CVE-2009-0835

Name of the Vulnerable Software and Affected Versions module-init-tools versions (affected versions not specified) module-init-tools-debuginfo versions (affected versions not specified) module-init-tools-debugsource versions (affected versions not specified)

Description The issue concerns multiple vulnerabilities in the module-init-tools package of SUSE Linux Enterprise and openSUSE operating systems, which can lead to a breach of protected information integrity. These vulnerabilities can be exploited locally. Additionally, a vulnerability in the secure computing function of the seccomp subsystem in the Linux kernel is related to errors in handling 32-bit and 64-bit processes, allowing a local attacker to bypass existing access restrictions using a specially crafted system call.

Recommendations For module-init-tools, consider disabling the package until a patch is available. For module-init-tools-debuginfo, restrict access to the package to minimize the risk of exploitation. For module-init-tools-debugsource, avoid using the package in sensitive environments until the issue is resolved. As a temporary workaround, consider disabling the secure computing function in the seccomp subsystem until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.