Detections
Analytics

Slackware current : kernel (SSA:2009-342-01)

high Nessus Plugin ID 54875

Language:

Synopsis

The remote Slackware host is missing a security update.

Description

New Linux kernel packages are available for Slackware 13.0 and
-current to address a security issue. A kernel bug discovered by David Ford may allow remote attackers to crash the kernel by sending an oversized IP packet. While the impact on ordinary servers is still unclear (the problem was noticed while running openvasd), we are issuing these kernel packages as a preemptive measure.

Solution

Update the affected packages.

See Also

https://lkml.org/lkml/2009/11/25/104

http://www.nessus.org/u?4ca18c3b

Plugin Details

Severity: High

ID: 54875

File Name: Slackware_SSA_2009-342-01.nasl

Version: 1.9

Type: local

Published: 5/28/2011

Updated: 1/14/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:slackware:slackware_linux:kernel-firmware, p-cpe:/a:slackware:slackware_linux:kernel-generic, p-cpe:/a:slackware:slackware_linux:kernel-generic-smp, p-cpe:/a:slackware:slackware_linux:kernel-headers, p-cpe:/a:slackware:slackware_linux:kernel-huge, p-cpe:/a:slackware:slackware_linux:kernel-huge-smp, p-cpe:/a:slackware:slackware_linux:kernel-modules, p-cpe:/a:slackware:slackware_linux:kernel-modules-smp, p-cpe:/a:slackware:slackware_linux:kernel-source, cpe:/o:slackware:slackware_linux

Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages

Patch Publication Date: 12/8/2009

Reference Information

CVE: CVE-2009-1298

CWE: 119

SSA: 2009-342-01