Detections
Analytics
RHEL 5 : Red Hat Enterprise Linux 5.7 kernel (RHSA-2011:1065)
high Nessus Plugin ID 55645
Language:
Synopsis
The remote Red Hat host is missing one or more security updates for Red Hat Enterprise Linux 5.7 kernel.Description
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1065 advisory.The kernel packages contain the Linux kernel, the core of any Linux operating system.
This update fixes the following security issues:
* A flaw was found in the way the Xen hypervisor implementation handled instruction emulation during virtual machine exits. A malicious user-space process running in an SMP guest could trick the emulator into reading a different instruction than the one that caused the virtual machine to exit.
An unprivileged guest user could trigger this flaw to crash the host. This only affects systems with both an AMD x86 processor and the AMD Virtualization (AMD-V) extensions enabled. (CVE-2011-1780, Important)
* A flaw allowed the tc_fill_qdisc() function in the Linux kernel's packet scheduler API implementation to be called on built-in qdisc structures. A local, unprivileged user could use this flaw to trigger a NULL pointer dereference, resulting in a denial of service. (CVE-2011-2525, Moderate)
* A flaw was found in the way space was allocated in the Linux kernel's Global File System 2 (GFS2) implementation. If the file system was almost full, and a local, unprivileged user made an fallocate() request, it could result in a denial of service. Note: Setting quotas to prevent users from using all available disk space would prevent exploitation of this flaw.
(CVE-2011-2689, Moderate)
These updated kernel packages include a number of bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Refer to the Red Hat Enterprise Linux 5.7 Technical Notes for information about the most significant bug fixes and enhancements included in this update:
https://docs.redhat.com/docs/en- US/Red_Hat_Enterprise_Linux/5/html/5.7_Technical_Notes/kernel.html#RHSA-2011-1065
All Red Hat Enterprise Linux 5 users are advised to install these updated packages, which correct these issues. The system must be rebooted for this update to take effect.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL Red Hat Enterprise Linux 5.7 kernel package based on the guidance in RHSA-2011:1065.See Also
https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=390451
https://bugzilla.redhat.com/show_bug.cgi?id=431738
https://bugzilla.redhat.com/show_bug.cgi?id=441730
https://bugzilla.redhat.com/show_bug.cgi?id=452650
https://bugzilla.redhat.com/show_bug.cgi?id=460821
https://bugzilla.redhat.com/show_bug.cgi?id=465876
https://bugzilla.redhat.com/show_bug.cgi?id=477032
https://bugzilla.redhat.com/show_bug.cgi?id=481546
https://bugzilla.redhat.com/show_bug.cgi?id=481629
https://bugzilla.redhat.com/show_bug.cgi?id=491740
https://bugzilla.redhat.com/show_bug.cgi?id=491786
https://bugzilla.redhat.com/show_bug.cgi?id=494927
https://bugzilla.redhat.com/show_bug.cgi?id=501314
https://bugzilla.redhat.com/show_bug.cgi?id=511901
https://bugzilla.redhat.com/show_bug.cgi?id=517629
https://bugzilla.redhat.com/show_bug.cgi?id=525898
https://bugzilla.redhat.com/show_bug.cgi?id=537277
https://bugzilla.redhat.com/show_bug.cgi?id=553411
https://bugzilla.redhat.com/show_bug.cgi?id=553803
https://bugzilla.redhat.com/show_bug.cgi?id=567449
https://bugzilla.redhat.com/show_bug.cgi?id=567540
https://bugzilla.redhat.com/show_bug.cgi?id=579000
https://bugzilla.redhat.com/show_bug.cgi?id=579858
https://bugzilla.redhat.com/show_bug.cgi?id=589512
https://bugzilla.redhat.com/show_bug.cgi?id=603345
https://bugzilla.redhat.com/show_bug.cgi?id=607114
