Detections
Analytics

MiracleLinux 4 : kernel-2.6.32-642.11.1.el6 (AXSA:2016-1154:09)

high Nessus Plugin ID 289802

Synopsis

The remote MiracleLinux host is missing one or more security updates.

Description

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-1154:09 advisory.

 The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.
 Security issues fixed with this release:
 CVE-2016-1583 The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.
 CVE-2016-2143 The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h.
 Fixed bugs:
 * Use of a multi-threaded workload with high memory mappings sometiems caused a kernel panic, due to a race condition between the context switch and the pagetable upgrade. This update fixes the switch_mm() by using the complete asce parameter instead of the asce_bits parameter. As a result, the kernel no longer panics in the described scenario.
 * When iptables created the Transmission Control Protocol (TCP) reset packet, a kernel crash could occur due to uninitialized pointer to the TCP header within the Socket Buffer (SKB). This update fixes the transport header pointer in TCP reset for both IPv4 and IPv6, and the kernel no longer crashes in the described situation.
 * Previously, when the Enhanced Error Handling (EEH) mechanism did not block the PCI configuration space access and an error was detected, a kernel panic occurred. This update fixes EEH to fix this problem. As a result, the kernel no longer panics in the described scenario.
 * When the lockd service failed to start up completely, the notifier blocks were in some cases registered on a notification chain multiple times, which caused the occurrence of a circular list on the notification chain. Consequently, a soft lock-up or a kernel oops occurred. With this update, the notifier blocks are unregistered if lockd fails to start up completely, and the soft lock-ups or the kernel oopses no longer occur under the described circumstances.
 * When the Fibre Channel over Ethernet (FCoE) was configured, the FCoE MaxFrameSize parameter was incorrectly restricted to 1452. With this update, the NETIF_F_ALL_FCOE symbol is no longer ignored, which fixes this bug. MaxFrameSize is now restricted to 2112, which is the correct value.
 * When the fnic driver was installed on Cisco UCS Blade Server, the discs were under certain circumstances put into the offline state with the following error message: Medium access timeout failure. Offlining disk!. This update fixes fnic to set the Small Computer System Interface (SCSI) status as DID_ABORT after a successful abort operation. As a result, the discs are no longer put into the offlined state in the described situation.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/7586

Plugin Details

Severity: High

ID: 289802

File Name: miracle_linux_AXSA-2016-1154.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2016-1583

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2016-2143

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:kernel-debug, p-cpe:/a:miracle:linux:kernel-debug-devel, p-cpe:/a:miracle:linux:perf, cpe:/o:miracle:linux:4, p-cpe:/a:miracle:linux:kernel, p-cpe:/a:miracle:linux:kernel-headers, p-cpe:/a:miracle:linux:kernel-firmware, p-cpe:/a:miracle:linux:kernel-devel, p-cpe:/a:miracle:linux:kernel-abi-whitelists

Required KB Items: Host/local_checks_enabled, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/6/2016

Vulnerability Publication Date: 4/27/2016

Reference Information

CVE: CVE-2016-1583, CVE-2016-2143