Detections
Analytics

MiracleLinux 3 : kernel-2.6.18-274.3.AXS3 (AXSA:2011-362:08)

critical Nessus Plugin ID 284479

Synopsis

The remote MiracleLinux host is missing one or more security updates.

Description

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-362:08 advisory.

 The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.
 Security issues fixed with this release:
 CVE-2009-4067 CVE-2011-1160 CVE-2011-1585 CVE-2011-1833 No information available at the time of writing, please refer to the CVE links below.
 CVE-2011-2484 The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application.
 CVE-2011-2496 No information available at the time of writing, please refer to the CVE links below.
 CVE-2011-2695 Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsigned integer.
 CVE-2011-2699 No information available at the time of writing, please refer to the CVE links below.
 CVE-2011-2723 The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic.
 CVE-2011-2942 CVE-2011-3131 CVE-2011-3188 CVE-2011-3191 CVE-2011-3209 CVE-2011-3347 No information available at the time of writing, please refer to the CVE links below.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/2075

Plugin Details

Severity: Critical

ID: 284479

File Name: miracle_linux_AXSA-2011-362.nasl

Version: 1.1

Type: local

Published: 1/14/2026

Updated: 1/14/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2011-3191

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2011-3188

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:kernel-xen, p-cpe:/a:miracle:linux:kernel-pae-devel, p-cpe:/a:miracle:linux:kernel-xen-devel, p-cpe:/a:miracle:linux:kernel-pae, p-cpe:/a:miracle:linux:kernel, p-cpe:/a:miracle:linux:kernel-headers, p-cpe:/a:miracle:linux:kernel-devel, cpe:/o:miracle:linux:3

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/24/2011

Vulnerability Publication Date: 10/19/2009

Reference Information

CVE: CVE-2009-4067, CVE-2011-1160, CVE-2011-1585, CVE-2011-1833, CVE-2011-2484, CVE-2011-2496, CVE-2011-2695, CVE-2011-2699, CVE-2011-2723, CVE-2011-2942, CVE-2011-3131, CVE-2011-3188, CVE-2011-3191, CVE-2011-3209, CVE-2011-3347