Scientific Linux Security Update : kernel on SL5.x i386/x86_64

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

Security fixes :

- memory leaks were found on some error paths in the
icmp_send() function in the Linux kernel. This could,
potentially, cause the network connectivity to cease.
(CVE-2009-0778, Important)

- Chris Evans reported a deficiency in the clone() system
call when called with the CLONE_PARENT flag. This flaw
permits the caller (the parent process) to indicate an
arbitrary signal it wants to receive when its child
process exits. This could lead to a denial of service of
the parent process. (CVE-2009-0028, Moderate)

- an off-by-one underflow flaw was found in the eCryptfs
subsystem. This could potentially cause a local denial
of service when the readlink() function returned an
error. (CVE-2009-0269, Moderate)

- a deficiency was found in the Remote BIOS Update (RBU)
driver for Dell systems. This could allow a local,
unprivileged user to cause a denial of service by
reading zero bytes from the image_type or packet_size
files in '/sys/devices/platform/dell_rbu/'.
(CVE-2009-0322, Moderate)

- an inverted logic flaw was found in the SysKonnect FDDI
PCI adapter driver, allowing driver statistics to be
reset only when the CAP_NET_ADMIN capability was absent
(local, unprivileged users could reset driver
statistics). (CVE-2009-0675, Moderate)

- the sock_getsockopt() function in the Linux kernel did
not properly initialize a data structure that can be
directly returned to user-space when the getsockopt()
function is called with SO_BSDCOMPAT optname set. This
flaw could possibly lead to memory disclosure.
(CVE-2009-0676, Moderate)

- the ext2 and ext3 file system code failed to properly
handle corrupted data structures, leading to a possible
local denial of service when read or write operations
were performed on a specially crafted file system.
(CVE-2008-3528, Low)

- a deficiency was found in the libATA implementation.
This could, potentially, lead to a local denial of
service. Note: by default, the '/dev/sg*' devices are
accessible only to the root user. (CVE-2008-5700, Low)

Bug fixes :

- a bug in aic94xx may have caused kernel panics during
boot on some systems with certain SATA disks.
(BZ#485909)

- a word endianness problem in the qla2xx driver on
PowerPC-based machines may have corrupted flash-based
devices. (BZ#485908)

- a memory leak in pipe() may have caused a system
deadlock. The workaround, which involved manually
allocating extra file descriptors toprocesses calling
do_pipe, is no longer necessary. (BZ#481576)

- CPU soft-lockups in the network rate estimator.
(BZ#481746)

- bugs in the ixgbe driver caused it to function
unreliably on some systems with 16 or more CPU cores.
(BZ#483210)

- the iwl4965 driver may have caused a kernel panic.
(BZ#483206)

- a bug caused NFS attributes to not update for some
long-lived NFS mounted file systems. (BZ#483201)

- unmounting a GFS2 file system may have caused a panic.
(BZ#485910)

- a bug in ptrace() may have caused a panic when single
stepping a target. (BZ#487394)

- on some 64-bit systems, notsc was incorrectly set at
boot, causing slow gettimeofday() calls. (BZ#488239)

- do_machine_check() cleared all Machine Check Exception
(MCE) status registers, preventing the BIOS from using
them to determine the cause of certain panics and
errors. (BZ#490433)

- scaling problems caused performance problems for LAPI
applications. (BZ#489457)

- a panic may have occurred on systems using certain Intel
WiFi Link 5000 products when booting with the RF Kill
switch on. (BZ#489846)

- the TSC is invariant with C/P/T states, and always runs
at constant frequency from now on. (BZ#489310)

The system must be rebooted for this update to take effect.

See also :

http://www.nessus.org/u?32071883
https://bugzilla.redhat.com/show_bug.cgi?id=481576
https://bugzilla.redhat.com/show_bug.cgi?id=481746
https://bugzilla.redhat.com/show_bug.cgi?id=483201
https://bugzilla.redhat.com/show_bug.cgi?id=483206
https://bugzilla.redhat.com/show_bug.cgi?id=483210
https://bugzilla.redhat.com/show_bug.cgi?id=485908
https://bugzilla.redhat.com/show_bug.cgi?id=485909
https://bugzilla.redhat.com/show_bug.cgi?id=485910
https://bugzilla.redhat.com/show_bug.cgi?id=487394
https://bugzilla.redhat.com/show_bug.cgi?id=488239
https://bugzilla.redhat.com/show_bug.cgi?id=489310
https://bugzilla.redhat.com/show_bug.cgi?id=489457
https://bugzilla.redhat.com/show_bug.cgi?id=489846
https://bugzilla.redhat.com/show_bug.cgi?id=490433

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60559 ()

Bugtraq ID:

CVE ID: CVE-2008-3528
CVE-2008-5700
CVE-2009-0028
CVE-2009-0269
CVE-2009-0322
CVE-2009-0675
CVE-2009-0676
CVE-2009-0778