Fedora 10 : kernel-2.6.27.12-170.2.5.fc10 (2009-0923)

Critical Nessus Plugin ID 38129

Synopsis

The remote Fedora host is missing a security update.

Description

Update to kernel 2.6.27.12:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12 Includes security fixes: CVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID Reverts ALSA driver to the version that is upstream in kernel 2.6.27. This should be the last 2.6.27 kernel update for Fedora 10. A 2.6.28 update kernel is being tested.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected kernel package.

See Also

http://www.nessus.org/u?9af5a301

http://www.nessus.org/u?bbb536f1

http://www.nessus.org/u?ddbb60cd

https://bugzilla.redhat.com/show_bug.cgi?id=477954

https://bugzilla.redhat.com/show_bug.cgi?id=478299

https://bugzilla.redhat.com/show_bug.cgi?id=480862

https://bugzilla.redhat.com/show_bug.cgi?id=480866

http://www.nessus.org/u?6a393669

Plugin Details

Severity: Critical

ID: 38129

File Name: fedora_2009-0923.nasl

Version: 1.13

Type: local

Agent: unix

Published: 2009/04/23

Updated: 2018/12/24

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:kernel, cpe:/o:fedoraproject:fedora:10

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2009/01/24

Reference Information

CVE: CVE-2009-0029, CVE-2009-0065

FEDORA: 2009-0923

CWE: 20, 119