sdkp3-kernelSecurity update for Linux kernelSecurity update for Linux kernelThis update fixes various bugs and some security issues in
the SUSE Linux Enterprise 10 SP 3 kernel.
Following security issues were fixed: CVE-2009-3238: The
get_random_int function in drivers/char/random.c in the
Linux kernel produces insufficiently random numbers, which
allows attackers to predict the return value, and possibly
defeat protection mechanisms based on randomization, via
vectors that leverage the functions tendency to return the
same value over and over again for long stretches of time.
CVE-2009-1192: The (1) agp_generic_alloc_page and (2)
agp_generic_alloc_pages functions in
drivers/char/agp/generic.c in the agp subsystem in the
Linux kernel do not zero out pages that may later be
available to a user-space process, which allows local users
to obtain sensitive information by reading these pages.
CVE-2009-2909: Unsigned check in the ax25 socket handler
could allow local attackers to potentially crash the kernel
or even execute code.
This update fixes various bugs and some security issues in
the SUSE Linux Enterprise 10 SP 3 kernel.
Following security issues were fixed: CVE-2009-3238: The
get_random_int function in drivers/char/random.c in the
Linux kernel produces insufficiently random numbers, which
allows attackers to predict the return value, and possibly
defeat protection mechanisms based on randomization, via
vectors that leverage the functions tendency to return the
same value over and over again for long stretches of time.
CVE-2009-1192: The (1) agp_generic_alloc_page and (2)
agp_generic_alloc_pages functions in
drivers/char/agp/generic.c in the agp subsystem in the
Linux kernel do not zero out pages that may later be
available to a user-space process, which allows local users
to obtain sensitive information by reading these pages.
CVE-2009-2909: Unsigned check in the ax25 socket handler
could allow local attackers to potentially crash the kernel
or even execute code.
security
This update can be used to install a new kernel.
If you decide to use the kernel update, we recommend that you reboot
your system upon completion of the YaST Online Update, as additional
kernel modules may be needed which can only be loaded after the system
is rebooted.
If you are in the course of performing a new installation, the installer
will reboot the machine after installing the patch. If you do not want
to reboot, deselect this patch.
kernel-debugx86_643507e2dc2580743efee87da3b49ca430a371d874kernel-kdumpx86_64bf6c6d2c575d6f962ce6750cbadd1891dc5ee7ddkernel-xenx86_640b6be93daa891c28438b794b13310239ede43afd