SB2011100806 - SUSE Linux update for Linux kernel

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2011100806

SB2011100806 - SUSE Linux update for Linux kernel

Published: October 8, 2011

Security Bulletin ID SB2011100806
Severity
High
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 33% Medium 33% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) NULL pointer dereference (CVE-ID: CVE-2011-2928)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel before 3.1-rc3 does not validate the length attribute of long symlinks, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) by accessing a long symlink on a malformed Be filesystem.


2) Buffer overflow (CVE-ID: CVE-2011-3191)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.


3) Buffer overflow (CVE-ID: CVE-2011-3353)

The vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.

Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before 3.1 allows local users to cause a denial of service (BUG_ON and system crash) by leveraging the ability to mount a FUSE filesystem.


Remediation

Install update from vendor's website.

References