Mandriva Linux Security Advisory : kernel (MDVSA-2010:066)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

Some vulnerabilities were discovered and corrected in the Linux 2.6
kernel :

The gfs2_lock function in the Linux kernel before
2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux
kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly
remove POSIX locks on files that are setgid without group-execute
permission, which allows local users to cause a denial of service (BUG
and system crash) by locking a file on a (1) GFS or (2) GFS2
filesystem, and then changing this file's permissions. (CVE-2010-0727)

The do_pages_move function in mm/migrate.c in the Linux kernel before
2.6.33-rc7 does not validate node values, which allows local users to
read arbitrary kernel memory locations, cause a denial of service
(OOPS), and possibly have unspecified other impact by specifying a
node that is not part of the kernel's node set. (CVE-2010-0415)

drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel
2.6.32.3 and earlier does not properly check the size of an Ethernet
frame that exceeds the MTU, which allows remote attackers to have an
unspecified impact via crafted packets, a related issue to
CVE-2009-4537. (CVE-2009-4538)

The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel
before 2.6.32.8 on the x86_64 platform does not ensure that the ELF
interpreter is available before a call to the SET_PERSONALITY macro,
which allows local users to cause a denial of service (system crash)
via a 32-bit application that attempts to execute a 64-bit application
and then triggers a segmentation fault, as demonstrated by
amd64_killer, related to the flush_old_exec function. (CVE-2010-0307)

Aditionally, it was added support for some backlight models used in
Samsung laptops and fixes to detect Saitek X52 joysticks.

To update your kernel, please follow the directions located at :

http://www.mandriva.com/en/security/kernelupdate

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 48176 (mandriva_MDVSA-2010-066.nasl)

Bugtraq ID: 37523
38027
38144

CVE ID: CVE-2009-4538
CVE-2010-0307
CVE-2010-0415
CVE-2010-0727

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now