists/oss-security/2011/03/18/15
[oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks
http://www.openwall.com/lists/oss-security/2011/03/21/1
http://www.openwall.com/lists/oss-security/2011/03/21/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=42eab94fff18cb1091d3501cd284d6bd6cc9c143
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
https://bugzilla.redhat.com/show_bug.cgi?id=689321
Common Vulnerability Exposure (CVE) ID: CVE-2011-1171
8283
http://securityreason.com/securityalert/8283
[linux-kernel] 20110310 [PATCH] ipv4: netfilter: ip_tables: fix infoleak to userspace
http://marc.info/?l=linux-kernel&m=129978077609894&w=2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=78b79876761b86653df89c48a7010b5cbd41a84a
https://bugzilla.redhat.com/show_bug.cgi?id=689327
Common Vulnerability Exposure (CVE) ID: CVE-2011-1172
[linux-kernel] 20110310 [PATCH] ipv6: netfilter: ip6_tables: fix infoleak to userspace
http://marc.info/?l=linux-kernel&m=129978086410061&w=2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6a8ab060779779de8aea92ce3337ca348f973f54
https://bugzilla.redhat.com/show_bug.cgi?id=689345
Common Vulnerability Exposure (CVE) ID: CVE-2011-1173
8279
http://securityreason.com/securityalert/8279
[netdev] 20110317 [PATCH] econet: 4 byte infoleak to the network
http://marc.info/?l=linux-netdev&m=130036203528021&w=2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e
https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14
Common Vulnerability Exposure (CVE) ID: CVE-2011-2203
47754
http://secunia.com/advisories/47754
48236
http://www.securityfocus.com/bid/48236
USN-1324-1
http://www.ubuntu.com/usn/USN-1324-1
USN-1328-1
http://www.ubuntu.com/usn/USN-1328-1
USN-1344-1
http://www.ubuntu.com/usn/USN-1344-1
[linux-kernel] 20110608 [BUG] hfs_find_init() sb->ext_tree NULL pointer dereference
https://lkml.org/lkml/2011/6/8/154
[oss-security] 20110613 Re: CVE request: kernel: hfs_find_init() sb->ext_tree NULL pointer dereference
http://www.openwall.com/lists/oss-security/2011/06/13/16
https://bugzilla.redhat.com/show_bug.cgi?id=712774
Common Vulnerability Exposure (CVE) ID: CVE-2011-2213
HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
[netdev] 20110601 Re: inet_diag insufficient validation?
http://article.gmane.org/gmane.linux.network/197208
[netdev] 20110601 inet_diag insufficient validation?
http://article.gmane.org/gmane.linux.network/197206
[netdev] 20110603 Re: inet_diag insufficient validation?
http://article.gmane.org/gmane.linux.network/197386
[netdev] 20110617 [PATCH] inet_diag: fix inet_diag_bc_audit()
http://article.gmane.org/gmane.linux.network/198809
[oss-security] 20110620 CVE request: kernel: inet_diag: fix inet_diag_bc_audit()
http://www.openwall.com/lists/oss-security/2011/06/20/1
[oss-security] 20110620 Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit()
http://www.openwall.com/lists/oss-security/2011/06/20/13
http://www.openwall.com/lists/oss-security/2011/06/20/16
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d
http://patchwork.ozlabs.org/patch/100857/
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3
https://bugzilla.redhat.com/show_bug.cgi?id=714536
Common Vulnerability Exposure (CVE) ID: CVE-2011-2525
RHSA-2011:1065
http://rhn.redhat.com/errata/RHSA-2011-1065.html
RHSA-2011:1163
http://rhn.redhat.com/errata/RHSA-2011-1163.html
[netdev] 20100521 tc: RTM_GETQDISC causes kernel OOPS
http://kerneltrap.org/mailarchive/linux-netdev/2010/5/21/6277805
[oss-security] 20110712 CVE-2011-2525 kernel: kernel: net_sched: fix qdisc_notify()
http://openwall.com/lists/oss-security/2011/07/12/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=53b0f08042f04813cd1a7473dacd3edfacb28eb3
http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.35
https://bugzilla.redhat.com/show_bug.cgi?id=720552
Common Vulnerability Exposure (CVE) ID: CVE-2011-2534
BugTraq ID: 46921
http://www.securityfocus.com/bid/46921
http://marc.info/?l=netfilter-devel&m=130036157327564&w=2
http://marc.info/?l=netfilter&m=129978077509888&w=2
http://securityreason.com/securityalert/8284
Common Vulnerability Exposure (CVE) ID: CVE-2011-2699
1027274
http://www.securitytracker.com/id?1027274
MDVSA-2013:150
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
[oss-security] 20110720 Re: CVE request: kernel: ipv6: make fragment identifications less predictable
http://www.openwall.com/lists/oss-security/2011/07/20/5
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=87c48fa3b4630905f98268dde838ee43626a060c
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1
https://bugzilla.redhat.com/show_bug.cgi?id=723429
https://github.com/torvalds/linux/commit/87c48fa3b4630905f98268dde838ee43626a060c
Common Vulnerability Exposure (CVE) ID: CVE-2011-3209
[oss-security] 20111024 kernel; CVE-2011-2942 and CVE-2011-3209
http://www.openwall.com/lists/oss-security/2011/10/24/3
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f8bd2258e2d520dff28c855658bd24bdafb5102d
https://bugzilla.redhat.com/show_bug.cgi?id=732878
https://github.com/torvalds/linux/commit/f8bd2258e2d520dff28c855658bd24bdafb5102d
CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.