https://bugzilla.redhat.com/show_bug.cgi?id=611407
https://bugzilla.redhat.com/show_bug.cgi?id=621916
https://bugzilla.redhat.com/show_bug.cgi?id=622542
https://bugzilla.redhat.com/show_bug.cgi?id=622647
https://bugzilla.redhat.com/show_bug.cgi?id=623979
https://bugzilla.redhat.com/show_bug.cgi?id=626585
https://bugzilla.redhat.com/show_bug.cgi?id=626974
https://bugzilla.redhat.com/show_bug.cgi?id=626977
https://bugzilla.redhat.com/show_bug.cgi?id=627496
https://bugzilla.redhat.com/show_bug.cgi?id=631950
https://bugzilla.redhat.com/show_bug.cgi?id=632399
https://bugzilla.redhat.com/show_bug.cgi?id=633196
https://bugzilla.redhat.com/show_bug.cgi?id=635992
https://bugzilla.redhat.com/show_bug.cgi?id=637970
https://bugzilla.redhat.com/show_bug.cgi?id=642388
https://bugzilla.redhat.com/show_bug.cgi?id=643292
https://bugzilla.redhat.com/show_bug.cgi?id=643872
https://bugzilla.redhat.com/show_bug.cgi?id=645343
https://bugzilla.redhat.com/show_bug.cgi?id=645528
https://bugzilla.redhat.com/show_bug.cgi?id=645646
https://bugzilla.redhat.com/show_bug.cgi?id=646513
https://bugzilla.redhat.com/show_bug.cgi?id=648572
https://bugzilla.redhat.com/show_bug.cgi?id=648657
https://bugzilla.redhat.com/show_bug.cgi?id=648854
https://bugzilla.redhat.com/show_bug.cgi?id=651333
https://bugzilla.redhat.com/show_bug.cgi?id=651409
https://bugzilla.redhat.com/show_bug.cgi?id=652321
https://bugzilla.redhat.com/show_bug.cgi?id=652369
https://bugzilla.redhat.com/show_bug.cgi?id=653286
https://bugzilla.redhat.com/show_bug.cgi?id=653828
https://bugzilla.redhat.com/show_bug.cgi?id=654293
https://bugzilla.redhat.com/show_bug.cgi?id=656836
https://bugzilla.redhat.com/show_bug.cgi?id=657166
https://bugzilla.redhat.com/show_bug.cgi?id=658012
https://bugzilla.redhat.com/show_bug.cgi?id=658418
https://bugzilla.redhat.com/show_bug.cgi?id=659594
https://bugzilla.redhat.com/show_bug.cgi?id=659715
https://bugzilla.redhat.com/show_bug.cgi?id=659816
https://bugzilla.redhat.com/show_bug.cgi?id=660368
https://bugzilla.redhat.com/show_bug.cgi?id=660661
https://bugzilla.redhat.com/show_bug.cgi?id=660871
https://bugzilla.redhat.com/show_bug.cgi?id=661300
https://bugzilla.redhat.com/show_bug.cgi?id=661306
https://bugzilla.redhat.com/show_bug.cgi?id=661904
https://bugzilla.redhat.com/show_bug.cgi?id=663041
https://bugzilla.redhat.com/show_bug.cgi?id=663123
https://bugzilla.redhat.com/show_bug.cgi?id=663563
https://bugzilla.redhat.com/show_bug.cgi?id=664592
https://bugzilla.redhat.com/show_bug.cgi?id=664931
https://bugzilla.redhat.com/show_bug.cgi?id=665197
https://bugzilla.redhat.com/show_bug.cgi?id=665972
https://bugzilla.redhat.com/show_bug.cgi?id=666080
https://bugzilla.redhat.com/show_bug.cgi?id=666304
https://bugzilla.redhat.com/show_bug.cgi?id=666866
https://bugzilla.redhat.com/show_bug.cgi?id=667327
https://bugzilla.redhat.com/show_bug.cgi?id=667660
https://bugzilla.redhat.com/show_bug.cgi?id=667810
https://bugzilla.redhat.com/show_bug.cgi?id=668934
https://bugzilla.redhat.com/show_bug.cgi?id=669603
https://bugzilla.redhat.com/show_bug.cgi?id=669961
https://bugzilla.redhat.com/show_bug.cgi?id=670367
https://bugzilla.redhat.com/show_bug.cgi?id=670373
https://bugzilla.redhat.com/show_bug.cgi?id=671238
https://bugzilla.redhat.com/show_bug.cgi?id=671595
https://bugzilla.redhat.com/show_bug.cgi?id=672619
https://bugzilla.redhat.com/show_bug.cgi?id=672724
https://bugzilla.redhat.com/show_bug.cgi?id=672981
https://bugzilla.redhat.com/show_bug.cgi?id=673058
https://bugzilla.redhat.com/show_bug.cgi?id=673242
https://bugzilla.redhat.com/show_bug.cgi?id=673459
https://bugzilla.redhat.com/show_bug.cgi?id=673616
https://bugzilla.redhat.com/show_bug.cgi?id=674175
