Oracle Linux 5 : Oracle / linux / 5 / kernel (ELSA-2013-1348)

medium Nessus Plugin ID 70287

Synopsis

The remote Oracle Linux host is missing a security update.

Description

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1348 advisory.

- [kernel] signals: stop info leak via tkill and tgkill syscalls (Oleg Nesterov) [970875] {CVE-2013-2141}
- [net] ipv6: do udp_push_pending_frames AF_INET sock pending data (Jiri Benc) [987648] {CVE-2013-4162}
- [net] af_key: fix info leaks in notify messages (Jiri Benc) [981000] {CVE-2013-2234}
- [net] af_key: initialize satype in key_notify_policy_flush() (Jiri Benc) [981224] {CVE-2013-2237}
- [net] ipv6: ip6_sk_dst_check() must not assume ipv6 dst (Jiri Pirko) [981557] {CVE-2013-2232}
- [net] sctp: Disallow new connection on a closing socket (Daniel Borkmann) [974936] {CVE-2013-2206}
- [net] sctp: Use correct sideffect command in dup cookie handling (Daniel Borkmann) [974936] {CVE-2013-2206}
- [net] sctp: deal with multiple COOKIE_ECHO chunks (Daniel Borkmann) [974936] {CVE-2013-2206}
- [net] fix invalid free in ip_cmsg_send() callers (Petr Matousek) [980142] {CVE-2013-2224}
- [block] cpqarray: info leak in ida_locked_ioctl() (Tomas Henzl) [971246] {CVE-2013-2147}
- [block] cdrom: use kzalloc() for failing hardware (Frantisek Hrbata) [973104] {CVE-2013-2164}
- [mm] use-after-free in madvise_remove() (Jacob Tanenbaum) [849736] {CVE-2012-3511}
- [net] Bluetooth: fix possible info leak in bt_sock_recvmsg() (Radomir Vrbovsky) [955601] {CVE-2013-3224}
- [net] Bluetooth: HCI & L2CAP information leaks (Jacob Tanenbaum) [922416] {CVE-2012-6544}
- [misc] signal: use __ARCH_HAS_SA_RESTORER instead of SA_RESTORER (Nikola Pajkovsky) [920504] {CVE-2013-0914}
- [misc] signal: always clear sa_restorer on execve (Nikola Pajkovsky) [920504] {CVE-2013-0914}
- [misc] signal: Def __ARCH_HAS_SA_RESTORER for sa_restorer clear (Nikola Pajkovsky) [920504] {CVE-2013-0914}
- [net] tg3: buffer overflow in VPD firmware parsing (Jacob Tanenbaum) [949940] {CVE-2013-1929}
- [net] atm: update msg_namelen in vcc_recvmsg() (Nikola Pajkovsky) [955223] {CVE-2013-3222}
- [net] llc: Fix missing msg_namelen update in llc_ui_recvmsg() (Jesper Brouer) [956097] {CVE-2013-3231}
- [net] tipc: fix info leaks via msg_name in recv_msg/recv_stream (Jesper Brouer) [956149] {CVE-2013-3235}
- [net] Bluetooth: RFCOMM Fix info leak in ioctl(RFCOMMGETDEVLIST) (Radomir Vrbovsky) [922407] {CVE-2012-6545}
- [net] Bluetooth: RFCOMM - Fix info leak via getsockname() (Radomir Vrbovsky) [922407] {CVE-2012-6545}
- [xen] AMD IOMMU: spot missing IO-APIC entries in IVRS table (Igor Mammedov) [910913] {CVE-2013-0153}
- [xen] AMD, IOMMU: Make per-device interrupt remap table default (Igor Mammedov) [910913] {CVE-2013-0153}
- [xen] AMD, IOMMU: Disable IOMMU if SATA Combined mode is on (Igor Mammedov) [910913] {CVE-2013-0153}
- [xen] AMD, IOMMU: On creating entry clean up in remapping tables (Igor Mammedov) [910913] {CVE-2013-0153}
- [xen] ACPI: acpi_table_parse() should return handler's err code (Igor Mammedov) [910913] {CVE-2013-0153}
- [xen] introduce xzalloc() & Co (Igor Mammedov) [910913] {CVE-2013-0153}
- [virt] xen-netback: backports (Andrew Jones) [910885] {CVE-2013-0216 CVE-2013-0217}
- [virt] xen-netback: netif_schedulable should take a netif (Andrew Jones) [910885] {CVE-2013-0216 CVE-2013-0217}
- [virt] pciback: rate limit error mess from pciback_enable_msi() (Igor Mammedov) [910877] {CVE-2013-0231}
- [net] xfrm_user: fix info leak in copy_to_user_state() (Thomas Graf) [922427] {CVE-2012-6537}
- [net] xfrm_user: fix info leak in copy_to_user_policy() (Thomas Graf) [922427] {CVE-2012-6537}
- [net] xfrm_user: fix info leak in copy_to_user_tmpl() (Thomas Graf) [922427] {CVE-2012-6537}
- [net] atm: fix info leak in getsockopt(SO_ATMPVC) (Thomas Graf) [922385] {CVE-2012-6546}
- [net] atm: fix info leak via getsockname() (Thomas Graf) [922385] {CVE-2012-6546}
- [net] tun: fix ioctl() based info leaks (Thomas Graf) [922349] {CVE-2012-6547}
- [net] llc, zero sockaddr_llc struct (Thomas Graf) [922329] {CVE-2012-6542}
- [net] llc: fix info leak via getsockname() (Thomas Graf) [922329] {CVE-2012-6542}
- [net] xfrm_user: return error pointer instead of NULL (Thomas Graf) [919387] {CVE-2013-1826}
- [kernel] wait_for_helper: SIGCHLD from u/s cause use-after-free (Frantisek Hrbata) [858753] {CVE-2012-4398}
- [kernel] Fix ____call_usermodehelper errs being silently ignored (Frantisek Hrbata) [858753] {CVE-2012-4398}
- [kernel] wait_for_helper: remove unneeded do_sigaction() (Frantisek Hrbata) [858753] {CVE-2012-4398}
- [kernel] kmod: avoid deadlock from recursive kmod call (Frantisek Hrbata) [858753] {CVE-2012-4398}
- [kernel] kmod: make request_module() killable (Frantisek Hrbata) [858753] {CVE-2012-4398}
- [utrace] ensure arch_ptrace() can never race with SIGKILL (Oleg Nesterov) [912072] {CVE-2013-0871}
- [x86] msr: Add capabilities check (Nikola Pajkovsky) [908697] {CVE-2013-0268}
- [fs] udf: Fortify loading of sparing table (Nikola Pajkovsky) [843141] {CVE-2012-3400}
- [fs] udf: Improve table length check to avoid possible overflow (Nikola Pajkovsky) [843141] {CVE-2012-3400}
- [fs] udf: Avoid run away loop when partition table is corrupted (Nikola Pajkovsky) [843141] {CVE-2012-3400}
- [x86] mm: randomize SHLIB_BASE (Petr Matousek) [804954] {CVE-2012-1568}
- [net] ipv6: discard overlapping fragment (Jiri Pirko) [874838] {CVE-2012-4444}
- [xen] memop: limit guest specified extent order (Laszlo Ersek) [878450] {CVE-2012-5515}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2013-1348.html

