Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20160315)

high Nessus Plugin ID 89957
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

- An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file (/dev/fb*) could possibly use this flaw to escalate their privileges on the system. (CVE-2013-2596, Important)

- It was found that the Xen hypervisor x86 CPU emulator implementation did not correctly handle certain instructions with segment overrides, potentially resulting in a memory corruption. A malicious guest user could use this flaw to read arbitrary data relating to other guests, cause a denial of service on the host, or potentially escalate their privileges on the host.
(CVE-2015-2151, Important)

This update also fixes the following bugs :

- Previously, the CPU power of a CPU group could be zero.
As a consequence, a kernel panic occurred at 'find_busiest_group+570' with do_divide_error. The provided patch ensures that the division is only performed if the CPU power is not zero, and the aforementioned panic no longer occurs.

- Prior to this update, a bug occurred when performing an online resize of an ext4 file system which had been previously converted from ext3. As a consequence, the kernel crashed. The provided patch fixes online resizing for such file systems by limiting the blockgroup search loop for non- extent files, and the mentioned kernel crash no longer occurs.

The system must be rebooted for this update to take effect.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?2eb55a68

Plugin Details

Severity: High

ID: 89957

File Name: sl_20160315_kernel_on_SL5_x.nasl

Version: 2.5

Type: local

Agent: unix

Published: 3/16/2016

Updated: 1/14/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 6

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:fermilab:scientific_linux:kernel, p-cpe:/a:fermilab:scientific_linux:kernel-PAE, p-cpe:/a:fermilab:scientific_linux:kernel-PAE-debuginfo, p-cpe:/a:fermilab:scientific_linux:kernel-PAE-devel, p-cpe:/a:fermilab:scientific_linux:kernel-debug, p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo, p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel, p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo, p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common, p-cpe:/a:fermilab:scientific_linux:kernel-devel, p-cpe:/a:fermilab:scientific_linux:kernel-doc, p-cpe:/a:fermilab:scientific_linux:kernel-headers, p-cpe:/a:fermilab:scientific_linux:kernel-xen, p-cpe:/a:fermilab:scientific_linux:kernel-xen-debuginfo, p-cpe:/a:fermilab:scientific_linux:kernel-xen-devel, x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 3/15/2016

Vulnerability Publication Date: 4/13/2013

Reference Information

CVE: CVE-2013-2596, CVE-2015-2151