https://bugzilla.redhat.com/show_bug.cgi?id=674226
https://bugzilla.redhat.com/show_bug.cgi?id=674298
https://bugzilla.redhat.com/show_bug.cgi?id=674514
https://bugzilla.redhat.com/show_bug.cgi?id=675727
https://bugzilla.redhat.com/show_bug.cgi?id=675986
https://bugzilla.redhat.com/show_bug.cgi?id=677703
https://bugzilla.redhat.com/show_bug.cgi?id=677893
https://bugzilla.redhat.com/show_bug.cgi?id=677902
https://bugzilla.redhat.com/show_bug.cgi?id=678073
https://bugzilla.redhat.com/show_bug.cgi?id=678074
https://bugzilla.redhat.com/show_bug.cgi?id=678359
https://bugzilla.redhat.com/show_bug.cgi?id=678571
https://bugzilla.redhat.com/show_bug.cgi?id=678618
https://bugzilla.redhat.com/show_bug.cgi?id=679120
https://bugzilla.redhat.com/show_bug.cgi?id=679407
https://bugzilla.redhat.com/show_bug.cgi?id=679487
https://bugzilla.redhat.com/show_bug.cgi?id=680329
https://bugzilla.redhat.com/show_bug.cgi?id=681303
https://bugzilla.redhat.com/show_bug.cgi?id=681586
https://bugzilla.redhat.com/show_bug.cgi?id=683155
https://bugzilla.redhat.com/show_bug.cgi?id=683978
https://bugzilla.redhat.com/show_bug.cgi?id=684795
https://bugzilla.redhat.com/show_bug.cgi?id=688646
https://bugzilla.redhat.com/show_bug.cgi?id=688989
https://bugzilla.redhat.com/show_bug.cgi?id=689860
https://bugzilla.redhat.com/show_bug.cgi?id=689943
https://bugzilla.redhat.com/show_bug.cgi?id=690555
https://bugzilla.redhat.com/show_bug.cgi?id=691460
https://bugzilla.redhat.com/show_bug.cgi?id=692946
https://bugzilla.redhat.com/show_bug.cgi?id=695357
https://bugzilla.redhat.com/show_bug.cgi?id=696411
https://bugzilla.redhat.com/show_bug.cgi?id=698432
https://bugzilla.redhat.com/show_bug.cgi?id=698879
https://bugzilla.redhat.com/show_bug.cgi?id=700546
https://bugzilla.redhat.com/show_bug.cgi?id=702355
https://bugzilla.redhat.com/show_bug.cgi?id=702652
https://bugzilla.redhat.com/show_bug.cgi?id=702657
https://bugzilla.redhat.com/show_bug.cgi?id=703213
https://bugzilla.redhat.com/show_bug.cgi?id=703416
https://bugzilla.redhat.com/show_bug.cgi?id=704497
https://bugzilla.redhat.com/show_bug.cgi?id=705324
https://bugzilla.redhat.com/show_bug.cgi?id=705455
https://bugzilla.redhat.com/show_bug.cgi?id=706414
https://bugzilla.redhat.com/show_bug.cgi?id=709224
https://bugzilla.redhat.com/show_bug.cgi?id=711450
https://bugzilla.redhat.com/show_bug.cgi?id=717068
https://bugzilla.redhat.com/show_bug.cgi?id=717742
https://bugzilla.redhat.com/show_bug.cgi?id=720552
https://bugzilla.redhat.com/show_bug.cgi?id=720861
http://www.nessus.org/u?8e88f52c
Plugin Details
Severity: High
ID: 55645
File Name: redhat-RHSA-2011-1065.nasl
Version: 1.24
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 7/22/2011
Updated: 3/21/2025
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
Vendor
Vendor Severity: Important
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 5.3
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2011-2525
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel, p-cpe:/a:redhat:enterprise_linux:kernel-pae, cpe:/o:redhat:enterprise_linux:5, p-cpe:/a:redhat:enterprise_linux:kernel-headers, p-cpe:/a:redhat:enterprise_linux:kernel-devel, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel, p-cpe:/a:redhat:enterprise_linux:kernel-kdump, p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel, p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:redhat:enterprise_linux:kernel-debug, p-cpe:/a:redhat:enterprise_linux:kernel-xen
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Ease: No known exploits are available
Patch Publication Date: 7/21/2011
Vulnerability Publication Date: 7/28/2011
Reference Information
CVE: CVE-2011-1780, CVE-2011-2525, CVE-2011-2689
RHSA: 2011:1065