---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA39178 VERIFY ADVISORY: http://secunia.com/advisories/39178/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to manipulate certain data, disclose potentially sensitive information, and cause a DoS (Denial of Service). For more information: SA37590 SA38317 SA38601 1) The qla2xxx driver for QLogic Fibre Channel PCI/PCIe host adapters sets world-writable permissions for the "/sys/class/scsi_host/[a qla2xxx host]/vport_create" and "/sys/class/scsi_host/[a qla2xxx host]/vport_delete" files, which can be exploited to change certain SCSI attributes. SOLUTION: Apply updated packages. SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=30110847005ad3a7ea7c5d1efd067ce1 SUSE Linux Enterprise Server 10 SP3 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=30110847005ad3a7ea7c5d1efd067ce1 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=d5a23ca2612948125ba212f86484077b http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=9a1d7bed362eab0ffb8a1cfcb944439e http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=ffb169f8e0b809058bff6cb318c6a511 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=44be42f54c5e35e6e551e68351bbd0e1 SLE SDK 10 SP3 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=30110847005ad3a7ea7c5d1efd067ce1 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=9a1d7bed362eab0ffb8a1cfcb944439e http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=ffb169f8e0b809058bff6cb318c6a511 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=44be42f54c5e35e6e551e68351bbd0e1 SUSE Linux Enterprise Desktop 10 SP3 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=30110847005ad3a7ea7c5d1efd067ce1 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=44be42f54c5e35e6e551e68351bbd0e1 SUSE Linux Enterprise Desktop 10 SP3 for x86 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=44be42f54c5e35e6e551e68351bbd0e1 ORIGINAL ADVISORY: SUSE-SA:2010:019: http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html OTHER REFERENCES: SA37590: http://secunia.com/advisories/37590/ SA38317: http://secunia.com/advisories/38317/ SA38601: http://secunia.com/advisories/38601/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------