Monday, October 18, 2010

SLE 11 SERVER Unsupported Extras Linux: kernel security fixes

Users of SLE 11 SERVER Unsupported Extras Linux please be advised of a kernel security fixes that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com
SUSE-SA:2010:050: [SUSE-SA:2010:050] Linux kernel security fixes
Affected Products: SLE 11 SERVER Unsupported Extras
Vulnerability Type: local privilege escalation
Problem Description and Brief Discussion



This SUSE Linux Enterprise 11 Service Pack 1 kernel contains various

security fixes and lots of other bugfixes.



Following security issues were fixed:



CVE-2010-2960: local users could crash the system by causing a NULL

deref in the keyctl_session_to_parent() function



CVE-2010-2954: local users could crash the system by causing a NULL

deref via IRDA sockets



CVE-2010-3079: local users could crash the system by causing a NULL

deref in ftrace
Read more at www.criticalwatch.com
 

No comments:

Post a Comment