Detections
Analytics

MiracleLinux 4 : kernel-2.6.32-504.12.2.el6 (AXSA:2015-106:03)

high Nessus Plugin ID 289957

Synopsis

The remote MiracleLinux host is missing one or more security updates.

Description

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-106:03 advisory.

 Description:
 The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.
 Security issues fixed with this release:
 CVE-2014-7822
 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
 CVE-2014-8159
 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
 CVE-2014-8160 net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.
 CVE-2014-8369 The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601.
 Fixed bugs:
 * The maximum amount of entries in the IPv6 route table (net.ipv6.route.max_size) was 4096, and every route towards this maximum size limit was counted. Communication to more systems was impossible when the limit was exceeded. Now, only cached routes are counted, which guarantees that the kernel does not run out of memory, but the user can now install as many routes as the memory allows until the kernel indicates it can no longer handle the amount of memory and returns an error message.
 In addition, the default net.ipv6.route.max_size value has been increased to 16384 for performance improvement reasons.
 * When the user attempted to scan for an FCOE-served Logical Unit Number (LUN), after an initial LUN scan, a kernel panic occurred in bnx2fc_init_task. With this update, fixed it.
 * Under certain conditions, such as when attempting to scan the network for LUNs, a race condition in the bnx2fc driver could trigger a kernel panic in bnx2fc_init_task. With this update, fixed it.
 * Previously, it was not possible to boot the kernel on Xen hypervisor in PVHVM mode if more than 32 vCPUs were specified in the guest configuration. Support for more than 32 vCPUs has been added, and fixed it.
 * When the NVMe driver allocated a namespace queue, it indicated that it was a request-based driver when it was actually a block I/O-based driver. So, when NVMe driver was loaded along with a request-based dm device, the system could terminate unexpectedly or become unresponsive when attempting to access data.
 With this update, fixed it.
 * If a user attempted to apply an NVRAM firmware update when running the tg3 module provided with Asianux Server 4 SP4 kernels, the update could fail. So, the Network Interface Card (NIC) could stay in an unusable state and this could prevent the entire system from booting. With this update, fixed it.
 * Support for key sizes of 256 and 192 bits has been added to AES-NI.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/5445

Plugin Details

Severity: High

ID: 289957

File Name: miracle_linux_AXSA-2015-106.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2014-7822

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2014-8369

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:kernel-debug, p-cpe:/a:miracle:linux:perf, p-cpe:/a:miracle:linux:kernel, p-cpe:/a:miracle:linux:kernel-headers, cpe:/o:miracle:linux:4, p-cpe:/a:miracle:linux:kernel-firmware, p-cpe:/a:miracle:linux:kernel-abi-whitelists, p-cpe:/a:miracle:linux:kernel-debug-devel, p-cpe:/a:miracle:linux:kernel-devel

Required KB Items: Host/local_checks_enabled, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/14/2015

Vulnerability Publication Date: 9/25/2014

Reference Information

CVE: CVE-2014-7822, CVE-2014-8159, CVE-2014-8160, CVE-2014-8369