Scientific Linux Security Update : kernel on SL5.x i386/x86_64

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

This update fixes the following security issues :

- Buffer overflow flaws were found in the
udf_load_logicalvol() function in the Universal Disk
Format (UDF) file system implementation in the Linux
kernel. An attacker with physical access to a system
could use these flaws to cause a denial of service or
escalate their privileges. (CVE-2012-3400, Low)

This update also fixes the following bugs :

- Previously, race conditions could sometimes occur in
interrupt handling on the Emulex BladeEngine 2 (BE2)
controllers, causing the network adapter to become
unresponsive. This update provides a series of patches
for the be2net driver, which prevents the race from
occurring. The network cards using BE2 chipsets no
longer hang due to incorrectly handled interrupt events.

- A boot-time memory allocation pool (the DMI heap) is
used to keep the list of Desktop Management Interface
(DMI) devices during the system boot. Previously, the
size of the DMI heap was only 2048 bytes on the AMD64
and Intel 64 architectures and the DMI heap space could
become easily depleted on some systems, such as the IBM
System x3500 M2. A subsequent OOM failure could, under
certain circumstances, lead to a NULL pointer entry
being stored in the DMI device list. Consequently,
scanning of such a corrupted DMI device list resulted in
a kernel panic. The boot-time memory allocation pool for
the AMD64 and Intel 64 architectures has been enlarged
to 4096 bytes and the routines responsible for
populating the DMI device list have been modified to
skip entries if their name string is NULL. The kernel no
longer panics in this scenario.

- The size of the buffer used to print the kernel taint
output on kernel panic was too small, which resulted in
the kernel taint output not being printed completely
sometimes. With this update, the size of the buffer has
been adjusted and the kernel taint output is now
displayed properly.

- The code to print the kernel taint output contained a
typographical error. Consequently, the kernel taint
output, which is displayed on kernel panic, could not
provide taint error messages for unsupported hardware.
This update fixes the typo and the kernel taint output
is now displayed correctly.

The system must be rebooted for this update to take effect.

See also :

http://www.nessus.org/u?e3bcba26

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 65076 ()

Bugtraq ID:

CVE ID: CVE-2012-3400