CVE-2009-3547

Common Vulnerabilities and Exposures

Upstream information

CVE-2009-3547 at MITRE

Description

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

NVD CVSS v2 Base Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Note from the SUSE Security Team

This issue affects SLES 9, SLES 10 SP2, SP3 and SLES 11 and also the openSUSE products. On SLES 11 and openSUSE 11.1 the 'mmap_min_addr' protection protects against this NULL page exploit, unless disabled. Updates are in preparation and will be released begin of next week.

Novell Bugzilla entry: 550001

SUSE Security Advisories:

SUSE-SA:2009:054, published Wed, 11 Nov 2009 15:00:00 +0000
SUSE-SA:2009:055, published Thu, 12 Nov 2009 19:00:00 +0000
SUSE-SA:2009:056, published Mon, 16 Nov 2009 13:00:00 +0000
SUSE-SA:2009:060, published Wed, 02 Dec 2009 16:00:00 +0000
SUSE-SA:2010:001, published Thu, 07 Jan 2010 18:00:00 +0000
SUSE-SA:2010:012, published Mon, 15 Feb 2010 16:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.39_0.3-2.1.22` `cluster-network-kmp-xen >= 1.4_2.6.27.39_0.3-2.1.22`	sle11-hae.x86-64 sled11.x86-64 sles11.x86-64 sle11-debuginfo.x86-64 SAT Patch Nr: 1581
Novell Linux Desktop 9 for x86_64	`kernel-default >= 2.6.5-7.321` `kernel-smp >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321`	sles9-nld.x86-64 YOU Patch Nr: 12547
SUSE Linux Enterprise 10 SP2 DEBUGINFO for IPF	`kernel-debug-debuginfo >= 2.6.16.60-0.42.7` `kernel-default-debuginfo >= 2.6.16.60-0.42.7` `kernel-source-debuginfo >= 2.6.16.60-0.42.7`	sles10-sp2-debuginfo.ia64 sle10-sp2-sdk.ia64 sles10-sp2.ia64 ZYPP Patch Nr: 6633
SUSE Linux Enterprise Server 10 SP2 for IPF	`kernel-debug >= 2.6.16.60-0.42.7` `kernel-default >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7`	sles10-sp2-debuginfo.ia64 sle10-sp2-sdk.ia64 sles10-sp2.ia64 ZYPP Patch Nr: 6633
SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM zSeries 64bit	`kernel-default-debuginfo >= 2.6.16.60-0.42.7`	sles10-sp2-debuginfo.s390x sles10-sp2.s390x ZYPP Patch Nr: 6635
SUSE Linux Enterprise Server 10 SP2 for IBM zSeries 64bit	`kernel-default >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7`	sles10-sp2-debuginfo.s390x sles10-sp2.s390x ZYPP Patch Nr: 6635
SUSE Linux Enterprise Desktop 10 SP3 for x86	`kernel-bigsmp >= 2.6.16.60-0.57.1` `kernel-default >= 2.6.16.60-0.57.1` `kernel-smp >= 2.6.16.60-0.57.1` `kernel-source >= 2.6.16.60-0.57.1` `kernel-syms >= 2.6.16.60-0.57.1` `kernel-xen >= 2.6.16.60-0.57.1` `kernel-xenpae >= 2.6.16.60-0.57.1`	sles10-sp3.x86 sles10-sp3-debuginfo.x86 sled10-sp3.x86 sle10-sp3-sdk.x86 ZYPP Patch Nr: 6637
SUSE CORE 9 for IBM S/390 31bit	`kernel-s390 >= 2.6.5-7.321` `kernel-s390-debug >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321`	core9.s390 YOU Patch Nr: 12544
Novell Linux POS 9 SUSE CORE 9 for x86	`kernel-bigsmp >= 2.6.5-7.321` `kernel-debug >= 2.6.5-7.321` `kernel-default >= 2.6.5-7.321` `kernel-smp >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321` `kernel-um >= 2.6.5-7.321` `kernel-xen >= 2.6.5-7.321` `kernel-xenpae >= 2.6.5-7.321` `um-host-install-initrd >= 1.0-48.34` `um-host-kernel >= 2.6.5-7.321` `xen-kmp >= 3.0.4_2.6.5_7.321-0.2`	core9.x86 sles9-nlpos.x86 YOU Patch Nr: 12541
