----------------------------------------------------------------------


Public Beta of CSI and WSUS Integration
http://secunia.com/blog/74


----------------------------------------------------------------------

TITLE:
SUSE update for kernel

SECUNIA ADVISORY ID:
SA38683

VERIFY ADVISORY:
http://secunia.com/advisories/38683/

DESCRIPTION:
SUSE has issued an update for the kernel. This fixes a weakness, some
security issues and some vulnerabilities, which can be exploited by
malicious, local users to bypass certain security restrictions, cause
a DoS (Denial of Service), and potentially gain escalated privileges,
and by malicious people to cause a DoS.

For more information:
SA32320
SA35265
SA36707
SA37086
SA37435
SA38133

1) An incorrect permission check within the z90crypt driver can be
exploited to bypass intended security restrictions.

Successful exploitation requires that the attacker has an effective
user ID of 0.

SOLUTION:
Apply updated packages.

SUSE CORE 9 for Itanium Processor Family

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=f244ff5c3b3396176b5103f1715e6684

SUSE CORE 9 for IBM zSeries 64bit

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a31f023a60d07c8888e454fa1d125def

SUSE CORE 9 for IBM S/390 31bit

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=687ae9e3794e96759e414f98fbdce2b2

SUSE CORE 9 for AMD64 and Intel EM64T

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=4267d3a69718225e2fb2c25170bc6d94

Novell Linux POS 9

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=115c23c0f70fab25bce4f2dedb036c6c

SUSE CORE 9 for x86

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=115c23c0f70fab25bce4f2dedb036c6c

SUSE SLES 9

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=f244ff5c3b3396176b5103f1715e6684

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a31f023a60d07c8888e454fa1d125def

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=687ae9e3794e96759e414f98fbdce2b2

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=4267d3a69718225e2fb2c25170bc6d94

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=115c23c0f70fab25bce4f2dedb036c6c

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=07c0f8cc874baafd99ac348e3dc688c7

SUSE CORE 9 for IBM POWER

http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=07c0f8cc874baafd99ac348e3dc688c7

ORIGINAL ADVISORY:
SUSE-SA:2010:013:
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html

OTHER REFERENCES:
SA32320:
http://secunia.com/advisories/32320/

SA35265:
http://secunia.com/advisories/35265/

SA36707:
http://secunia.com/advisories/36707/

SA37086:
http://secunia.com/advisories/37086/

SA37435:
http://secunia.com/advisories/37435/

SA38133:
http://secunia.com/advisories/38133/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------