Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2001)

high Nessus Plugin ID 68668

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

Description of changes:

* Improved fix for CVE-2010-2962.

The original upstream fix for CVE-2010-2962 had an overflow bug in its bounds checking.


* CVE-2012-0056: Privilege escalation in /proc/[pid]/mem writing.

It was found that permissions were not checked properly in the Linux kernel when handling the /proc/[pid]/mem writing functionality. A local, unprivileged user could use this flaw to escalate their privileges.

[2.6.32-300.7.1.el6uek]
- Revert 'proc: enable writing to /proc/pid/mem' [orabug 13619701] {CVE-2012-0056}
- [PATCH] x86, tsc: Skip TSC synchronization checks for tsc=reliable (Suresh Siddha)

[2.6.32-300.6.1.el6uek]
- tracing: Fix NULL pointer deref with SEND_SIG_FORCED (Oleg Nesterov) [orabug 13611655]

[2.6.32-300.5.1.el6uek]
- sched, x86: Avoid unnecessary overflow in sched_clock (Salman Qazi) [orabug 13604567]
- [x86]: Don't resume/restore cpu if not of the expected cpu (Joe Jin) [orabug 13492670]
- drm/i915: Rephrase pwrite bounds checking to avoid any potential overflow (Chris Wilson) [CVE-2010-296]
- x2apic: Enable the bios request for x2apic optout (Suresh Siddha) [orabug 13565303]
- fuse: split queues to scale I/O throughput (Srinivas Eeda) [orabug 10004611]
- fuse: break fc spinlock (Srinivas Eeda) [orabug 10004611]

Solution

Update the affected unbreakable enterprise kernel packages.

See Also

https://oss.oracle.com/pipermail/el-errata/2012-January/002572.html

https://oss.oracle.com/pipermail/el-errata/2012-January/002573.html

Plugin Details

Severity: High

ID: 68668

File Name: oraclelinux_ELSA-2012-2001.nasl

Version: 1.19

Type: local

Agent: unix

Published: 7/12/2013

Updated: 1/14/2021

Dependencies: ssh_get_info.nasl, linux_alt_patch_detect.nasl

Risk Information

VPR

Risk Factor: Critical

Score: 9.6

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-uek, p-cpe:/a:oracle:linux:kernel-uek-debug, p-cpe:/a:oracle:linux:kernel-uek-debug-devel, p-cpe:/a:oracle:linux:kernel-uek-devel, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:kernel-uek-firmware, p-cpe:/a:oracle:linux:kernel-uek-headers, p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.7.1.el6uek, p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.7.1.el6uekdebug, p-cpe:/a:oracle:linux:ofa-2.6.32-300.7.1.el5uek, p-cpe:/a:oracle:linux:ofa-2.6.32-300.7.1.el5uekdebug, p-cpe:/a:oracle:linux:ofa-2.6.32-300.7.1.el6uek, p-cpe:/a:oracle:linux:ofa-2.6.32-300.7.1.el6uekdebug, cpe:/o:oracle:linux:5, cpe:/o:oracle:linux:6

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/25/2012

Vulnerability Publication Date: 11/26/2010

Exploitable With

CANVAS (CANVAS)

Core Impact

Reference Information

CVE: CVE-2010-2962, CVE-2012-0056

BID: 44067, 51625