This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.
Synopsis :
The remote Fedora host is missing a security update.
Description :
Update to Linux kernel verion 2.6.25.1, 2.6.25.2, 2.6.25.3:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.1
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.2
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3
Security fixes: CVE-2008-1669 (2.6.25.2) - SMP ordering hole in
fcntl_setlk() CVE-2008-2136 (2.6.25.3) - SIT exploitable remote memory
leak CVE-2008-1375, CVE-2008-1675 were fixed in 2.6.25-12.fc9 and are
available in GA version of kernel package shipped in Fedora 9. Bugs
fixed: CIFS: fix slashes in path names to have proper format (#443681)
See also :
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.1
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.2
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3
https://bugzilla.redhat.com/show_bug.cgi?id=443433
https://bugzilla.redhat.com/show_bug.cgi?id=446031
http://www.nessus.org/u?74e56e01
Solution :
Update the affected kernel package.
Risk factor :
High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
Family: Fedora Local Security Checks
Nessus Plugin ID: 32346 (fedora_2008-3949.nasl)
CVE ID: CVE-2008-1669
CVE-2008-2136