RHEL 4 : Updated kernel packages available for Red Hat Enterprise Linux 4 Update 2 (Important) (RHSA-2005:514)

high Nessus Plugin ID 19989

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:514 advisory.

The Linux kernel handles the basic functions of the operating system.

This is the second regular kernel update to Red Hat Enterprise Linux 4.

New features introduced in this update include:
- Audit support
- systemtap - kprobes, relayfs
- Keyring support
- iSCSI Initiator - iscsi_sfnet 4:0.1.11-1
- Device mapper multipath support
- Intel dual core support
- esb2 chipset support
- Increased exec-shield coverage
- Dirty page tracking for HA systems
- Diskdump -- allow partial diskdumps and directing to swap

There were several bug fixes in various parts of the kernel. The ongoing effort to resolve these problems has resulted in a marked improvement in the reliability and scalability of Red Hat Enterprise Linux 4.

The following security bugs were fixed in this update, detailed below with corresponding CAN names available from the Common Vulnerabilities and Exposures project (cve.mitre.org):

- flaws in ptrace() syscall handling on 64-bit systems that allowed a local user to cause a denial of service (crash) (CAN-2005-0756, CAN-2005-1761, CAN-2005-1762, CAN-2005-1763)

- flaws in IPSEC network handling that allowed a local user to cause a denial of service or potentially gain privileges (CAN-2005-2456, CAN-2005-2555)

- a flaw in sendmsg() syscall handling on 64-bit systems that allowed a local user to cause a denial of service or potentially gain privileges (CAN-2005-2490)

- a flaw in sendmsg() syscall handling that allowed a local user to cause a denial of service by altering hardware state (CAN-2005-2492)

- a flaw that prevented the topdown allocator from allocating mmap areas all the way down to address zero (CAN-2005-1265)

- flaws dealing with keyrings that could cause a local denial of service (CAN-2005-2098, CAN-2005-2099)

- a flaw in the 4GB split patch that could allow a local denial of service (CAN-2005-2100)

- a xattr sharing bug in the ext2 and ext3 file systems that could cause default ACLs to disappear (CAN-2005-2801)

- a flaw in the ipt_recent module on 64-bit architectures which could allow a remote denial of service (CAN-2005-2872)

The following device drivers have been upgraded to new versions:

qla2100 --------- 8.00.00b21-k to 8.01.00b5-rh2 qla2200 --------- 8.00.00b21-k to 8.01.00b5-rh2 qla2300 --------- 8.00.00b21-k to 8.01.00b5-rh2 qla2322 --------- 8.00.00b21-k to 8.01.00b5-rh2 qla2xxx --------- 8.00.00b21-k to 8.01.00b5-rh2 qla6312 --------- 8.00.00b21-k to 8.01.00b5-rh2 megaraid_mbox --- 2.20.4.5 to 2.20.4.6 megaraid_mm ----- 2.20.2.5 to 2.20.2.6 lpfc ------------ 0:8.0.16.6_x2 to 0:8.0.16.17 cciss ----------- 2.6.4 to 2.6.6 ipw2100 --------- 1.0.3 to 1.1.0 tg3 ------------- 3.22-rh to 3.27-rh e100 ------------ 3.3.6-k2-NAPI to 3.4.8-k2-NAPI e1000 ----------- 5.6.10.1-k2-NAPI to 6.0.54-k2-NAPI 3c59x ----------- LK1.1.19 mptbase --------- 3.01.16 to 3.02.18 ixgb ------------ 1.0.66 to 1.0.95-k2-NAPI libata ---------- 1.10 to 1.11 sata_via -------- 1.0 to 1.1 sata_ahci ------- 1.00 to 1.01 sata_qstor ------ 0.04 sata_sil -------- 0.8 to 0.9 sata_svw -------- 1.05 to 1.06 s390: crypto ---- 1.31 to 1.57 s390: zfcp ------ s390: CTC-MPC --- s390: dasd ------- s390: cio ------- s390: qeth ------

