Fedora 9 : kernel-2.6.25.6-55.fc9 (2008-5308)

This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

Update to kernel 2.6.25.6:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6
CVE-2008-1673: The asn1 implementation in (a) the Linux kernel 2.4
before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and
ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not
properly validate length values during decoding of ASN.1 BER data,
which allows remote attackers to cause a denial of service (crash) or
execute arbitrary code via (1) a length greater than the working
buffer, which can lead to an unspecified overflow; (2) an oid length
of zero, which can lead to an off-by-one error; or (3) an indefinite
length for a primitive encoding. Bugs fixed: 447518 - Call to capget()
overflows buffers 448056 - applesmc filling log file 450191 - DMA mode
disabled for DVD drive, reverts to PIO4 439197 - thinkpad x61t crash
when undocking 445761 - MacBook4,1 keyboard and trackpad do not work
properly 447812 - Netlink messages from 'tc' to sch_netem module are
not interpreted correctly 449817 - SD card reader causes kernel panic
during startup if card inserted 242208 - Freeze On Boot w/ Audigy
PCMCIA 443552 - Kernel 2.6.25 + Wine = hang Additional bugs fixed:
F8#224005 - pata_pcmcia fails F8#450499 - kernel-2.6.25.4-10.fc8
breaks setkey -m tunnel options in ipsec F8#445553 - DMAR
(intel_iommu) broken on yet another machine Additional updates/fixes:
- Upstream wireless updates from 2008-05-22
(http://marc.info/?l=linux-wireless&m=121146112404515&w=2) - Upstream
wireless fixes from 2008-05-28 (http://marc.info/?l=linux-
wireless&m=121201250110162&w=2) - Fix oops in lirc_i2c module - Add
lirc support for additional MCE receivers - Upstream wireless fixes
from 2008-06-03
(http://marc.info/?l=linux-wireless&m=121252137324941&w=2) - Add
kernel 3D support for ATI Radeon R500 (X1300-X1950)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://marc.info/?l=linux-
http://marc.info/?l=linux-wireless&m=121146112404515&w=2
http://marc.info/?l=linux-wireless&m=121252137324941&w=2
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6
https://bugzilla.redhat.com/show_bug.cgi?id=242208
https://bugzilla.redhat.com/show_bug.cgi?id=439197
https://bugzilla.redhat.com/show_bug.cgi?id=443552
https://bugzilla.redhat.com/show_bug.cgi?id=445761
https://bugzilla.redhat.com/show_bug.cgi?id=447518
https://bugzilla.redhat.com/show_bug.cgi?id=447812
https://bugzilla.redhat.com/show_bug.cgi?id=448056
https://bugzilla.redhat.com/show_bug.cgi?id=449817
https://bugzilla.redhat.com/show_bug.cgi?id=450191
http://www.nessus.org/u?16fa2d19

Solution :

Update the affected kernel package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Fedora Local Security Checks

Nessus Plugin ID: 33182 (fedora_2008-5308.nasl)

Bugtraq ID: 29589

CVE ID: CVE-2008-1673

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now