Colin

**Name of the Vulnerable Software and Affected Versions** openSUSE versions prior to the fixed version SUSE Linux Enterprise versions prior to the fixed version Linux kernel versions 2.6.17 and earlier **Description** The issue affects multiple packages in openSUSE and SUSE Linux Enterprise, including multipath-tools, k debug, k page-64k, open-iscsi, kernel-xen-nongpl, k numa, km nss, k smp, k psmp, kernel-iseries64-tools, kernel-default-nongpl, kernel-update-tool, kernel-smp-nongpl, Intel-536ep, k itanium2, k itanium2-smp, kernel-um-nongpl, kernel-bigsmp-nongpl, k deflt, and k athlon. These vulnerabilities can be exploited remotely and may lead to a violation of confidentiality, integrity, and availability of protected information. The Linux kernel 2.6.17 and earlier are also affected, allowing local users to cause a denial of service via certain operations involving truncated files. **Recommendations** For openSUSE, update to a version that contains the fix for this issue. For SUSE Linux Enterprise, update to a version that contains the fix for this issue. For Linux kernel 2.6.17 and earlier, update to a version later than 2.6.17 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability for some of the affected packages, so it is recommended to monitor the official sources for updates.