Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes a weakness, some security issues and some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, and by malicious people to cause a DoS.
b611d701ee877aabf79699241cd77a4c2490189bd7d9aab27d0cf8dccef1bd17
----------------------------------------------------------------------
Public Beta of CSI and WSUS Integration
http://secunia.com/blog/74
----------------------------------------------------------------------
TITLE:
SUSE update for kernel
SECUNIA ADVISORY ID:
SA38683
VERIFY ADVISORY:
http://secunia.com/advisories/38683/
DESCRIPTION:
SUSE has issued an update for the kernel. This fixes a weakness, some
security issues and some vulnerabilities, which can be exploited by
malicious, local users to bypass certain security restrictions, cause
a DoS (Denial of Service), and potentially gain escalated privileges,
and by malicious people to cause a DoS.
For more information:
SA32320
SA35265
SA36707
SA37086
SA37435
SA38133
1) An incorrect permission check within the z90crypt driver can be
exploited to bypass intended security restrictions.
Successful exploitation requires that the attacker has an effective
user ID of 0.
SOLUTION:
Apply updated packages.
SUSE CORE 9 for Itanium Processor Family
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=f244ff5c3b3396176b5103f1715e6684
SUSE CORE 9 for IBM zSeries 64bit
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a31f023a60d07c8888e454fa1d125def
SUSE CORE 9 for IBM S/390 31bit
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=687ae9e3794e96759e414f98fbdce2b2
SUSE CORE 9 for AMD64 and Intel EM64T
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=4267d3a69718225e2fb2c25170bc6d94
Novell Linux POS 9
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=115c23c0f70fab25bce4f2dedb036c6c
SUSE CORE 9 for x86
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=115c23c0f70fab25bce4f2dedb036c6c
SUSE SLES 9
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=f244ff5c3b3396176b5103f1715e6684
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a31f023a60d07c8888e454fa1d125def
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=687ae9e3794e96759e414f98fbdce2b2
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=4267d3a69718225e2fb2c25170bc6d94
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=115c23c0f70fab25bce4f2dedb036c6c
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=07c0f8cc874baafd99ac348e3dc688c7
SUSE CORE 9 for IBM POWER
http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=07c0f8cc874baafd99ac348e3dc688c7
ORIGINAL ADVISORY:
SUSE-SA:2010:013:
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
OTHER REFERENCES:
SA32320:
http://secunia.com/advisories/32320/
SA35265:
http://secunia.com/advisories/35265/
SA36707:
http://secunia.com/advisories/36707/
SA37086:
http://secunia.com/advisories/37086/
SA37435:
http://secunia.com/advisories/37435/
SA38133:
http://secunia.com/advisories/38133/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------