RHEL 4 : Updated kernel packages available for Red Hat Enterprise Linux 4 Update 2 (Important) (RHSA-2005:514)

high Nessus Plugin ID 19989

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:514 advisory.

The Linux kernel handles the basic functions of the operating system.

This is the second regular kernel update to Red Hat Enterprise Linux 4.

New features introduced in this update include:
- Audit support
- systemtap - kprobes, relayfs
- Keyring support
- iSCSI Initiator - iscsi_sfnet 4:0.1.11-1
- Device mapper multipath support
- Intel dual core support
- esb2 chipset support
- Increased exec-shield coverage
- Dirty page tracking for HA systems
- Diskdump -- allow partial diskdumps and directing to swap

There were several bug fixes in various parts of the kernel. The ongoing effort to resolve these problems has resulted in a marked improvement in the reliability and scalability of Red Hat Enterprise Linux 4.

The following security bugs were fixed in this update, detailed below with corresponding CAN names available from the Common Vulnerabilities and Exposures project (cve.mitre.org):

- flaws in ptrace() syscall handling on 64-bit systems that allowed a local user to cause a denial of service (crash) (CAN-2005-0756, CAN-2005-1761, CAN-2005-1762, CAN-2005-1763)

- flaws in IPSEC network handling that allowed a local user to cause a denial of service or potentially gain privileges (CAN-2005-2456, CAN-2005-2555)

- a flaw in sendmsg() syscall handling on 64-bit systems that allowed a local user to cause a denial of service or potentially gain privileges (CAN-2005-2490)

- a flaw in sendmsg() syscall handling that allowed a local user to cause a denial of service by altering hardware state (CAN-2005-2492)

- a flaw that prevented the topdown allocator from allocating mmap areas all the way down to address zero (CAN-2005-1265)

- flaws dealing with keyrings that could cause a local denial of service (CAN-2005-2098, CAN-2005-2099)

- a flaw in the 4GB split patch that could allow a local denial of service (CAN-2005-2100)

- a xattr sharing bug in the ext2 and ext3 file systems that could cause default ACLs to disappear (CAN-2005-2801)

- a flaw in the ipt_recent module on 64-bit architectures which could allow a remote denial of service (CAN-2005-2872)

The following device drivers have been upgraded to new versions:

qla2100 --------- 8.00.00b21-k to 8.01.00b5-rh2 qla2200 --------- 8.00.00b21-k to 8.01.00b5-rh2 qla2300 --------- 8.00.00b21-k to 8.01.00b5-rh2 qla2322 --------- 8.00.00b21-k to 8.01.00b5-rh2 qla2xxx --------- 8.00.00b21-k to 8.01.00b5-rh2 qla6312 --------- 8.00.00b21-k to 8.01.00b5-rh2 megaraid_mbox --- 2.20.4.5 to 2.20.4.6 megaraid_mm ----- 2.20.2.5 to 2.20.2.6 lpfc ------------ 0:8.0.16.6_x2 to 0:8.0.16.17 cciss ----------- 2.6.4 to 2.6.6 ipw2100 --------- 1.0.3 to 1.1.0 tg3 ------------- 3.22-rh to 3.27-rh e100 ------------ 3.3.6-k2-NAPI to 3.4.8-k2-NAPI e1000 ----------- 5.6.10.1-k2-NAPI to 6.0.54-k2-NAPI 3c59x ----------- LK1.1.19 mptbase --------- 3.01.16 to 3.02.18 ixgb ------------ 1.0.66 to 1.0.95-k2-NAPI libata ---------- 1.10 to 1.11 sata_via -------- 1.0 to 1.1 sata_ahci ------- 1.00 to 1.01 sata_qstor ------ 0.04 sata_sil -------- 0.8 to 0.9 sata_svw -------- 1.05 to 1.06 s390: crypto ---- 1.31 to 1.57 s390: zfcp ------ s390: CTC-MPC --- s390: dasd ------- s390: cio ------- s390: qeth ------

All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 19989

File Name: redhat-RHSA-2005-514.nasl

Version: 1.29

Type: local

Agent: unix

Family: Red Hat Local Security Checks

Published: 10/11/2005

Updated: 11/4/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

Vendor

Vendor Severity: Important

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2005-1763

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2005-2801

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel, p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel, cpe:/o:redhat:enterprise_linux:4, p-cpe:/a:redhat:enterprise_linux:kernel-hugemem, p-cpe:/a:redhat:enterprise_linux:kernel-smp, p-cpe:/a:redhat:enterprise_linux:kernel-devel

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 10/5/2005

Vulnerability Publication Date: 6/8/2005

Reference Information

CVE: CVE-2005-0756, CVE-2005-1265, CVE-2005-1761, CVE-2005-1762, CVE-2005-1763, CVE-2005-2098, CVE-2005-2099, CVE-2005-2100, CVE-2005-2456, CVE-2005-2490, CVE-2005-2492, CVE-2005-2555, CVE-2005-2801, CVE-2005-2872, CVE-2005-3105, CVE-2005-3274, CVE-2005-3275, CVE-2005-4886, CVE-2006-5871

RHSA: 2005:514

Detections

Analytics