Fedora 14 : kernel-2.6.35.4-28.fc14 (2010-14832)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

Fix possible local privilege escalation on x86_64 systems
(CVE-2010-3081, CVE-2010-3301).

- NOTE: All users should update because of this bug. Fix
denial of service attack with large argument lists. Add
support for perl and python scripting to perf. Nouveau
video driver fixes :

- fix oops in acpi edid support

- disable acceleration on nva3/nva5/nva8

- misc fixes from upstream + NVAF support Add support
for the eject key on the Dell Studio 1555 fix
rcu_dereference_check warning Restore appleir driver
that got lost in the 2.6.35 rebase. Fix DMA in
via-velocity network driver.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=627440
https://bugzilla.redhat.com/show_bug.cgi?id=628770
https://bugzilla.redhat.com/show_bug.cgi?id=629441
https://bugzilla.redhat.com/show_bug.cgi?id=630551
https://bugzilla.redhat.com/show_bug.cgi?id=634449
https://bugzilla.redhat.com/show_bug.cgi?id=634457
http://www.nessus.org/u?9ae7c1bc

Solution :

Update the affected kernel package.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.6
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 49635 (fedora_2010-14832.nasl)

Bugtraq ID: 42900
42932
43062
43239
43353
43355

CVE ID: CVE-2010-2954
CVE-2010-2960
CVE-2010-3067
CVE-2010-3080
CVE-2010-3081
CVE-2010-3301

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now