All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?aee68d87

https://access.redhat.com/security/updates/classification/#important

https://bugzilla.redhat.com/show_bug.cgi?id=114578

https://bugzilla.redhat.com/show_bug.cgi?id=130914

https://bugzilla.redhat.com/show_bug.cgi?id=134790

https://bugzilla.redhat.com/show_bug.cgi?id=135669

https://bugzilla.redhat.com/show_bug.cgi?id=137343

https://bugzilla.redhat.com/show_bug.cgi?id=140002

https://bugzilla.redhat.com/show_bug.cgi?id=141783

https://bugzilla.redhat.com/show_bug.cgi?id=142989

https://bugzilla.redhat.com/show_bug.cgi?id=144668

https://bugzilla.redhat.com/show_bug.cgi?id=145575

https://bugzilla.redhat.com/show_bug.cgi?id=145648

https://bugzilla.redhat.com/show_bug.cgi?id=145659

https://bugzilla.redhat.com/show_bug.cgi?id=145976

https://bugzilla.redhat.com/show_bug.cgi?id=146187

https://bugzilla.redhat.com/show_bug.cgi?id=147233

https://bugzilla.redhat.com/show_bug.cgi?id=147496

https://bugzilla.redhat.com/show_bug.cgi?id=149478

https://bugzilla.redhat.com/show_bug.cgi?id=149919

https://bugzilla.redhat.com/show_bug.cgi?id=149979

https://bugzilla.redhat.com/show_bug.cgi?id=150152

https://bugzilla.redhat.com/show_bug.cgi?id=151222

https://bugzilla.redhat.com/show_bug.cgi?id=151315

https://bugzilla.redhat.com/show_bug.cgi?id=151323

https://bugzilla.redhat.com/show_bug.cgi?id=151429

https://bugzilla.redhat.com/show_bug.cgi?id=152162

https://bugzilla.redhat.com/show_bug.cgi?id=152440

https://bugzilla.redhat.com/show_bug.cgi?id=152619

https://bugzilla.redhat.com/show_bug.cgi?id=152982

https://bugzilla.redhat.com/show_bug.cgi?id=154055

https://bugzilla.redhat.com/show_bug.cgi?id=154100

https://bugzilla.redhat.com/show_bug.cgi?id=154347

https://bugzilla.redhat.com/show_bug.cgi?id=154435

https://bugzilla.redhat.com/show_bug.cgi?id=154442

https://bugzilla.redhat.com/show_bug.cgi?id=154451

https://bugzilla.redhat.com/show_bug.cgi?id=154733

https://bugzilla.redhat.com/show_bug.cgi?id=155278

https://bugzilla.redhat.com/show_bug.cgi?id=155344

https://bugzilla.redhat.com/show_bug.cgi?id=155354

https://bugzilla.redhat.com/show_bug.cgi?id=155706

https://bugzilla.redhat.com/show_bug.cgi?id=155932

https://bugzilla.redhat.com/show_bug.cgi?id=156010

https://bugzilla.redhat.com/show_bug.cgi?id=156705

https://bugzilla.redhat.com/show_bug.cgi?id=157239

https://bugzilla.redhat.com/show_bug.cgi?id=157725

https://bugzilla.redhat.com/show_bug.cgi?id=157900

https://bugzilla.redhat.com/show_bug.cgi?id=158107

https://bugzilla.redhat.com/show_bug.cgi?id=158293

https://bugzilla.redhat.com/show_bug.cgi?id=158878

https://bugzilla.redhat.com/show_bug.cgi?id=158883

https://bugzilla.redhat.com/show_bug.cgi?id=158930

https://bugzilla.redhat.com/show_bug.cgi?id=158974

https://bugzilla.redhat.com/show_bug.cgi?id=159640

https://bugzilla.redhat.com/show_bug.cgi?id=159671

https://bugzilla.redhat.com/show_bug.cgi?id=159739

https://bugzilla.redhat.com/show_bug.cgi?id=159765

https://bugzilla.redhat.com/show_bug.cgi?id=159918

https://bugzilla.redhat.com/show_bug.cgi?id=159921

https://bugzilla.redhat.com/show_bug.cgi?id=160028

https://bugzilla.redhat.com/show_bug.cgi?id=160117

https://bugzilla.redhat.com/show_bug.cgi?id=160518

https://bugzilla.redhat.com/show_bug.cgi?id=160522

https://bugzilla.redhat.com/show_bug.cgi?id=160524

