Scientific Linux Security Update : kernel on SL5.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

These updated packages fix the following security issues :

- A security flaw was found in the Linux kernel memory
copy routines, when running on certain AMD64 systems. If
an unsuccessful attempt to copy kernel memory from
source to destination memory locations occurred, the
copy routines did not zero the content at the
destination memory location. This could allow a local
unprivileged user to view potentially sensitive data.
(CVE-2008-2729, Important)

- Tavis Ormandy discovered a deficiency in the Linux
kernel 32-bit and 64-bit emulation. This could allow a
local unprivileged user to prepare and run a specially
crafted binary, which would use this deficiency to leak
uninitialized and potentially sensitive data.
(CVE-2008-0598, Important)

- Brandon Edwards discovered a missing length validation
check in the Linux kernel DCCP module reconciliation
feature. This could allow a local unprivileged user to
cause a heap overflow, gaining privileges for arbitrary
code execution. (CVE-2008-2358, Moderate)

As well, these updated packages fix the following bug :

- Due to a regression, 'gettimeofday' may have gone
backwards on certain x86 hardware. This issue was quite
dangerous for time-sensitive systems, such as those used
for transaction systems and databases, and may have
caused applications to produce incorrect results, or
even crash.

See also :

http://www.nessus.org/u?62d6c871

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60430 ()

Bugtraq ID:

CVE ID: CVE-2008-0598
CVE-2008-2358
CVE-2008-2729