Fedora 14 : kernel-2.6.35.14-95.fc14 (2011-11103)

high Nessus Plugin ID 55955

Language:

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 5.9

Synopsis

The remote Fedora host is missing a security update.

Description

Update to kernel 2.6.35.14 :

http://ftp.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.35/ChangeLog
-2.6.35.14

NOTE: These upstream commits from 2.6.35.14 were already in the previous Fedora 14 kernel 2.6.35.13-92 :

b934c20de1398d4a82d2ecfeb588a214a910f13f 3cd01976e702ccaffb907727caff4f8789353599 9c047157a20521cd525527947b13b950d168d2e6 6b4e81db2552bad04100e7d5ddeed7e848f53b48 3e9d08ec0a68f6faf718d5a7e050fe5ca0ba004f b522f02184b413955f3bc952e3776ce41edc6355 194b3da873fd334ef183806db751473512af29ce a1f74ae82d133ebb2aabb19d181944b4e83e9960 e9cdd343a5e42c43bcda01e609fa23089e026470 14fb57dccb6e1defe9f89a66f548fcb24c374c1d 221d1d797202984cb874e3ed9f1388593d34ee22 a294865978b701e4d0d90135672749531b9a900d

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected kernel package.

See Also

http://www.nessus.org/u?13012155

https://bugzilla.redhat.com/show_bug.cgi?id=698057

https://bugzilla.redhat.com/show_bug.cgi?id=710338

https://bugzilla.redhat.com/show_bug.cgi?id=714536

https://bugzilla.redhat.com/show_bug.cgi?id=715436

https://bugzilla.redhat.com/show_bug.cgi?id=716805

https://bugzilla.redhat.com/show_bug.cgi?id=718152

https://bugzilla.redhat.com/show_bug.cgi?id=722557

https://bugzilla.redhat.com/show_bug.cgi?id=723429

https://bugzilla.redhat.com/show_bug.cgi?id=729808

http://www.nessus.org/u?38ec6e06

Plugin Details

Severity: High

ID: 55955

File Name: fedora_2011-11103.nasl

Version: 1.20

Type: local

Agent: unix

Published: 8/23/2011

Updated: 1/11/2021

Dependencies: ssh_get_info.nasl

Risk Information

Risk Factor: High

VPR Score: 5.9

CVSS v2.0

Base Score: 8.3

Temporal Score: 6.5

Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:kernel, cpe:/o:fedoraproject:fedora:14

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/18/2011

Reference Information

CVE: CVE-2011-1598, CVE-2011-1748, CVE-2011-2183, CVE-2011-2213, CVE-2011-2484, CVE-2011-2497, CVE-2011-2517, CVE-2011-2695, CVE-2011-2699, CVE-2011-2905

BID: 47503, 47835, 48333, 48383, 48472, 48538, 48697, 48802, 49140

FEDORA: 2011-11103