kernelLinux Kernel updateLinux Kernel updateThe openSUSE 10.3 kernel was updated to fix various
security problems and bugs. Following security bugs were
fixed:
CVE-2008-5702: Buffer underflow in the ibwdt_ioctl function
in drivers/watchdog/ib700wdt.c might allow local users to
have an unknown impact via a certain /dev/watchdog
WDIOC_SETTIMEOUT IOCTL call.
CVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed
local users to cause a denial of service (kernel infinite
loop) by making two calls to svc_listen for the same
socket, and then reading a /proc/net/atm/*vc file, related
to corruption of the vcc table.
CVE-2008-5029: The __scm_destroy function in net/core/scm.c
makes indirect recursive calls to itself through calls to
the fput function, which allows local users to cause a
denial of service (panic) via vectors related to sending an
SCM_RIGHTS message through a UNIX domain socket and closing
file descriptors.
CVE-2008-5134: Buffer overflow in the lbs_process_bss
function in drivers/net/wireless/libertas/scan.c in the
libertas subsystem allowed remote attackers to have an
unknown impact via an "invalid beacon/probe response."
CVE-2008-4933: Buffer overflow in the hfsplus_find_cat
function in fs/hfsplus/catalog.c allowed attackers to cause
a denial of service (memory corruption or system crash) via
an hfsplus filesystem image with an invalid catalog
namelength field, related to the hfsplus_cat_build_key_uni
function.
CVE-2008-5025: Stack-based buffer overflow in the
hfs_cat_find_brec function in fs/hfs/catalog.c allowed
attackers to cause a denial of service (memory corruption
or system crash) via an hfs filesystem image with an
invalid catalog namelength field, a related issue to
CVE-2008-4933.
CVE-2008-5182: The inotify functionality might allow local
users to gain privileges via unknown vectors related to
race conditions in inotify watch removal and umount.
The openSUSE 10.3 kernel was updated to fix various
security problems and bugs. Following security bugs were
fixed:
CVE-2008-5702: Buffer underflow in the ibwdt_ioctl function
in drivers/watchdog/ib700wdt.c might allow local users to
have an unknown impact via a certain /dev/watchdog
WDIOC_SETTIMEOUT IOCTL call.
CVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed
local users to cause a denial of service (kernel infinite
loop) by making two calls to svc_listen for the same
socket, and then reading a /proc/net/atm/*vc file, related
to corruption of the vcc table.
CVE-2008-5029: The __scm_destroy function in net/core/scm.c
makes indirect recursive calls to itself through calls to
the fput function, which allows local users to cause a
denial of service (panic) via vectors related to sending an
SCM_RIGHTS message through a UNIX domain socket and closing
file descriptors.
CVE-2008-5134: Buffer overflow in the lbs_process_bss
function in drivers/net/wireless/libertas/scan.c in the
libertas subsystem allowed remote attackers to have an
unknown impact via an "invalid beacon/probe response."
CVE-2008-4933: Buffer overflow in the hfsplus_find_cat
function in fs/hfsplus/catalog.c allowed attackers to cause
a denial of service (memory corruption or system crash) via
an hfsplus filesystem image with an invalid catalog
namelength field, related to the hfsplus_cat_build_key_uni
function.
CVE-2008-5025: Stack-based buffer overflow in the
hfs_cat_find_brec function in fs/hfs/catalog.c allowed
attackers to cause a denial of service (memory corruption
or system crash) via an hfs filesystem image with an
invalid catalog namelength field, a related issue to
CVE-2008-4933.
CVE-2008-5182: The inotify functionality might allow local
users to gain privileges via unknown vectors related to
race conditions in inotify watch removal and umount.
security
This update can be used to install a new kernel.
If you decide to use the kernel update, we recommend that you reboot
your system upon completion of the YaST Online Update, as additional
kernel modules may be needed which can only be loaded after the system
is rebooted.
kernel-bigsmpi586e164747bd5c2a7278062f18753ba5487d6481d14a79396e46ca3e4c5758b4514af905201d03634a505d509d0eaad8556ef9ee8c40e1e9b5ac20ac6c5kernel-debugi5866cb0f6b4caae511ed1f06cc2424a287976bc1ab97bb4e46c7cf39cc2645b1c13423bb82886b64e12345c424f077568f900fdae793449cd6e0d11e877kernel-debugx86_6433af925d1a0a5a2dee337c4b69e25f1393f427a5c5e0dac31a1060f11042b955b9dd4de77538195e2f70bde2926b4c61a1fa53a36156d6adfce5221akernel-defaulti5869d7e315eae65ec2cdaa2e4742ab4ccf99647830cc7f1012120abc4a917d332439429dd87ea2c5b65fca0a40e2ecd0aaed01399aa271968bbea9e75d9kernel-defaultppcd253e73c47b0de0477aeb6f319436ab1253947fc95e22b3f915432b90301b4f0ecb59302e22c25f2494839e641fbf7c69ba101dc1c2e08633e2f27d5kernel-defaultx86_64aa46f403c32171e6db16a34feb3a82f90e34529dcc147917880ff71ffd5ee1ae7fbea196ee9e9260e5bd92dfe2090ba8c60b13f047dd0ff23cc76b79kernel-kdumpppcaad830e260e164657a7d63ffe1d85ee6d6ec3b7a57859fa6abe12c38bfd55d618d95776e2976b580kernel-ppc64ppc0d9e090fb3addc076c144861ceed8868f1169b53828ab2b17f102f6dc90a68eee8127a227defcd70deb8949ed5da4dd16c565d39538aad039eed6ddbkernel-sourcei5866091c2e7f57b22da2fc0ac400f9a934ad7f68d7ce07a2d17ab4137a6385c919125047451526bce6865753cc3ad78620f13be358ebeedf9c2ad9c4414kernel-sourceppcef43856c497efa9f5cb450a33afe4a855a52a425e61403b6568563f0d523dce4377a18d31feb14d5f1d0de38862fd5c08107ee6abdb90a47ecabb5bakernel-sourcex86_643054e9ec6434bb6d62f82750c922928ba20ac5fbcc4ab5a330653d5a1d4448322a9aa91060684b65fb74eea1c326f5da28a4e9889da9163e55161a37kernel-symsi586a9c1b816832ed2cd069e1d269cec54ae06b86dab3edde059df601ddf8eb0c7ecc68c8c4dfdd902cd1cf92a21bc733d3519f1da831a6a246cf8b2c6b1kernel-symsppcb8ee7952710c8fb063f8edbcb856501cf412f3840e38da208f95a7614d687c9938f12a8717ebd381bb75f8178ce7e0911669dced90b63b01c8589081kernel-symsx86_643c02c35e6036564705c2cd42cae2b13ed1bb6145d74e5a5d2c58a61b782355ffbe0645f2d803203f122c4414c1406d11ba3ae7a44523c021998b59eekernel-xeni586ce731c1a8ef37a6f7e489fdc63840e0437478bb7757374263a5c8b7f9688900a1008af60e6fd220de97014037f606d164c353af61516569bcd76c773kernel-xenx86_64b6d9d521a3bb2b98b79c490d288dd5fa65cb002e6904918216ba6fda844eced495ac5213e4cab758faaffb449eff144477bf9bff574497b012cc5015kernel-xenpaei586ec7f28774c57135dbd99a8bd8e6077339e29938a26b28b8592bb05fcc3ebdcae1903ff12cf9d90e7668d4a442f44707b4d21f5b3c82a599efef46b95