Scientific Linux Security Update : kernel on SL4.x i386/x86_64

medium Nessus Plugin ID 60871

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

This update fixes the following security issues :

- Information leak flaws were found in the Linux kernel Traffic Control Unit implementation. A local attacker could use these flaws to cause the kernel to leak kernel memory to user-space, possibly leading to the disclosure of sensitive information. (CVE-2010-2942, Moderate)

- A flaw was found in the tcf_act_police_dump() function in the Linux kernel network traffic policing implementation. A data structure in tcf_act_police_dump() was not initialized properly before being copied to user-space. A local, unprivileged user could use this flaw to cause an information leak.
(CVE-2010-3477, Moderate)

- A missing upper bound integer check was found in the sys_io_submit() function in the Linux kernel asynchronous I/O implementation. A local, unprivileged user could use this flaw to cause an information leak.
(CVE-2010-3067, Low)

This update also fixes the following bugs :

- When two systems using bonding devices in the adaptive load balancing (ALB) mode communicated with each other, an endless loop of ARP replies started between these two systems due to a faulty MAC address update. With this update, the MAC address update no longer creates unneeded ARP replies. (BZ#629239)

- When running the Connectathon NFS Testsuite with certain clients and Scientific Linux 4.8 as the server, nfsvers4, lock, and test2 failed the Connectathon test.
(BZ#625535)

- For UDP/UNIX domain sockets, due to insufficient memory barriers in the network code, a process sleeping in select() may have missed notifications about new data.
In rare cases, this bug may have caused a process to sleep forever. (BZ#640117)

- In certain situations, a bug found in either the HTB or TBF network packet schedulers in the Linux kernel could have caused a kernel panic when using Broadcom network cards with the bnx2 driver. (BZ#624363)

- Previously, allocating fallback cqr for DASD reserve/release IOCTLs failed because it used the memory pool of the respective device. This update preallocates sufficient memory for a single reserve/release request.
(BZ#626828)

- In some situations a bug prevented 'force online' succeeding for a DASD device. (BZ#626827)

- Using the 'fsstress' utility may have caused a kernel panic. (BZ#633968)

- This update introduces additional stack guard patches.
(BZ#632515)

- A bug was found in the way the megaraid_sas driver handled physical disks and management IOCTLs. All physical disks were exported to the disk layer, allowing an oops in megasas_complete_cmd_dpc() when completing the IOCTL command if a timeout occurred. (BZ#631903)

- Previously, a warning message was returned when a large amount of messages was passed through netconsole and a considerable amount of network load was added. With this update, the warning message is no longer displayed.
(BZ#637729)

- Executing a large 'dd' command (1 to 5GB) on an iSCSI device with the qla3xxx driver caused a system crash due to the incorrect storing of a private data structure.
With this update, the size of the stored data structure is checked and the system crashes no longer occur.
(BZ#624364)

The system must be rebooted for this update to take effect.

Solution

Update the affected packages.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=624363

https://bugzilla.redhat.com/show_bug.cgi?id=624364

https://bugzilla.redhat.com/show_bug.cgi?id=625535

https://bugzilla.redhat.com/show_bug.cgi?id=626827

https://bugzilla.redhat.com/show_bug.cgi?id=626828

https://bugzilla.redhat.com/show_bug.cgi?id=629239

https://bugzilla.redhat.com/show_bug.cgi?id=631903

https://bugzilla.redhat.com/show_bug.cgi?id=632515

https://bugzilla.redhat.com/show_bug.cgi?id=633968

https://bugzilla.redhat.com/show_bug.cgi?id=637729

https://bugzilla.redhat.com/show_bug.cgi?id=640117

http://www.nessus.org/u?e4dd9f70

Plugin Details

Severity: Medium

ID: 60871

File Name: sl_20101019_kernel_on_SL4_x.nasl

Version: 1.6

Type: local

Agent: unix

Published: 8/1/2012

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 10/19/2010

Vulnerability Publication Date: 9/21/2010

Reference Information

CVE: CVE-2010-2942, CVE-2010-3067, CVE-2010-3477