local privilege escalation

Please Install the Updated Packages.

The SUSE Linux Enterprise 11 GA and openSUSE 11.1 kernels were updated to fix 3 critical security issues. Following security bugs were fixed: CVE-2010-3301: Mismatch between 32bit and 64bit register usage in the system call entry paths could be used by local attackers to gain root privileges. This problem only affects x86_64 kernels. CVE-2010-3081: Incorrect buffer handling in the biarch-compat buffer handling could be used by local attackers to gain root privileges. This problem affects foremost x86_64 where a exploit exists, and potentially other biarch platforms, like PowerPC and S/390. CVE-2010-2959: Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel allowed attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic. No other bugs were fixed in this update.

kernel on openSUSE 11.1

• http://www.novell.com/linux/security/advisories/2010_43_kernel.html

---

Updated on 2015-03-25