OVAL Reference oval:org.opensuse.security:def:20092848

Oval Definition:

oval:org.opensuse.security:def:20092848

Revision Date:	2022-09-02	Version:	1
Title:	CVE-2009-2848
Description:	The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2009-2848 Mitre CVE-2009-2848 SUSE CVE-2009-2848 SUSE-SA:2009:054 SUSE-SA:2009:056 SUSE-SA:2010:012
Platform(s):	Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 Open Enterprise Server openSUSE 11.0 openSUSE 11.1 SUSE CORE 9 for AMD64 and Intel EM64T SUSE Linux Enterprise 11 GA for EC2 SUSE Linux Enterprise Desktop 11 GA SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Desktop 15 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise High Availability Extension 11 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Micro 5.0 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Realtime 10 SP2 SUSE Linux Enterprise SDK 10 SP2 SUSE Linux Enterprise SDK 11 GA SUSE Linux Enterprise Server 11 GA SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0	Product(s):
Definition Synopsis
Release Information sles10-sp2-sdk is installed AND kernel-debug less than 2.6.16.60-0.42.7 OR Package Information sles10-sp2-rt is installed AND ib-bonding-kmp-rt less than 0.9.0_2.6.22.19_0.35-1.21.1 OR ib-bonding-kmp-rt_bigsmp less than 0.9.0_2.6.22.19_0.35-1.21.1 OR ib-bonding-kmp-rt_debug less than 0.9.0_2.6.22.19_0.35-1.21.1 OR ib-bonding-kmp-rt_timing less than 0.9.0_2.6.22.19_0.35-1.21.1 OR kernel-rt less than 2.6.22.19-0.35 OR kernel-rt_bigsmp less than 2.6.22.19-0.35 OR kernel-rt_debug less than 2.6.22.19-0.35 OR kernel-rt_timing less than 2.6.22.19-0.35 OR kernel-source less than 2.6.22.19-0.35 OR kernel-syms less than 2.6.22.19-0.35 OR ofed-cxgb3-NIC-kmp-rt less than 1.3_2.6.22.19_0.35-0.18.1 OR ofed-cxgb3-NIC-kmp-rt_bigsmp less than 1.3_2.6.22.19_0.35-0.18.1 OR ofed-cxgb3-NIC-kmp-rt_debug less than 1.3_2.6.22.19_0.35-0.18.1 OR ofed-cxgb3-NIC-kmp-rt_timing less than 1.3_2.6.22.19_0.35-0.18.1 OR ofed-doc less than 1.3-0.33.4 OR ofed-kmp-rt less than 1.3_2.6.22.19_0.35-0.33.4 OR ofed-kmp-rt_bigsmp less than 1.3_2.6.22.19_0.35-0.33.4 OR ofed-kmp-rt_debug less than 1.3_2.6.22.19_0.35-0.33.4 OR ofed-kmp-rt_timing less than 1.3_2.6.22.19_0.35-0.33.4 OR ofed less than 1.3-0.33.4 OR Package Information sles10-sp2-sdk is installed AND kernel-kdump less than 2.6.16.60-0.42.7 OR Package Information sles10-sp2-sdk is installed AND kernel-debug less than 2.6.16.60-0.42.7 OR kernel-kdump less than 2.6.16.60-0.42.7 OR kernel-xen less than 2.6.16.60-0.42.7 OR kernel-xenpae less than 2.6.16.60-0.42.7 OR Package Information sles10-sp2-sdk is installed AND kernel-debug less than 2.6.16.60-0.42.7 OR kernel-kdump less than 2.6.16.60-0.42.7 OR kernel-xen less than 2.6.16.60-0.42.7
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed OR SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND Package Information kernel-default is not affected OR kernel-source is not affected
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Basesystem 15 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed OR SUSE Linux Enterprise Module for Development Tools 15 is installed OR SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND Package Information kernel-default is not affected OR kernel-source is not affected
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed OR SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information kernel-default is not affected OR kernel-source is not affected
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND kernel-default is not affected OR kernel-source is not affected OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND kernel-default is not affected OR kernel-default-base is not affected OR kernel-default-devel is not affected OR kernel-devel is not affected OR kernel-macros is not affected OR kernel-source is not affected OR Package Information SUSE Linux Enterprise Server 12 SP5 is installed AND kernel-default is not affected OR kernel-default-base is not affected OR kernel-default-devel is not affected OR kernel-default-man is not affected OR kernel-devel is not affected OR kernel-macros is not affected OR kernel-source is not affected OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND kernel-default is not affected OR kernel-default-base is not affected OR kernel-default-devel is not affected OR kernel-default-kgraft is not affected OR kernel-devel is not affected OR kernel-macros is not affected OR kernel-source is not affected
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information kernel-default is not affected OR kernel-source is not affected
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information kernel-default is not affected OR kernel-source is not affected
Definition Synopsis
SUSE Linux Enterprise Micro 5.0 is installed AND kernel-default is not affected
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND kernel-default is not affected OR kernel-source is not affected OR Package Information SUSE Linux Enterprise Server 12 SP5 is installed AND kernel-default is not affected OR kernel-default-base is not affected OR kernel-default-devel is not affected OR kernel-default-man is not affected OR kernel-devel is not affected OR kernel-macros is not affected OR kernel-source is not affected
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed AND kernel-default is not affected OR kernel-source is not affected OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND kernel-default is not affected OR kernel-default-base is not affected OR kernel-default-devel is not affected OR kernel-devel is not affected OR kernel-macros is not affected OR kernel-source is not affected

BACK