This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
The kernel packages contain the Linux kernel, the core of any Linux
This update fixes the following security issues :
- Numerous reference count leaks were found in the Linux
kernel's block layer I/O context handling
implementation. This could allow a local, unprivileged
user to cause a denial of service. (CVE-2012-0879,
- A flaw was found in the Linux kernel's cifs_lookup()
implementation. POSIX open during lookup should only be
supported for regular files. When non-regular files (for
example, a named (FIFO) pipe or other special files) are
opened on lookup, it could cause a denial of service.
- It was found that the Linux kernel's register set
(regset) common infrastructure implementation did not
check if the required get and set handlers were
initialized. A local, unprivileged user could use this
flaw to cause a denial of service by performing a
register set operation with a ptrace() PTRACE_SETREGSET
or PTRACE_GETREGSET request. (CVE-2012-1097, Moderate)
This update also fixes several bugs and adds various enhancements. The
system must be rebooted for this update to take effect.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.2