Detections
Analytics

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

high Nessus Plugin ID 60749

Language:

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

Security fixes :

 - a NULL pointer dereference flaw was found in the sctp_rcv_ootb() function in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. A remote attacker could send a specially crafted SCTP packet to a target system, resulting in a denial of service. (CVE-2010-0008, Important)

 - a missing boundary check was found in the do_move_pages() function in the memory migration functionality in the Linux kernel. A local user could use this flaw to cause a local denial of service or an information leak. (CVE-2010-0415, Important)

 - a NULL pointer dereference flaw was found in the ip6_dst_lookup_tail() function in the Linux kernel. An attacker on the local network could trigger this flaw by sending IPv6 traffic to a target system, leading to a system crash (kernel OOPS) if dst->neighbour is NULL on the target system when receiving an IPv6 packet.
 (CVE-2010-0437, Important)

 - a NULL pointer dereference flaw was found in the ext4 file system code in the Linux kernel. A local attacker could use this flaw to trigger a local denial of service by mounting a specially crafted, journal-less ext4 file system, if that file system forced an EROFS error.
 (CVE-2009-4308, Moderate)

 - an information leak was found in the print_fatal_signal() implementation in the Linux kernel.
 When '/proc/sys/kernel/print-fatal-signals' is set to 1 (the default value is 0), memory that is reachable by the kernel could be leaked to user-space. This issue could also result in a system crash. Note that this flaw only affected the i386 architecture. (CVE-2010-0003, Moderate)

 - missing capability checks were found in the ebtables implementation, used for creating an Ethernet bridge firewall. This could allow a local, unprivileged user to bypass intended capability restrictions and modify ebtables rules. (CVE-2010-0007, Low)

Bug fixes :

 - a bug prevented Wake on LAN (WoL) being enabled on certain Intel hardware. (BZ#543449)

 - a race issue in the Journaling Block Device. (BZ#553132)

 - programs compiled on x86, and that also call sched_rr_get_interval(), were silently corrupted when run on 64-bit systems. (BZ#557684)

 - the RHSA-2010:0019 update introduced a regression, preventing WoL from working for network devices using the e1000e driver. (BZ#559335)

 - adding a bonding interface in mode balance-alb to a bridge was not functional. (BZ#560588)

 - some KVM (Kernel-based Virtual Machine) guests experienced slow performance (and possibly a crash) after suspend/resume. (BZ#560640)

 - on some systems, VF cannot be enabled in dom0.
 (BZ#560665)

 - on systems with certain network cards, a system crash occurred after enabling GRO. (BZ#561417)

 - for x86 KVM guests with pvclock enabled, the boot clocks were registered twice, possibly causing KVM to write data to a random memory area during the guest's life.
 (BZ#561454)

 - serious performance degradation for 32-bit applications, that map (mmap) thousands of small files, when run on a 64-bit system. (BZ#562746)

 - improved kexec/kdump handling. Previously, on some systems under heavy load, kexec/kdump was not functional. (BZ#562772)

 - dom0 was unable to boot when using the Xen hypervisor on a system with a large number of logical CPUs.
 (BZ#562777)

 - a fix for a bug that could potentially cause file system corruption. (BZ#564281)

 - a bug caused infrequent cluster issues for users of GFS2. (BZ#564288)

 - gfs2_delete_inode failed on read-only file systems.
 (BZ#564290)

The system must be rebooted for this update to take effect.

Solution

Update the affected packages.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=543449

https://bugzilla.redhat.com/show_bug.cgi?id=553132

https://bugzilla.redhat.com/show_bug.cgi?id=557684

https://bugzilla.redhat.com/show_bug.cgi?id=559335

https://bugzilla.redhat.com/show_bug.cgi?id=560588

https://bugzilla.redhat.com/show_bug.cgi?id=560640

https://bugzilla.redhat.com/show_bug.cgi?id=560665

https://bugzilla.redhat.com/show_bug.cgi?id=561417

https://bugzilla.redhat.com/show_bug.cgi?id=561454

https://bugzilla.redhat.com/show_bug.cgi?id=562746

https://bugzilla.redhat.com/show_bug.cgi?id=562772

https://bugzilla.redhat.com/show_bug.cgi?id=562777

https://bugzilla.redhat.com/show_bug.cgi?id=564281

https://bugzilla.redhat.com/show_bug.cgi?id=564288

https://bugzilla.redhat.com/show_bug.cgi?id=564290

http://www.nessus.org/u?1c77c938

Plugin Details

Severity: High

ID: 60749

File Name: sl_20100316_kernel_on_SL5_x.nasl

Version: 1.16

Type: local

Agent: unix

Published: 8/1/2012

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.0

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/16/2010

Vulnerability Publication Date: 12/12/2009

Reference Information

CVE: CVE-2009-4308, CVE-2010-0003, CVE-2010-0007, CVE-2010-0008, CVE-2010-0415, CVE-2010-0437

CWE: 200, 264, 399