Detections
Analytics

MiracleLinux 3 : kernel-2.6.18-128.7AXS3 (AXSA:2009-168:07)

medium Nessus Plugin ID 284191

Synopsis

The remote MiracleLinux host is missing one or more security updates.

Description

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-168:07 advisory.

 The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.
 Fixed bugs:
 CVE-2008-5700 libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.
 CVE-2008-3528 The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries.
 Other bugs:
 - [fs] proc: avoid info leaks to non-privileged processes
 - [net] tg3: Fix firmware event timeouts
 - [scsi] libiscsi: fix nop response/reply and session cleanup race
 - [misc] compile: add -fwrapv to gcc CFLAGS
 - [misc] random: make get_random_int more random
 - [gfs2] fix uninterruptible quotad sleeping
 - [mm] cow vs gup race fix (Andrea Arcangeli
 - [mm] fork vs gup race fix (Andrea Arcangeli
 - [nfs] fix hangs during heavy write workloads
 - [fs] keep eventpoll from locking up the box
 - [misc] waitpid reports stopped process more than once
 - [ata] libata: ahci enclosure management bios workaround
 - [ia64] fix regression in nanosleep syscall
 - [nfs] race with nfs_access_cache_shrinker() and umount
 - [fs] fix softlockup in posix_locks_deadlock
 - [net] ipv4: remove uneeded bh_lock/unlock from udp_rcv
 - [scsi] qla2xxx: reduce DID_BUS_BUSY failover errors
 - [net] ixgbe: stop double counting frames and bytes
 - [xen] x86: update the earlier APERF/MPERF patch
 - [xen] x86: fix dom0 panic when using dom0_max_vcpus
 - [net] fix oops when using openswan
 - [x86] NONSTOP_TSC in tsc clocksource
 - [ppc] keyboard not recognized on bare metal
 - [xen] x86: silence WRMSR warnings
 - [dlm] fix length calculation in compat code
 - [nfs] fix hung clients from deadlock in flush_workqueue
 - [ia64] use current_kernel_time/xtime in hrtimer_start()
 - [net] bonding: fix arp_validate=3 slaves behaviour
 - [net] enic: return notify intr credits
 - [input] wacom: 12x12 problem while using lens cursor
 - [net] ehea: improve behaviour in low mem conditions (AMEET M. PARANJAPE ) [487035 483148]
 - [x86] add nonstop_tsc flag in /proc/cpuinfo
 - [x86_64] mce: do not clear an unrecoverable error status
 - [wireless] iwlwifi: booting with RF-kill switch enabled
 - [misc] signal: modify locking to handle large loads
 - [x86] TSC keeps running in C3+
 - [x86] limit max_cstate to use TSC on some platforms
 - [ptrace] correctly handle ptrace_update return value
 - [firmware] dell_rbu: prevent oops
 - [gfs2] panic in debugfs_remove when unmounting
 - [scsi] libata: sas_ata fixup sas_sata_ops
 - [qla2xxx] correct endianness during flash manipulation
 - [net] ixgbe: frame reception and ring parameter issues
 - [misc] fix memory leak during pipe failure
 - [nfs] handle attribute timeout and u32 jiffies wrap
 - [net] deadlock in Hierarchical token bucket scheduler
 - [wireless] iwl: fix BUG_ON in driver
 - [sched] fix clock_gettime monotonicity
 - [nfs] create rpc clients with proper auth flavor
 - [md] fix oops with device-mapper mirror target
 - [openib] restore traffic in connected mode on HCA
 - [x86_64] copy_user_c assembler can leave garbage in rsi
 - [misc] setpgid returns ESRCH in some situations
 - [s390] zfcp: fix hexdump data in s390dbf traces
 - Added EDAC support for MCH 3200/3210
 - ACPI SRAT on x86: added support for nodes spanning other nodes. Example of fixed bug: for sytems with the following NUMA topology, the system would not boot: 8 GB memory spread beween 2 nodes:
 node 0: 0-2GB, 4-6GB node 1: 2-4GB, 6-8GB
 - updated OCFS2 from 1.2.8 to 1.4.7.
 - updated the e1000e driver to version 0.5.18.3.
 - the CPUID driver now supports cpuid.4 and cpuid.0xb instruments
 - added proper support for megaraid sas tape: the erase command for SAS (megaraid_sas) tape would return input/output error.
 - Added support for Nehalem to keep TSC running even in C3/C4 states.
 - the igb has been updated to version 1.3.8.6.
 - the ioatdma/dca driver has been updated to version 3.61
 - fixed the following problem: loading multiple instances of the cpufreq driver could corrupt the driver data structure.
 - added support for Intel AES-NI instructions on x86_64 platform
 - added support for Toshiba afxxxc RAID driver
 - when using kexec to boot another kernel, the network did not start (the igb driver would not work).
 - fixed a problem with hugepages that would cause the machine to reboot.
 - when KVM was loaded, the system would hang after echo c > /proc/sysrq-trigger
 - afxxxc source code has been cleaned up.
 - the e1000e network driver now works when a second kernel is loaded with kexec.
 - the ixgbe driver support has been added.
 - changed the format of /proc/net/IPv6_route.
 - fixed a problem with modprobe ioatdma that would trigger kernel panic.
 - the writeback cache of the afxxxc driver can be enabled.
 - fixed a problem with the ocfs2 kernel module.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/806

Plugin Details

Severity: Medium

ID: 284191

File Name: miracle_linux_AXSA-2009-168.nasl

Version: 1.1

Type: local

Published: 1/14/2026

Updated: 1/14/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2008-3528

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2008-5700

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:kernel-devel, p-cpe:/a:miracle:linux:kernel, p-cpe:/a:miracle:linux:kernel-headers, cpe:/o:miracle:linux:3, p-cpe:/a:miracle:linux:kernel-pae, p-cpe:/a:miracle:linux:kernel-xen, p-cpe:/a:miracle:linux:kernel-pae-devel, p-cpe:/a:miracle:linux:kernel-xen-devel

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/4/2009

Vulnerability Publication Date: 9/27/2008

Reference Information

CVE: CVE-2008-3528, CVE-2008-5700