Plugin Details

Severity: Medium

ID: 70287

File Name: oraclelinux_ELSA-2013-1348.nasl

Version: 1.17

Type: local

Agent: unix

Published: 10/3/2013

Updated: 4/29/2025

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.9

Temporal Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2012-4398

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:ocfs2-2.6.18-371.el5, p-cpe:/a:oracle:linux:kernel-xen, p-cpe:/a:oracle:linux:ocfs2-2.6.18-371.el5debug, p-cpe:/a:oracle:linux:oracleasm-2.6.18-371.el5xen, cpe:/o:oracle:linux:5, p-cpe:/a:oracle:linux:kernel-devel, p-cpe:/a:oracle:linux:kernel-pae-devel, p-cpe:/a:oracle:linux:ocfs2-2.6.18-371.el5pae, p-cpe:/a:oracle:linux:kernel-xen-devel, p-cpe:/a:oracle:linux:oracleasm-2.6.18-371.el5, p-cpe:/a:oracle:linux:kernel-pae, p-cpe:/a:oracle:linux:ocfs2-2.6.18-371.el5xen, p-cpe:/a:oracle:linux:kernel-debug-devel, p-cpe:/a:oracle:linux:oracleasm-2.6.18-371.el5debug, p-cpe:/a:oracle:linux:kernel-debug, p-cpe:/a:oracle:linux:kernel-headers, p-cpe:/a:oracle:linux:kernel, p-cpe:/a:oracle:linux:oracleasm-2.6.18-371.el5pae

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 10/2/2013

Vulnerability Publication Date: 2/17/2013

Reference Information

CVE: CVE-2012-4398

BID: 52687, 54279, 55151, 55361, 56798, 56891, 57740, 57743, 57744, 57745, 57838, 57986, 58381, 58426, 58908, 58977, 58989, 58990, 58991, 58992, 58996, 59377, 59383, 59390, 59393, 60254, 60280, 60375, 60715, 60858, 60874, 60893, 60953, 61411

RHSA: 2013:1348