Scientific Linux Security Update : kernel on SL5.x i386/x86_64

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.

Synopsis :

The remote Scientific Linux host is missing one or more security

Description :

These new kernel packages contain fixes for the following security
issues :

A memory leak was found in the Red Hat Content Accelerator kernel
patch. A local user could use this flaw to cause a denial of service
(memory exhaustion). (CVE-2007-5494, Important)

A flaw was found in the handling of IEEE 802.11 frames affecting
several wireless LAN modules. In certain circumstances, a remote
attacker could trigger this flaw by sending a malicious packet over a
wireless network and cause a denial of service (kernel crash).
(CVE-2007-4997, Important).

A flaw was found in the Advanced Linux Sound Architecture (ALSA). A
local user who had the ability to read the /proc/driver/snd-page-alloc
file could see portions of kernel memory. (CVE-2007-4571, Moderate).

In addition to the security issues described above, several bug fixes
preventing possible memory corruption, system crashes, SCSI I/O fails,
networking drivers performance regression and journaling block device
layer issue were also included.

See also :

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.1

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60318 ()

Bugtraq ID:

CVE ID: CVE-2007-4571

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now