Linux Kernel Patch - is it in openSUSE's updater yet?

6tr6tr · August 14, 2009, 7:27am

Is this issue fixed via openSUSE’s updater?
cr0 blog: Linux NULL pointer dereference due to incorrect proto_ops initializations (CVE-2009-2692)

user · August 14, 2009, 1:35pm

6tr6tr wrote:

> Is this issue fixed via openSUSE’s updater?
> ‘cr0 blog: Linux NULL pointer dereference due to incorrect proto_ops
> initializations (CVE-2009-2692)’ (http://tinyurl.com/qvxu33)

I think not yet.

Greetings,

–
Camaleón

smpoole7 · August 14, 2009, 2:01pm

Do note that this particular vulnerability would only matter on multi-user systems. Unless you plan to attack yourself (generally a losing proposition), it shouldn’t keep you awake at night.

NEOHAPSIS - Peace of Mind Through Integrity and Insight

Yes, you should apply the patch when it becomes available, but unless you use the IPX protocol and have a machine that’s exposed to many other people (some of whom are hackers), I wouldn’t lose a lot of sleep over it.

Of course, other common-sense security measures apply – don’t download and execute anything from a non-trusted site. But that’s always true.

– Stephen

6tr6tr · August 14, 2009, 4:32pm

While I am the only one using this computer and I don’t use IPX, are you sure that really means it’s not vulnerable? I mean, my computer is connected to the internet so that means hackers CAN find it.

gminnerup · August 14, 2009, 4:35pm

Why would they bother?

malcolmlewis · August 14, 2009, 4:43pm

Hi
Are you using the ethernet interface to connect to the internet, or
going through a router. If it’s a router then that’s whats ‘seen’ on the
internet, assuming you haven’t opened up ports and forwarding them.
Even then it’s only those ports and services.

If your really concerned, get a shell account at somewhere like
http://www.rootshell.be/ and run nmap against your external ip address.

–
Cheers Malcolm °¿° (Linux Counter #276890)
SUSE Linux Enterprise Desktop 11 (x86_64) Kernel 2.6.27.25-0.1-default
up 9 days 18:17, 2 users, load average: 2.03, 2.20, 2.15
GPU GeForce 8600 GTS Silent - Driver Version: 190.18

lwfinger · August 14, 2009, 6:18pm

6tr6tr wrote:
>
> While I am the only one using this computer and I don’t use IPX, are
> you sure that really means it’s not vulnerable? I mean, my computer is
> connected to the internet so that means hackers CAN find it.

To ease your mind, exploiting that vulnerability requires mapping
address 0. In a standard openSUSE system, that address is not mapped,
otherwise I wouldn’t get the NULL pointer dumps when drivers that I am
testing have bugs. To map that address would require special code that
is unlikely to be introduced through a web browser. Only if you
downloaded and ran a Trojan program would such mapping be accomplished.

Ironically, the main way that this bug can be exploited is when
SELinux maps address 0.