https://bugzilla.redhat.com/show_bug.cgi?id=160526

https://bugzilla.redhat.com/show_bug.cgi?id=160528

https://bugzilla.redhat.com/show_bug.cgi?id=160547

https://bugzilla.redhat.com/show_bug.cgi?id=160548

https://bugzilla.redhat.com/show_bug.cgi?id=160654

https://bugzilla.redhat.com/show_bug.cgi?id=160663

https://bugzilla.redhat.com/show_bug.cgi?id=160812

https://bugzilla.redhat.com/show_bug.cgi?id=160882

https://bugzilla.redhat.com/show_bug.cgi?id=161143

https://bugzilla.redhat.com/show_bug.cgi?id=161156

https://bugzilla.redhat.com/show_bug.cgi?id=161314

https://bugzilla.redhat.com/show_bug.cgi?id=161789

https://bugzilla.redhat.com/show_bug.cgi?id=161995

https://bugzilla.redhat.com/show_bug.cgi?id=162108

https://bugzilla.redhat.com/show_bug.cgi?id=162257

https://bugzilla.redhat.com/show_bug.cgi?id=162548

https://bugzilla.redhat.com/show_bug.cgi?id=162728

https://bugzilla.redhat.com/show_bug.cgi?id=163528

https://bugzilla.redhat.com/show_bug.cgi?id=164094

https://bugzilla.redhat.com/show_bug.cgi?id=164228

https://bugzilla.redhat.com/show_bug.cgi?id=164338

https://bugzilla.redhat.com/show_bug.cgi?id=164449

https://bugzilla.redhat.com/show_bug.cgi?id=164450

https://bugzilla.redhat.com/show_bug.cgi?id=164628

https://bugzilla.redhat.com/show_bug.cgi?id=164630

https://bugzilla.redhat.com/show_bug.cgi?id=164979

https://bugzilla.redhat.com/show_bug.cgi?id=164991

https://bugzilla.redhat.com/show_bug.cgi?id=165127

https://bugzilla.redhat.com/show_bug.cgi?id=165163

https://bugzilla.redhat.com/show_bug.cgi?id=165242

https://bugzilla.redhat.com/show_bug.cgi?id=165384

https://bugzilla.redhat.com/show_bug.cgi?id=165547

https://bugzilla.redhat.com/show_bug.cgi?id=165560

https://bugzilla.redhat.com/show_bug.cgi?id=165717

https://bugzilla.redhat.com/show_bug.cgi?id=166131

https://bugzilla.redhat.com/show_bug.cgi?id=166248

https://bugzilla.redhat.com/show_bug.cgi?id=166830

https://bugzilla.redhat.com/show_bug.cgi?id=167126

https://bugzilla.redhat.com/show_bug.cgi?id=167412

https://bugzilla.redhat.com/show_bug.cgi?id=167668

https://bugzilla.redhat.com/show_bug.cgi?id=167703

https://bugzilla.redhat.com/show_bug.cgi?id=167711

https://access.redhat.com/errata/RHSA-2005:514

Plugin Details

Severity: High

ID: 19989

File Name: redhat-RHSA-2005-514.nasl

Version: 1.29

Type: local

Agent: unix

Published: 10/11/2005

Updated: 11/4/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

Vendor

Vendor Severity: Important

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2005-1763

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2005-2801

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel, p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel, cpe:/o:redhat:enterprise_linux:4, p-cpe:/a:redhat:enterprise_linux:kernel-hugemem, p-cpe:/a:redhat:enterprise_linux:kernel-smp, p-cpe:/a:redhat:enterprise_linux:kernel-devel

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 10/5/2005

Vulnerability Publication Date: 6/8/2005

Reference Information

CVE: CVE-2005-0756, CVE-2005-1265, CVE-2005-1761, CVE-2005-1762, CVE-2005-1763, CVE-2005-2098, CVE-2005-2099, CVE-2005-2100, CVE-2005-2456, CVE-2005-2490, CVE-2005-2492, CVE-2005-2555, CVE-2005-2801, CVE-2005-2872, CVE-2005-3105, CVE-2005-3274, CVE-2005-3275, CVE-2005-4886, CVE-2006-5871

RHSA: 2005:514