RHEL 4 : kernel (RHSA-2005:514)

This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.

Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated kernel packages are now available as part of ongoing support
and maintenance of Red Hat Enterprise Linux version 4. This is the
second regular update.

This update has been rated as having important security impact by the
Red Hat Security Response Team.

The Linux kernel handles the basic functions of the operating system.

This is the second regular kernel update to Red Hat Enterprise Linux

New features introduced in this update include: - Audit support -
systemtap - kprobes, relayfs - Keyring support - iSCSI Initiator -
iscsi_sfnet 4:0.1.11-1 - Device mapper multipath support - Intel dual
core support - esb2 chipset support - Increased exec-shield coverage -
Dirty page tracking for HA systems - Diskdump -- allow partial
diskdumps and directing to swap

There were several bug fixes in various parts of the kernel. The
ongoing effort to resolve these problems has resulted in a marked
improvement in the reliability and scalability of Red Hat Enterprise
Linux 4.

The following security bugs were fixed in this update, detailed below
with corresponding CAN names available from the Common Vulnerabilities
and Exposures project (cve.mitre.org) :

- flaws in ptrace() syscall handling on 64-bit systems
that allowed a local user to cause a denial of service
(crash) (CVE-2005-0756, CVE-2005-1761, CVE-2005-1762,

- flaws in IPSEC network handling that allowed a local
user to cause a denial of service or potentially gain
privileges (CVE-2005-2456, CVE-2005-2555)

- a flaw in sendmsg() syscall handling on 64-bit systems
that allowed a local user to cause a denial of service
or potentially gain privileges (CVE-2005-2490)

- a flaw in sendmsg() syscall handling that allowed a
local user to cause a denial of service by altering
hardware state (CVE-2005-2492)

- a flaw that prevented the topdown allocator from
allocating mmap areas all the way down to address zero

- flaws dealing with keyrings that could cause a local
denial of service (CVE-2005-2098, CVE-2005-2099)

- a flaw in the 4GB split patch that could allow a local
denial of service (CVE-2005-2100)

- a xattr sharing bug in the ext2 and ext3 file systems
that could cause default ACLs to disappear

- a flaw in the ipt_recent module on 64-bit architectures
which could allow a remote denial of service

The following device drivers have been upgraded to new versions :

qla2100 --------- 8.00.00b21-k to 8.01.00b5-rh2 qla2200 ---------
8.00.00b21-k to 8.01.00b5-rh2 qla2300 --------- 8.00.00b21-k to
8.01.00b5-rh2 qla2322 --------- 8.00.00b21-k to 8.01.00b5-rh2 qla2xxx
--------- 8.00.00b21-k to 8.01.00b5-rh2 qla6312 --------- 8.00.00b21-k
to 8.01.00b5-rh2 megaraid_mbox --- to megaraid_mm
----- to lpfc ------------ 0: to
0: cciss ----------- 2.6.4 to 2.6.6 ipw2100 --------- 1.0.3
to 1.1.0 tg3 ------------- 3.22-rh to 3.27-rh e100 ------------
3.3.6-k2-NAPI to 3.4.8-k2-NAPI e1000 ----------- to
6.0.54-k2-NAPI 3c59x ----------- LK1.1.19 mptbase --------- 3.01.16 to
3.02.18 ixgb ------------ 1.0.66 to 1.0.95-k2-NAPI libata ----------
1.10 to 1.11 sata_via -------- 1.0 to 1.1 sata_ahci ------- 1.00 to
1.01 sata_qstor ------ 0.04 sata_sil -------- 0.8 to 0.9 sata_svw
-------- 1.05 to 1.06 s390: crypto ---- 1.31 to 1.57 s390: zfcp ------
s390: CTC-MPC --- s390: dasd ------- s390: cio ------- s390: qeth

All Red Hat Enterprise Linux 4 users are advised to upgrade their
kernels to the packages associated with their machine architectures
and configurations as listed in this erratum.

See also :


Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.8

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now