Fedora 11 : kernel-2.6.29.6-217.2.16.fc11 (2009-9044)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

Security fixes: - CVE-2009-2691: Information disclosure in proc
filesystem - CVE-2009-2848: execve: must clear current->child_tid -
CVE-2009-2849: md: NULL pointer dereference - CVE-2009-2847:
Information leak in do_sigaltstack Restore missing LIRC drivers,
dropped in previous release. Backport upstream fixes that further
improve the security of mmap of low addresses. (CVE-2009-2695)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=515392
https://bugzilla.redhat.com/show_bug.cgi?id=515423
https://bugzilla.redhat.com/show_bug.cgi?id=516171
https://bugzilla.redhat.com/show_bug.cgi?id=517830
https://bugzilla.redhat.com/show_bug.cgi?id=518132
http://www.nessus.org/u?9633f9a4

Solution :

Update the affected kernel package.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.6
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 40780 (fedora_2009-9044.nasl)

Bugtraq ID: 35930

CVE ID: CVE-2009-2691
CVE-2009-2695
CVE-2009-2847
CVE-2009-2848
CVE-2009-2849

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now