Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> SuSE Local Security Checks >> SUSE-SA:2006:006: kernel


Vulnerability Assessment Details

SUSE-SA:2006:006: kernel

Vulnerability Assessment Summary
Check for the version of the kernel package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory SUSE-SA:2006:006 (kernel).


The Linux kernel on SUSE Linux 10.0 has been updated to
fix following security problems:

- CVE-2006-0454: An extra dst release when ip_options_echo failed
was fixed.

This problem could be triggered by remote attackers and can
potentially crash the machine. This is possible even with
SuSEfirewall2 enabled.

This affects only SUSE Linux 10.0, all other SUSE distributions
are not affected.

- CVE-2005-3356: A double decrement in mq_open system call could lead
to local users crashing the machine.

- CVE-2005-3358: A 0 argument passed to the set_mempolicy() system
call could lead to a local user crashing the machine.

- CVE-2005-4605: Kernel memory could be leaked to user space through a
problem with seek() in /proc files .

- CVE-2005-3623: Remote users could set ACLs even on read-only
exported NFS Filesystems and so circumvent access control.

- CVE-2005-3808: A 32 bit integer overflow on 64bit mmap calls
could be used by local users to hang the machine.

- CVE-2005-4635: Add sanity checks for headers and payload of netlink
messages, which could be used by local attackers to crash the
machine.

Also various non-security bugs were fixed:
- Fix up patch for cpufreq drivers that do not initialize
current freq.
- Handle BIOS cpufreq changes gracefully.
- Updates to inotify handling.
- Various XEN Updates.
- Catches processor declarations with same ACPI id (P4HT)
- PowerPC: g5 thermal overtemp bug on fluid cooled systems.
- Fixed buffered ACPI events on a lot ASUS and some other machines.
- Fix fs/exec.c:788 (de_thread()) BUG_ON (OSDL 5170).


Solution : http://www.suse.de/security/advisories/2006_06_kernel.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security

Cables, Connectors

Dell Poweredge R720 16 Bay Server 2x QC 2.4GHZ 64GB 12x 900GB 10K H710 RPS
$2180.8
Dell Poweredge R720 16 Bay Server 2x QC 2.4GHZ 64GB 12x 900GB 10K H710 RPS pictureDell Poweredge R720 16 Bay Server 2x QC 2.4GHZ 96GB 12x 900GB 10K H710 RPS
$2253.28
Dell Poweredge R720 16 Bay Server 2x QC 2.4GHZ 96GB 12x 900GB 10K H710 RPS pictureDell Poweredge R720 16 Bay Server 2x QC 2.4GHZ 128GB 12x 900GB 10K H710 RPS
$2388.8
Dell Poweredge R720 16 Bay Server 2x QC 2.4GHZ 128GB 12x 900GB 10K H710 RPS pictureDELL POWEREDGE R730XD SERVER TWO E5-2640V4 2.4GHZ 64GB 14 X 300GB 15K 12G H730
$7099.0
DELL POWEREDGE R730XD SERVER TWO E5-2640V4 2.4GHZ 64GB 14 X 300GB 15K 12G H730 picture


Discussions

No Discussions have been posted on this vulnerability.