This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
A flaw was found in the way QEMU-KVM handled erroneous data provided
by the Linux virtio-net driver, used by guest operating systems. Due
to a deficiency in the TSO (TCP segment offloading) implementation, a
guest's virtio-net driver would transmit improper data to a certain
QEMU-KVM process on the host, causing the guest to crash. A remote
attacker could use this flaw to send specially-crafted data to a
target guest system, causing that guest to crash. (CVE-2010-0741)
The following procedure must be performed before this update will take
1) Stop all KVM guest virtual machines.
2) Either reboot the hypervisor machine or, as the root user, remove
(using 'modprobe -r [module]') and reload (using 'modprobe [module]')
all of the following modules which are currently running (determined
using 'lsmod'): kvm, ksm, kvm-intel or kvm-amd.
3) Restart the KVM guest virtual machines.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.8
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60769 ()
CVE ID: CVE-2010-0741