Scientific Linux Security Update : kernel on SL3.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

These updated packages fix the following security issues :

- the absence of a protection mechanism when attempting to
access a critical section of code has been found in the
Linux kernel open file descriptors control mechanism,
fcntl. This could allow a local unprivileged user to
simultaneously execute code, which would otherwise be
protected against parallel execution. As well, a race
condition when handling locks in the Linux kernel fcntl
functionality, may have allowed a process belonging to a
local unprivileged user to gain re-ordered access to the
descriptor table. (CVE-2008-1669, Important)

- the absence of a protection mechanism when attempting to
access a critical section of code, as well as a race
condition, have been found in the Linux kernel file
system event notifier, dnotify. This could allow a local
unprivileged user to get inconsistent data, or to send
arbitrary signals to arbitrary system processes.
(CVE-2008-1375, Important)

- when accessing kernel memory locations, certain Linux
kernel drivers registering a fault handler did not
perform required range checks. A local unprivileged user
could use this flaw to gain read or write access to
arbitrary kernel memory, or possibly cause a kernel
crash. (CVE-2008-0007, Important)

- a flaw was found when performing asynchronous input or
output operations on a FIFO special file. A local
unprivileged user could use this flaw to cause a kernel
panic. (CVE-2007-5001, Important)

- a flaw was found in the way core dump files were
created. If a local user could get a root-owned process
to dump a core file into a directory, which the user has
write access to, they could gain read access to that
core file. This could potentially grant unauthorized
access to sensitive information. (CVE-2007-6206,
Moderate)

- a buffer overflow was found in the Linux kernel ISDN
subsystem. A local unprivileged user could use this flaw
to cause a denial of service. (CVE-2007-6151, Moderate)

- a race condition found in the mincore system core could
allow a local user to cause a denial of service (system
hang). (CVE-2006-4814, Moderate)

- it was discovered that the Linux kernel handled string
operations in the opposite way to the GNU Compiler
Collection (GCC). This could allow a local unprivileged
user to cause memory corruption. (CVE-2008-1367, Low)

As well, these updated packages fix the following bugs :

- a bug, which caused long delays when unmounting mounts
containing a large number of unused dentries, has been
resolved.

- in the previous kernel packages, the kernel was unable
to handle certain floating point instructions on
Itanium(R) architectures.

- on certain Intel CPUs, the Translation Lookaside Buffer
(TLB) was not flushed correctly, which caused machine
check errors.

See also :

http://www.nessus.org/u?d51a1cec

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60393 ()

Bugtraq ID:

CVE ID: CVE-2006-4814
CVE-2007-5001
CVE-2007-6151
CVE-2007-6206
CVE-2008-0007
CVE-2008-1367
CVE-2008-1375
CVE-2008-1669