SUSE-SA:2010:051 -- SUSE kernel local privilege escalationID: oval:org.secpod.oval:def:400032 | Date: (C)2012-01-31 (M)2024-01-02 |
Class: PATCH | Family: unix |
This updated openSUSE 11.3 kernel fixes the following security bugs: CVE-2010-3310: local users could corrupt kernel heap memory via ROSE sockets. CVE-2010-2962: local users could write to any kernel memory location via the i915 GEM ioctl interface. Exploitability requires the presence of a i915 compatible graphics card. Additionally the update restores the compat_alloc_userspace inline function and includes several other bug fixes.