sdkp3-kernelSecurity update for the debug kernelSecurity update for the debug kernel
This update fixes various bugs and some security issues in the SUSE Linux
Enterprise 10 SP 3 kernel.
Following security issues were fixed:
CVE-2009-4536: drivers/net/e1000/e1000_main.c in the e1000 driver in the
Linux kernel handles Ethernet frames that exceed the MTU by processing
certain trailing payload data as if it were a complete frame, which
allows remote attackers to bypass packet filters via a large packet with
a crafted payload.
CVE-2009-4538: drivers/net/e1000e/netdev.c in the e1000e driver in the
Linux kernel does not properly check the size of an Ethernet frame that
exceeds the MTU, which allows remote attackers to have an unspecified
impact via crafted packets.
CVE-2010-0007: Missing CAP_NET_ADMIN checks in the ebtables netfilter
code might have allowed local attackers to modify bridge firewall
settings.
This update fixes various bugs and some security issues in
the SUSE Linux Enterprise 10 SP 3 kernel.
Following security issues were fixed: CVE-2009-4536:
drivers/net/e1000/e1000_main.c in the e1000 driver in the
Linux kernel handles Ethernet frames that exceed the MTU by
processing certain trailing payload data as if it were a
complete frame, which allows remote attackers to bypass
packet filters via a large packet with a crafted payload.
CVE-2009-4538: drivers/net/e1000e/netdev.c in the e1000e
driver in the Linux kernel does not properly check the size
of an Ethernet frame that exceeds the MTU, which allows
remote attackers to have an unspecified impact via crafted
packets.
CVE-2010-0007: Missing CAP_NET_ADMIN checks in the ebtables
netfilter code might have allowed local attackers to modify
bridge firewall settings.
security
This update can be used to install a new kernel.
If you decide to use the kernel update, we recommend that you reboot
your system upon completion of the YaST Online Update, as additional
kernel modules may be needed which can only be loaded after the system
is rebooted.
If you are in the course of performing a new installation, the installer
will reboot the machine after installing the patch. If you do not want
to reboot, deselect this patch.
kernel-debugx86_644ef640db0e525e64bb60d1fa84e466c375c0f8d7kernel-kdumpx86_64cb85d5ff4fd2aa625e533dbc9eeab20f2060820ekernel-xenx86_64c2870d8816810e5d249aeae973be259c54af3a27