CVE-2006-4145

Name of the Vulnerable Software and Affected Versions openSUSE versions prior to the fixed version SUSE Linux Enterprise versions prior to the fixed version Linux kernel versions 2.6.17 and earlier

Description The issue affects multiple packages in openSUSE and SUSE Linux Enterprise, including multipath-tools, k debug, k page-64k, open-iscsi, kernel-xen-nongpl, k numa, km nss, k smp, k psmp, kernel-iseries64-tools, kernel-default-nongpl, kernel-update-tool, kernel-smp-nongpl, Intel-536ep, k itanium2, k itanium2-smp, kernel-um-nongpl, kernel-bigsmp-nongpl, k deflt, and k athlon. These vulnerabilities can be exploited remotely and may lead to a violation of confidentiality, integrity, and availability of protected information. The Linux kernel 2.6.17 and earlier are also affected, allowing local users to cause a denial of service via certain operations involving truncated files.

Recommendations For openSUSE, update to a version that contains the fix for this issue. For SUSE Linux Enterprise, update to a version that contains the fix for this issue. For Linux kernel 2.6.17 and earlier, update to a version later than 2.6.17 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability for some of the affected packages, so it is recommended to monitor the official sources for updates.