RHEL 5 : kernel (RHSA-2008:0089)

critical Nessus Plugin ID 30090

Synopsis

The remote Red Hat host is missing one or more security updates for kernel.

Description

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:0089 advisory.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

These new kernel packages fix the following security issues:

A flaw was found in the virtual filesystem (VFS). An unprivileged local user could truncate directories to which they had write permission; this could render the contents of the directory inaccessible. (CVE-2008-0001, Important)

A flaw was found in the Xen PAL emulation on Intel 64 platforms. A guest Hardware-assisted virtual machine (HVM) could read the arbitrary physical memory of the host system, which could make information available to unauthorized users. (CVE-2007-6416, Important)

A flaw was found in the way core dump files were created. If a local user can get a root-owned process to dump a core file into a directory, which the user has write access to, they could gain read access to that core file, potentially containing sensitive information. (CVE-2007-6206, Moderate)

A buffer overflow flaw was found in the CIFS virtual file system. A remote,authenticated user could issue a request that could lead to a denial of service. (CVE-2007-5904, Moderate)

A flaw was found in the sysfs_readdir function. A local user could create a race condition which would cause a denial of service (kernel oops).
(CVE-2007-3104, Moderate)

As well, these updated packages fix the following bugs:

* running the strace -f command caused strace to hang, without displaying information about child processes.

* unmounting an unresponsive, interruptable NFS mount, for example, one mounted with the intr option, may have caused a system crash.

* a bug in the s2io.ko driver prevented VLAN devices from being added.
Attempting to add a device to a VLAN, for example, running the vconfig add [device-name] [vlan-id] command caused vconfig to fail.

* tux used an incorrect open flag bit. This caused problems when building packages in a chroot environment, such as mock, which is used by the koji build system.

Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL kernel package based on the guidance in RHSA-2008:0089.

See Also

http://www.nessus.org/u?62772f98

https://access.redhat.com/security/updates/classification/#important

https://bugzilla.redhat.com/show_bug.cgi?id=245777

https://bugzilla.redhat.com/show_bug.cgi?id=372701

https://bugzilla.redhat.com/show_bug.cgi?id=396861

https://bugzilla.redhat.com/show_bug.cgi?id=412091

https://bugzilla.redhat.com/show_bug.cgi?id=414041

https://bugzilla.redhat.com/show_bug.cgi?id=424181

https://bugzilla.redhat.com/show_bug.cgi?id=425381

https://bugzilla.redhat.com/show_bug.cgi?id=426289

https://bugzilla.redhat.com/show_bug.cgi?id=427994

https://bugzilla.redhat.com/show_bug.cgi?id=428791

https://access.redhat.com/errata/RHSA-2008:0089

Plugin Details

Severity: Critical

ID: 30090

File Name: redhat-RHSA-2008-0089.nasl

Version: 1.29

Type: local

Agent: unix

Published: 1/27/2008

Updated: 11/4/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

Vendor

Vendor Severity: Important

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:A/AC:H/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2007-5904

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel, p-cpe:/a:redhat:enterprise_linux:kernel-pae, cpe:/o:redhat:enterprise_linux:5, p-cpe:/a:redhat:enterprise_linux:kernel-headers, p-cpe:/a:redhat:enterprise_linux:kernel-devel, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel, p-cpe:/a:redhat:enterprise_linux:kernel-kdump, p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel, p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:redhat:enterprise_linux:kernel-debug, p-cpe:/a:redhat:enterprise_linux:kernel-xen

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 1/23/2008

Vulnerability Publication Date: 6/26/2007

Reference Information

CVE: CVE-2007-3104, CVE-2007-5904, CVE-2007-6206, CVE-2007-6416, CVE-2008-0001

BID: 24631, 26438, 26701, 27280

RHSA: 2008:0089