SUSE CORE 9 for Itanium Processor Family	`kernel-64k-pagesize >= 2.6.5-7.321` `kernel-debug >= 2.6.5-7.321` `kernel-default >= 2.6.5-7.321` `kernel-sn2 >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321`	core9.ia64 YOU Patch Nr: 12542
SUSE CORE 9 for IBM zSeries 64bit	`kernel-s390x >= 2.6.5-7.321` `kernel-s390x-debug >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321`	core9.s390x YOU Patch Nr: 12545
SUSE CORE 9 for IBM POWER	`kernel-default >= 2.6.5-7.321` `kernel-iseries64 >= 2.6.5-7.321` `kernel-pmac64 >= 2.6.5-7.321` `kernel-pseries64 >= 2.6.5-7.321` `kernel-smp >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321`	core9.ppc YOU Patch Nr: 12543
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.39_0.3-2.1.22`	sle11-hae.ppc sle11-debuginfo.ppc sles11.ppc SAT Patch Nr: 1590
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.39_0.3-2.1.22` `cluster-network-kmp-pae >= 1.4_2.6.27.39_0.3-2.1.22` `cluster-network-kmp-xen >= 1.4_2.6.27.39_0.3-2.1.22`	sle11-debuginfo.x86 sles11.x86 sled11.x86 sle11-hae.x86 SAT Patch Nr: 1588
SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM POWER	`kernel-default-debuginfo >= 2.6.16.60-0.42.7` `kernel-iseries64-debuginfo >= 2.6.16.60-0.42.7` `kernel-kdump-debuginfo >= 2.6.16.60-0.42.7` `kernel-ppc64-debuginfo >= 2.6.16.60-0.42.7`	sles10-sp2.ppc sles10-sp2-debuginfo.ppc sle10-sp2-sdk.ppc ZYPP Patch Nr: 6634
SUSE Linux Enterprise Server 10 SP2 for IBM POWER	`kernel-default >= 2.6.16.60-0.42.7` `kernel-iseries64 >= 2.6.16.60-0.42.7` `kernel-kdump >= 2.6.16.60-0.42.7` `kernel-ppc64 >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7`	sles10-sp2.ppc sles10-sp2-debuginfo.ppc sle10-sp2-sdk.ppc ZYPP Patch Nr: 6634
SUSE CORE 9 for AMD64 and Intel EM64T	`kernel-default >= 2.6.5-7.321` `kernel-smp >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321` `kernel-xen >= 2.6.5-7.321` `xen-kmp >= 3.0.4_2.6.5_7.321-0.2`	core9.x86-64 YOU Patch Nr: 12546
SUSE Linux Enterprise Desktop 10 SP2 for x86	`kernel-bigsmp >= 2.6.16.60-0.42.7` `kernel-default >= 2.6.16.60-0.42.7` `kernel-smp >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7` `kernel-xen >= 2.6.16.60-0.42.7` `kernel-xenpae >= 2.6.16.60-0.42.7`	sled10-sp2.x86 sle10-sp2-sdk.x86 sles10-sp2.x86 sles10-sp2-debuginfo.x86 ZYPP Patch Nr: 6632
SUSE Linux Enterprise 10 SP2 DEBUGINFO for x86	`kernel-bigsmp-debuginfo >= 2.6.16.60-0.42.7` `kernel-debug-debuginfo >= 2.6.16.60-0.42.7` `kernel-default-debuginfo >= 2.6.16.60-0.42.7` `kernel-kdump-debuginfo >= 2.6.16.60-0.42.7` `kernel-smp-debuginfo >= 2.6.16.60-0.42.7` `kernel-source-debuginfo >= 2.6.16.60-0.42.7` `kernel-xen-debuginfo >= 2.6.16.60-0.42.7` `kernel-xenpae-debuginfo >= 2.6.16.60-0.42.7`	sled10-sp2.x86 sle10-sp2-sdk.x86 sles10-sp2.x86 sles10-sp2-debuginfo.x86 ZYPP Patch Nr: 6632
