Open Source

Vulnerabilities reported in SUSE Linux Enterprise Server, SUSE kernel

A vulnerability which could be exploited to cause a Denial of Service has been reported in SUSE Linux Enterprise Server. SUSE has also released an update for various vulnerabilities found in the kernel.

A vulnerability that could be exploited to cause a denial-of-service attack has been reported in SUSE Linux Enterprise Server. SUSE has also released an update for various vulnerabilities found in the kernel.

According to Secunia:

The vulnerability is caused due to an error when processing dynamic DNS update requests. This can be exploited to crash the "named" process via a GSS-TSIG request.

This vulnerability is reported in Novell SUSE Linux Enterprise Server 10 SP1 and can be rectified by updating libgssapi package to version 0.6-13.7 or later.

In addition, SUSE has issued an update for the kernel. This update fixes some vulnerabilities that can be exploited by local users to gain escalated privileges as well as cause a DoS. For a list of the patches, check out the Secunia advisory.

About Paul Mah

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

Editor's Picks

Free Newsletters, In your Inbox