Detections
Analytics

MiracleLinux 3 : kernel-2.6.18-194.3.AXS3 (AXSA:2010-377:12)

high Nessus Plugin ID 291412

Language:

Synopsis

The remote MiracleLinux host is missing one or more security updates.

Description

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-377:12 advisory.

 The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.
 Security issues fixed with this release:
 CVE-2010-0291 The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the 'do_mremap() mess' or 'mremap/mmap mess.' CVE-2010-0622 The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space.
 CVE-2010-1087 The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible.
 CVE-2010-1088 fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount 'symlinks,' which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW.
 CVE-2010-1173 The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.
 CVE-2010-1187 The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference.
 CVE-2010-1436 gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2_quota struct occupies two separate pages, which allows local users to cause a denial of service (kernel panic) via certain manipulations that cause an out-of-bounds write, as demonstrated by writing from an ext3 file system to a gfs2 file system.
 CVE-2010-1437 Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.
 CVE-2010-1641 The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.
 Fixed bugs:
 acpi
 - warn on hot-add of memory exceeding 4G boundary
 - fix WARN on unregister in power meter driver block
 - cfq-iosched: fix IOPRIO_CLASS_IDLE accounting
 - cfq-iosched: async queue allocation per priority
 - cfq-iosched: fix async queue behaviour
 - cfq-iosched: propagate down request sync flag
 - introduce the rq_is_sync macro fs
 - remove unneccessary f_ep_lock from fasync_helper misc
 - add atomic64_cmpxcgh to x86_64 include files mm
 - fix hugepage corruption using vm.drop_caches
 - clear page errors when issuing a fresh read of page net
 - e1000: fix WoL init when WoL disabled in EEPROM
 - tg3: fix INTx fallback when MSI fails
 - sched: fix SFQ qdisc crash w/limit of 2 packets
 - bonding: fix broken multicast with round-robin mode
 - cnic: Fix crash during bnx2x MTU change
 - bxn2x: add dynamic lro disable support
 - sctp: file must be valid before setting timeout
 - e1000/e1000e: implement simple interrupt moderation
 - neigh: fix state transitions via Netlink request
 - tg3: fix panic in tg3_interrupt
 - cnic: fix bnx2x panic w/multiple interfaces enabled nfs
 - revert retcode check in nfs_revalidate_mapping()
 - don't unhash dentry in nfs_lookup_revalidate virt
 - don't compute pvclock adjustments if we trust tsc
 - add a global synchronization point for pvclock
 - enable pvclock flags in vcpu_time_info structure virtio
 - fix GFP flags passed by virtio balloon driver x86
 - grab atomic64 types from upstream x86_64
 - fix time drift due to faulty lost tick tracking xen
 - set hypervisor present CPUID bit

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/1538

Plugin Details

Severity: High

ID: 291412

File Name: miracle_linux_AXSA-2010-377.nasl

Version: 1.1

Type: local

Published: 1/19/2026

Updated: 1/19/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.5

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 4

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2010-1641

CVSS v3

Risk Factor: High

Base Score: 7

Temporal Score: 6.7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS Score Source: CVE-2010-1437

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:kernel-pae, p-cpe:/a:miracle:linux:kernel-xen, p-cpe:/a:miracle:linux:kernel-pae-devel, p-cpe:/a:miracle:linux:kernel-xen-devel, cpe:/o:miracle:linux:3, p-cpe:/a:miracle:linux:kernel-headers, p-cpe:/a:miracle:linux:kernel, p-cpe:/a:miracle:linux:kernel-devel

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/15/2010

Vulnerability Publication Date: 1/19/2010

Reference Information

CVE: CVE-2010-0291, CVE-2010-0622, CVE-2010-1087, CVE-2010-1088, CVE-2010-1173, CVE-2010-1187, CVE-2010-1436, CVE-2010-1437, CVE-2010-1641