Detections
Analytics
Fedora 10 : kernel-2.6.27.12-170.2.5.fc10 (2009-0923)
critical Nessus Plugin ID 38129
Synopsis
The remote Fedora host is missing a security update.Description
Update to kernel 2.6.27.12:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12 Includes security fixes: CVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID Reverts ALSA driver to the version that is upstream in kernel 2.6.27. This should be the last 2.6.27 kernel update for Fedora 10. A 2.6.28 update kernel is being tested.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected kernel package.See Also
http://www.nessus.org/u?9af5a301
http://www.nessus.org/u?bbb536f1
http://www.nessus.org/u?ddbb60cd
https://bugzilla.redhat.com/show_bug.cgi?id=477954
https://bugzilla.redhat.com/show_bug.cgi?id=478299
https://bugzilla.redhat.com/show_bug.cgi?id=480862
Plugin Details
Severity: Critical
ID: 38129
File Name: fedora_2009-0923.nasl
Version: 1.15
Type: local
Agent: unix
Family: Fedora Local Security Checks
Published: 4/23/2009
Updated: 1/11/2021
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:fedoraproject:fedora:kernel, cpe:/o:fedoraproject:fedora:10
Required KB Items: Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled
Patch Publication Date: 1/24/2009
Reference Information
CVE: CVE-2009-0029, CVE-2009-0065