Rapid7 Vulnerability & Exploit Database

SuSE 9.1 security update for kernel

Free InsightVM Trial No credit card necessary
Watch Demo See how it all works
Back to Search

SuSE 9.1 security update for kernel



The system is missing one or more SuSE security patches. This update fixes following security issues: - CAN-2004-1068: Missing serialization in unix_dgram_recvmsg() could lead to elevated privileges, making it possible for a local attacker to gain root access. Thanks to Paul Starzetz for pointing out this problem. - CAN-2004-1016: Missing integer overflow checks in sendmsg / control message handling allows a local attacker to crash or halt the machine. This was independent found by Paul Starzetz and Georgi Guninski, and fixed by Herbert Xu. - A memory leak in the IP option handling in the sendmsg() system call that was reported by Georgi Guninski. - CAN-2004-1137: Some of the pointer handling in the Linux IGMP code was broken and could allow a local attacker to crash the machine. This was found by Paul Starzetz and fixed by Chris Wright. - A memory leak in ip_conntrack_ftp connection handling was fixed. - A local denial of service in aio_free_ring allows a local attacker to crash the machine. - A problem in the memory management handling of ELF executables could lead to a local attacker crashing with a handcrafted ELF binary. - CAN-2004-1151: A buffer overflow in the system call handling in the 32bit system call emulation on AMD64 / Intel EM64T systems could lead to a local privilege escalation or denial of service condition. - Fixed a remote denial of service problem in the NFS kernel service, allowing a remote attacker with NFS access to a machine to remotely crash the kernel.


With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center