Oracle Linux 5 : Unbreakable Enterprise kernel (ELSA-2010-2009)

high Nessus Plugin ID 68173
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 8.9


The remote Oracle Linux host is missing one or more security updates.


Description of changes:

Following Security bug are fixed in this errata

CVE-2010-3904 When copying data to userspace, the RDS protocol failed to verify that the user-provided address was a valid userspace address. A local unprivileged user could issue specially crafted socket calls to write arbitrary values into kernel memory and potentially escalate privileges to root.

CVE-2010-3067 Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call.

CVE-2010-3477 The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942.


- [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904}
- [fuse] linux-2.6.32-fuse-return-EGAIN-if-not-connected-bug-10154489.patch
- [net] linux-2.6.32-net-sched-fix-kernel-leak-in-act_police.patch
- [aio] linux-2.6.32-aio-check-for-multiplication-overflow-in-do_io_subm.patch


- Fix rds permissions checks during copies

- Update to BXOFED 1.5.1-1.3.6-5


Update the affected unbreakable enterprise kernel packages.

See Also

Plugin Details

Severity: High

ID: 68173

File Name: oraclelinux_ELSA-2010-2009.nasl

Version: 1.15

Type: local

Agent: unix

Published: 7/12/2013

Updated: 1/14/2021

Dependencies: ssh_get_info.nasl, linux_alt_patch_detect.nasl

Risk Information

Risk Factor: High

VPR Score: 8.9

CVSS v2.0

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel, p-cpe:/a:oracle:linux:kernel-debug, p-cpe:/a:oracle:linux:kernel-debug-devel, p-cpe:/a:oracle:linux:kernel-devel, p-cpe:/a:oracle:linux:kernel-doc, p-cpe:/a:oracle:linux:kernel-firmware, p-cpe:/a:oracle:linux:kernel-headers, p-cpe:/a:oracle:linux:ofa-2.6.32-100.21.1.el5, cpe:/o:oracle:linux:5

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/25/2010

Vulnerability Publication Date: 9/21/2010

Exploitable With


Core Impact

Metasploit (Reliable Datagram Sockets (RDS) Privilege Escalation)

Reference Information

CVE: CVE-2010-2942, CVE-2010-3067, CVE-2010-3477, CVE-2010-3904