‫ SUSE update for kernel

IRCAD2014063387

Number: IRCAD2014063387

Date: 2014/06/19

Criticality level: highly critical

Software:

SUSE Linux Enterprise Server (SLES) 11

Description

SUSE has issued an update for kernel. This fixes some weaknesses and multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service), by malicious, local users to disclose potentially sensitive information, cause a DoS, and gain escalated privileges, and by malicious people to cause a DoS and potentially compromise a vulnerable system.

1) A NULL pointer dereference error within the "handle_early_requeue_pi_wakeup()" function (kernel/futex.c) when requeuing a PI futex can be exploited to cause a crash.

Solution:

Apply updated packages via the zypper package manager.

- SUSE Linux Enterprise Server 11 SP1 LTSS:

zypper in -t patch slessp1-kernel-9359 slessp1-kernel-9360

slessp1-kernel-9361
Resources:

SUSE-SU-2014:0807-1:

Darren Hart:

secunia:
 
 
 
 
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 31 خرداد 1393

امتیاز

امتیاز شما
تعداد امتیازها:0