Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2010)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Oracle Linux host is missing one or more security updates.

Description :

Description of changes:

[2.6.32-100.28.9.el6]
- sync up the version

[2.6.32-100.28.8.el6]
- [block] check for proper length of iov entries earlier in
blk_rq_map_user_iov
(Xiaotian Feng) {CVE-2010-4668}
- scm: lower SCM_MAX_FD (Eric Dumazet) {CVE-2010-4249}
- perf_events: Fix perf_counter_mmap() hook in mprotect() (Pekka Enberg)
{CVE-2010-4169}
- tcp: Increase TCP_MAXSEG socket option minimum (David S. Miller)
{CVE-2010-4165}
- Enable module force load option [orabug 11782146]
- Enable vmw balloon and pvscsi (Guru Anbalagane) [orabug 11697522]

[2.6.32-100.28.7.el6]
- build from git

[2.6.32-100.28.6.el6]
- Remove crashkernel option if it is present [bug 11714928]

See also :

https://oss.oracle.com/pipermail/el-errata/2011-March/002014.html
https://oss.oracle.com/pipermail/el-errata/2011-March/002008.html

Solution :

Update the affected unbreakable enterprise kernel packages.

Risk factor :

Medium / CVSS Base Score : 4.9
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C)

Family: Oracle Linux Local Security Checks

Nessus Plugin ID: 68414 ()

Bugtraq ID:

CVE ID: CVE-2010-4165
CVE-2010-4169
CVE-2010-4249
CVE-2010-4668