Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2007)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Oracle Linux host is missing one or more security updates.

Description :

Description of changes:

* CVE-2012-0879: Denial of service in CLONE_IO.

CLONE_IO reference counting error could be exploited by an
unprivileged local user to cause denial of service.


* CVE-2012-1097: NULL pointer dereference in the ptrace subsystem.

Under certain circumstances, ptrace-ing a process could lead to a NULL
pointer dereference and kernel panic.


* CVE-2012-1090: Denial of service in the CIFS filesystem reference
counting.

Under certain circumstances, the CIFS filesystem would open a file on
lookup. If the file was determined later to be a FIFO or any other
special file the file handle would be leaked, leading to reference
counting mismatch and a kernel OOPS on unmount.

An unprivileged local user could use this flaw to crash the system.

kernel-uek:

[2.6.32-300.21.1.el6uek]
- regset: Return -EFAULT, not -EIO, on host-side memory fault (H. Peter
Anvin)
CVE-2012-1097
- regset: Prevent NULL pointer reference on readonly regsets (H. Peter
Anvin)
CVE-2012-1097
- cifs: fix dentry refcount leak when opening a FIFO on lookup (Jeff Layton)
CVE-2012-1090
- block: Fix io_context leak after failure of clone with CLONE_IO (Louis
Rilling) CVE-2012-0879

See also :

https://oss.oracle.com/pipermail/el-errata/2012-April/002766.html
https://oss.oracle.com/pipermail/el-errata/2012-April/002764.html

Solution :

Update the affected unbreakable enterprise kernel packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: Oracle Linux Local Security Checks

Nessus Plugin ID: 68670 ()

Bugtraq ID:

CVE ID: CVE-2012-0879
CVE-2012-1090
CVE-2012-1097