CVE-2010-3873

Name of the Vulnerable Software and Affected Versions openSUSE systemtap-runtime-debuginfo (affected versions not specified) openSUSE systemtap-sdt-devel (affected versions not specified) openSUSE systemtap (affected versions not specified) openSUSE libvmtools0 (affected versions not specified) openSUSE systemtap-client (affected versions not specified) openSUSE systemtap-client-debuginfo (affected versions not specified) openSUSE systemtap-server-debuginfo (affected versions not specified) openSUSE libvmtools0-debuginfo (affected versions not specified) openSUSE systemtap-runtime (affected versions not specified) Linux kernel versions prior to 2.6.36.2 openSUSE systemtap-server (affected versions not specified) openSUSE systemtap-debuginfo (affected versions not specified) openSUSE systemtap-debugsource (affected versions not specified) openSUSE libvmtools-devel (affected versions not specified)

Description The issue involves multiple vulnerabilities in various packages of the openSUSE operating system, including systemtap and libvmtools, which can lead to a disruption of protected information availability. These vulnerabilities can be exploited remotely. Additionally, a vulnerability in the Linux kernel's X.25 implementation can cause a denial of service or potentially have other impacts due to heap memory corruption and panic, resulting from malformed X25 FAC CALLING AE or X25 FAC CALLED AE data.

Recommendations For openSUSE systemtap-runtime-debuginfo, consider disabling the vulnerable components until a patch is available. For openSUSE systemtap-sdt-devel, restrict access to the vulnerable modules to minimize the risk of exploitation. For openSUSE systemtap, avoid using the vulnerable functions until the issue is resolved. For openSUSE libvmtools0, consider disabling the vulnerable parameters until a patch is available. For openSUSE systemtap-client, restrict access to the vulnerable API endpoints to minimize the risk of exploitation. For openSUSE systemtap-client-debuginfo, consider disabling the vulnerable debug information until a patch is available. For openSUSE systemtap-server-debuginfo, restrict access to the vulnerable server components to minimize the risk of exploitation. For openSUSE libvmtools0-debuginfo, consider disabling the vulnerable debug information until a patch is available. For openSUSE systemtap-runtime, avoid using the vulnerable runtime components until the issue is resolved. For Linux kernel versions prior to 2.6.36.2, update to version 2.6.36.2 or later to resolve the issue. For openSUSE systemtap-server, consider disabling the vulnerable server components until a patch is available. For openSUSE systemtap-debuginfo, restrict access to the vulnerable debug information to minimize the risk of exploitation. For openSUSE systemtap-debugsource, consider disabling the vulnerable debug source until a patch is available. For openSUSE libvmtools-devel, avoid using the vulnerable development components until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability in some of the affected packages.