SUSE Linux Enterprise Server 10 SP2 for x86	`kernel-bigsmp >= 2.6.16.60-0.42.7` `kernel-debug >= 2.6.16.60-0.42.7` `kernel-default >= 2.6.16.60-0.42.7` `kernel-kdump >= 2.6.16.60-0.42.7` `kernel-smp >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7` `kernel-vmi >= 2.6.16.60-0.42.7` `kernel-vmipae >= 2.6.16.60-0.42.7` `kernel-xen >= 2.6.16.60-0.42.7` `kernel-xenpae >= 2.6.16.60-0.42.7`	sled10-sp2.x86 sle10-sp2-sdk.x86 sles10-sp2.x86 sles10-sp2-debuginfo.x86 ZYPP Patch Nr: 6632
SUSE CORE 9 for AMD64 and Intel EM64T	`kernel-default >= 2.6.5-7.329.TDC` `kernel-smp >= 2.6.5-7.329.TDC` `kernel-source >= 2.6.5-7.329.TDC` `kernel-syms >= 2.6.5-7.329.TDC` `xen-kmp >= 3.0.4_2.6.5_7.329.TDC_-0.3`	Builds YOU Patch Nr: 12814
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T	`kernel-default >= 2.6.16.60-0.42.7` `kernel-smp >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7` `kernel-xen >= 2.6.16.60-0.42.7`	sled10-sp2.x86-64 sle10-sp2-sdk.x86-64 sles10-sp2.x86-64 sles10-sp2-debuginfo.x86-64 ZYPP Patch Nr: 6636
SUSE Linux Enterprise 10 SP2 DEBUGINFO for AMD64 and Intel EM64T	`kernel-debug-debuginfo >= 2.6.16.60-0.42.7` `kernel-default-debuginfo >= 2.6.16.60-0.42.7` `kernel-kdump-debuginfo >= 2.6.16.60-0.42.7` `kernel-smp-debuginfo >= 2.6.16.60-0.42.7` `kernel-source-debuginfo >= 2.6.16.60-0.42.7` `kernel-xen-debuginfo >= 2.6.16.60-0.42.7`	sled10-sp2.x86-64 sle10-sp2-sdk.x86-64 sles10-sp2.x86-64 sles10-sp2-debuginfo.x86-64 ZYPP Patch Nr: 6636
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T	`kernel-debug >= 2.6.16.60-0.42.7` `kernel-default >= 2.6.16.60-0.42.7` `kernel-kdump >= 2.6.16.60-0.42.7` `kernel-smp >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7` `kernel-xen >= 2.6.16.60-0.42.7`	sled10-sp2.x86-64 sle10-sp2-sdk.x86-64 sles10-sp2.x86-64 sles10-sp2-debuginfo.x86-64 ZYPP Patch Nr: 6636
SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T	`kernel-default >= 2.6.16.60-0.57.1` `kernel-smp >= 2.6.16.60-0.57.1` `kernel-source >= 2.6.16.60-0.57.1` `kernel-syms >= 2.6.16.60-0.57.1` `kernel-xen >= 2.6.16.60-0.57.1`	sle10-sp3-sdk.x86-64 sled10-sp3.x86-64 sles10-sp3.x86-64 sles10-sp3-debuginfo.x86-64 ZYPP Patch Nr: 6641
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.39_0.3-2.1.22`	sle11-hae.ia64 sle11-debuginfo.ia64 sles11.ia64 SAT Patch Nr: 1589
Novell Linux Desktop 9 for x86	`kernel-bigsmp >= 2.6.5-7.321` `kernel-default >= 2.6.5-7.321` `kernel-smp >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321`	sles9-nld.x86 sles9-oes.x86 YOU Patch Nr: 12548
Open Enterprise Server	`kernel-bigsmp >= 2.6.5-7.321` `kernel-debug >= 2.6.5-7.321` `kernel-default >= 2.6.5-7.321` `kernel-smp >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321` `kernel-um >= 2.6.5-7.321` `kernel-xen >= 2.6.5-7.321` `kernel-xenpae >= 2.6.5-7.321` `um-host-install-initrd >= 1.0-48.34` `um-host-kernel >= 2.6.5-7.321` `xen-kmp >= 3.0.4_2.6.5_7.321-0.2`	sles9-nld.x86 sles9-oes.x86 YOU Patch Nr: 12548
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.39_0.3-2.1.22`	sles11.s390x sle11-debuginfo.s390x sle11-hae.s390x SAT Patch Nr: 1591

List of products where fixes are in QA

SUSE Linux Enterprise High Availability Extension 11

Markets

Products By Category

Novell

NetIQ (Moving soon to NetIQ.com)

A-Z

Contribute