CentOS 3 : kernel (CESA-2006:0437)

High Nessus Plugin ID 22135

Synopsis

The remote CentOS host is missing one or more security updates.

Description

Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the eighth regular update.

This security advisory has been rated as having important security impact by the Red Hat Security Response Team.

The Linux kernel handles the basic functions of the operating system.

This is the eighth regular kernel update to Red Hat Enterprise Linux 3.

New features introduced by this update include :

- addition of the adp94xx and dcdbas device drivers - diskdump support on megaraid_sas, qlogic, and swap partitions - support for new hardware via driver and SCSI white-list updates

There were many bug fixes in various parts of the kernel. The ongoing effort to resolve these problems has resulted in a marked improvement in the reliability and scalability of Red Hat Enterprise Linux 3.

There were numerous driver updates and security fixes (elaborated below). Other key areas affected by fixes in this update include the networking subsystem, the NFS and autofs4 file systems, the SCSI and USB subsystems, and architecture-specific handling affecting AMD Opteron and Intel EM64T processors.

The following device drivers have been added or upgraded to new versions :

adp94xx -------- 1.0.8 (new) bnx2 ----------- 1.4.38 cciss ---------- 2.4.60.RH1 dcdbas --------- 5.6.0-1 (new) e1000 ---------- 7.0.33-k2 emulex --------- 7.3.6 forcedeth ------ 0.30 ipmi ----------- 35.13 qlogic --------- 7.07.04b6 tg3 ------------ 3.52RH

The following security bugs were fixed in this update :

- a flaw in the USB devio handling of device removal that allowed a local user to cause a denial of service (crash) (CVE-2005-3055, moderate)

- a flaw in the exec() handling of multi-threaded tasks using ptrace() that allowed a local user to cause a denial of service (hang of a user process) (CVE-2005-3107, low)

- a difference in 'sysretq' operation of EM64T (as opposed to Opteron) processors that allowed a local user to cause a denial of service (crash) upon return from certain system calls (CVE-2006-0741 and CVE-2006-0744, important)

- a flaw in unaligned accesses handling on Intel Itanium processors that allowed a local user to cause a denial of service (crash) (CVE-2006-0742, important)

- an info leak on AMD-based x86 and x86_64 systems that allowed a local user to retrieve the floating point exception state of a process run by a different user (CVE-2006-1056, important)

- a flaw in IPv4 packet output handling that allowed a remote user to bypass the zero IP ID countermeasure on systems with a disabled firewall (CVE-2006-1242, low)

- a minor info leak in socket option handling in the network code (CVE-2006-1343, low)

- a flaw in IPv4 netfilter handling for the unlikely use of SNMP NAT processing that allowed a remote user to cause a denial of service (crash) or potential memory corruption (CVE-2006-2444, moderate)

Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed.

All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?7f940410

http://www.nessus.org/u?b07bc7df

http://www.nessus.org/u?3720e2d6

Plugin Details

Severity: High

ID: 22135

File Name: centos_RHSA-2006-0437.nasl

Version: 1.16

Type: local

Agent: unix

Published: 2006/08/04

Updated: 2019/07/10

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:centos:centos:kernel, p-cpe:/a:centos:centos:kernel-BOOT, p-cpe:/a:centos:centos:kernel-doc, p-cpe:/a:centos:centos:kernel-hugemem, p-cpe:/a:centos:centos:kernel-hugemem-unsupported, p-cpe:/a:centos:centos:kernel-smp, p-cpe:/a:centos:centos:kernel-smp-unsupported, p-cpe:/a:centos:centos:kernel-source, p-cpe:/a:centos:centos:kernel-unsupported, cpe:/o:centos:centos:3

Required KB Items: Host/local_checks_enabled, Host/CentOS/release, Host/CentOS/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2006/08/03

Vulnerability Publication Date: 2005/09/26

Reference Information

CVE: CVE-2005-3055, CVE-2005-3107, CVE-2006-0741, CVE-2006-0742, CVE-2006-0744, CVE-2006-1056, CVE-2006-1242, CVE-2006-1343, CVE-2006-2444

BID: 17600, 18081

RHSA: 2006:0437

CWE: 20