---------------------------------------------------------------------- Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA38399 VERIFY ADVISORY: http://secunia.com/advisories/38399/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to manipulate certain data, and by malicious people to cause a DoS (Denial of Service). For more information: SA35265 1) The qla2xxx driver for QLogic Fibre Channel PCI/PCIe host adapters sets world-writable permissions for the "/sys/class/scsi_host/[a qla2xxx host]/vport_create" and "/sys/class/scsi_host/[a qla2xxx host]/vport_delete" files, which can be exploited to change certain SCSI attributes. SOLUTION: Apply updated packages. SUSE Linux Enterprise Desktop 10 SP2 for x86 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=0e38893ae48531c465e75bb476887271 SUSE Linux Enterprise 10 SP2 DEBUGINFO for IPF http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=8e541b7f2bfe8694ff60329a4b87780b SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM POWER http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a02e6340cd8b95ceba636634ae907750 SLE SDK 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=0e38893ae48531c465e75bb476887271 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=8e541b7f2bfe8694ff60329a4b87780b http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a02e6340cd8b95ceba636634ae907750 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=7a90bbd78c61a210fcbf21c821ac1ec8 SUSE Linux Enterprise 10 SP2 DEBUGINFO http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=0e38893ae48531c465e75bb476887271 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=8e541b7f2bfe8694ff60329a4b87780b http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a02e6340cd8b95ceba636634ae907750 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=7a90bbd78c61a210fcbf21c821ac1ec8 SUSE Linux Enterprise Desktop 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=0e38893ae48531c465e75bb476887271 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=7a90bbd78c61a210fcbf21c821ac1ec8 SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=7a90bbd78c61a210fcbf21c821ac1ec8 SUSE Linux Enterprise Server 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=0e38893ae48531c465e75bb476887271 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=8e541b7f2bfe8694ff60329a4b87780b http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=a02e6340cd8b95ceba636634ae907750 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=7a90bbd78c61a210fcbf21c821ac1ec8 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=1d4930dd8139d55c7a6310239ec5aacc SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM zSeries 64bit http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=1d4930dd8139d55c7a6310239ec5aacc ORIGINAL ADVISORY: SUSE-SA:2010:009: http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00001.html OTHER REFERENCES: SA35265: http://secunia.com/advisories/35265/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------