Detections
Analytics

RHEL 2.1 : kernel (RHSA-2002:227)

critical Nessus Plugin ID 12330

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

This kernel update for Red Hat Linux Advanced Server 2.1 addresses some security issues and provides minor bug fixes.

The Linux kernel handles the basic functions of the operating system.
A number of vulnerabilities were found in the Red Hat Linux Advanced Server kernel. These vulnerabilities could allow a local user to obtain elevated (root) privileges.

The vulnerabilities existed in a number of drivers, including stradis, rio500, se401, apm, usbserial, and usbvideo.

Additionally, a number of bugs have been fixed, and some small feature enhancements have been added.

 - Failed READA requests could be interpreted as I/O errors under high load on SMP; this has been fixed.

 - In rare cases, TLB entries could be corrupted on SMP Pentium IV systems; this potential for corruption has been fixed. Third-party modules will need to be recompiled to take advantage of these fixes.

 - The latest tg3 driver fixes have been included; the tg3 driver now supports more hardware.

 - A mechanism is provided to specify the location of core files and to set the name pattern to include the UID, program, hostname, and PID of the process that caused the core dump.

A number of SCSI fixes have also been included :

 - Configure sparse LUNs in the qla2200 driver - Clean up erroneous accounting data as seen by /proc/partitions and iostat - Allow up to 128 scsi disks - Do not start logical units that require manual intervention, avoiding unnecessary startup delays - Improve SCSI layer throughput by properly clustering DMA requests

All users of Red Hat Linux Advanced Server are advised to upgrade to the errata packages.

Solution

Update the affected packages.

See Also

https://access.redhat.com/security/cve/cve-2002-1572

https://access.redhat.com/security/cve/cve-2002-1573

https://access.redhat.com/errata/RHSA-2002:227

Plugin Details

Severity: Critical

ID: 12330

File Name: redhat-RHSA-2002-227.nasl

Version: 1.25

Type: local

Agent: unix

Published: 7/6/2004

Updated: 1/14/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:redhat:enterprise_linux:kernel-boot, p-cpe:/a:redhat:enterprise_linux:kernel-debug, p-cpe:/a:redhat:enterprise_linux:kernel-doc, p-cpe:/a:redhat:enterprise_linux:kernel-enterprise, p-cpe:/a:redhat:enterprise_linux:kernel-headers, p-cpe:/a:redhat:enterprise_linux:kernel-smp, p-cpe:/a:redhat:enterprise_linux:kernel-source, p-cpe:/a:redhat:enterprise_linux:kernel-summit, cpe:/o:redhat:enterprise_linux:2.1

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 10/28/2002

Vulnerability Publication Date: 12/31/2002

Reference Information

CVE: CVE-2002-1572, CVE-2002-1573

RHSA: 2002:227