Oval Definition:oval:org.opensuse.security:def:20093286
Revision Date:2022-05-20Version:1
Title:CVE-2009-3286
Description:

NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_permission function even when a create fails.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2009-3286
Mitre CVE-2009-3286
SUSE CVE-2009-3286
SUSE-SA:2009:060
SUSE-SA:2009:060
SUSE-SA:2010:012
SUSE-SA:2010:012
Platform(s):openSUSE 11.0
openSUSE 11.1
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise High Availability Extension 11
SUSE Linux Enterprise Realtime 10 SP2
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server for SAP Applications 11
Product(s):
Definition Synopsis
  • sles10-sp2-rt is installed
  • AND Package Information
  • ib-bonding-kmp-rt less than 0.9.0_2.6.22.19_0.35-1.21.1
  • OR ib-bonding-kmp-rt_bigsmp less than 0.9.0_2.6.22.19_0.35-1.21.1
  • OR ib-bonding-kmp-rt_debug less than 0.9.0_2.6.22.19_0.35-1.21.1
  • OR ib-bonding-kmp-rt_timing less than 0.9.0_2.6.22.19_0.35-1.21.1
  • OR kernel-rt less than 2.6.22.19-0.35
  • OR kernel-rt_bigsmp less than 2.6.22.19-0.35
  • OR kernel-rt_debug less than 2.6.22.19-0.35
  • OR kernel-rt_timing less than 2.6.22.19-0.35
  • OR kernel-source less than 2.6.22.19-0.35
  • OR kernel-syms less than 2.6.22.19-0.35
  • OR ofed-cxgb3-NIC-kmp-rt less than 1.3_2.6.22.19_0.35-0.18.1
  • OR ofed-cxgb3-NIC-kmp-rt_bigsmp less than 1.3_2.6.22.19_0.35-0.18.1
  • OR ofed-cxgb3-NIC-kmp-rt_debug less than 1.3_2.6.22.19_0.35-0.18.1
  • OR ofed-cxgb3-NIC-kmp-rt_timing less than 1.3_2.6.22.19_0.35-0.18.1
  • OR ofed-doc less than 1.3-0.33.4
  • OR ofed-kmp-rt less than 1.3_2.6.22.19_0.35-0.33.4
  • OR ofed-kmp-rt_bigsmp less than 1.3_2.6.22.19_0.35-0.33.4
  • OR ofed-kmp-rt_debug less than 1.3_2.6.22.19_0.35-0.33.4
  • OR ofed-kmp-rt_timing less than 1.3_2.6.22.19_0.35-0.33.4
  • OR ofed less than 1.3-0.33.4
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • ext4dev-kmp-default-0_2.6.27.39_0.3-7.1 is installed
  • OR ext4dev-kmp-pae-0_2.6.27.23_0.1-7.1 is installed
  • OR ext4dev-kmp-ppc64-0_2.6.27.39_0.3-7.1 is installed
  • OR ext4dev-kmp-vmi-0_2.6.27.23_0.1-7.1 is installed
  • OR ext4dev-kmp-xen-0_2.6.27.23_0.1-7.1 is installed
  • OR iscsitarget-kmp-default-0.4.15_2.6.27.54_0.2-94.14 is installed
  • OR kernel-default-2.6.27.39-0.3 is installed
  • OR kernel-default-base-2.6.27.39-0.3 is installed
  • OR kernel-default-man-2.6.27.23-0.1 is installed
  • OR kernel-kdump-2.6.27.39-0.3 is installed
  • OR kernel-pae-2.6.27.23-0.1 is installed
  • OR kernel-pae-base-2.6.27.23-0.1 is installed
  • OR kernel-ppc64-2.6.27.39-0.3 is installed
  • OR kernel-ppc64-base-2.6.27.39-0.3 is installed
  • OR kernel-source-2.6.27.39-0.3 is installed
  • OR kernel-syms-2.6.27.39-0.3 is installed
  • OR kernel-vmi-2.6.27.23-0.1 is installed
  • OR kernel-vmi-base-2.6.27.23-0.1 is installed
  • OR kernel-xen-2.6.27.23-0.1 is installed
  • OR kernel-xen-base-2.6.27.23-0.1 is installed
  • OR oracleasm-kmp-default-2.0.5_2.6.27.54_0.2-7.9 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND Package Information
  • ext4dev-kmp-default-0_2.6.27.39_0.3-7.1.22 is installed
  • OR ext4dev-kmp-pae-0_2.6.27.39_0.3-7.1.22 is installed
  • OR ext4dev-kmp-ppc64-0_2.6.27.39_0.3-7.1.22 is installed
  • OR ext4dev-kmp-vmi-0_2.6.27.39_0.3-7.1.22 is installed
  • OR ext4dev-kmp-xen-0_2.6.27.39_0.3-7.1.22 is installed
  • OR iscsitarget-kmp-default-0.4.15_2.6.27.54_0.2-94.14.8 is installed
  • OR kernel-default-2.6.27.39-0.3.1 is installed
  • OR kernel-default-base-2.6.27.39-0.3.1 is installed
  • OR kernel-default-man-2.6.27.39-0.3.1 is installed
  • OR kernel-kdump-2.6.27.39-0.3.1 is installed
  • OR kernel-pae-2.6.27.39-0.3.1 is installed
  • OR kernel-pae-base-2.6.27.39-0.3.1 is installed
  • OR kernel-ppc64-2.6.27.39-0.3.1 is installed
  • OR kernel-ppc64-base-2.6.27.39-0.3.1 is installed
  • OR kernel-source-2.6.27.39-0.3.1 is installed
  • OR kernel-syms-2.6.27.39-0.3.1 is installed
  • OR kernel-vmi-2.6.27.39-0.3.1 is installed
  • OR kernel-vmi-base-2.6.27.39-0.3.1 is installed
  • OR kernel-xen-2.6.27.39-0.3.1 is installed
  • OR kernel-xen-base-2.6.27.39-0.3.1 is installed
  • OR oracleasm-kmp-default-2.0.5_2.6.27.54_0.2-7.9.1 is installed
    • BACK