CVE-2012-2372

Name of the Vulnerable Software and Affected Versions Linux kernel version 3.7.4 and earlier SUSE Linux Enterprise kernel-pae-devel (affected versions not specified) SUSE Linux Enterprise kernel-xen-devel (affected versions not specified) SUSE Linux Enterprise gfs2-kmp-xen (affected versions not specified) SUSE Linux Enterprise kernel-ec2-devel (affected versions not specified)

Description The issue allows local users to cause a denial of service by establishing an RDS connection with the source IP address equal to the IPoIB interface's own IP address. Multiple vulnerabilities in SUSE Linux Enterprise packages may lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.

Recommendations For Linux kernel version 3.7.4 and earlier: update to a version later than 3.7.4 to resolve the issue. For SUSE Linux Enterprise kernel-pae-devel: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For SUSE Linux Enterprise kernel-xen-devel: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For SUSE Linux Enterprise gfs2-kmp-xen: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For SUSE Linux Enterprise kernel-ec2-devel: At the moment, there is no information about a newer version that contains a fix for this vulnerability.