Scientific Linux Security Update : kernel on SL4.x i386/x86_64

critical Nessus Plugin ID 60831

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

This update fixes the following security issues :

- a flaw was found in the CIFSSMBWrite() function in the Linux kernel Common Internet File System (CIFS) implementation. A remote attacker could send a specially crafted SMB response packet to a target CIFS client, resulting in a kernel panic (denial of service).
(CVE-2010-2248, Important)

- buffer overflow flaws were found in the Linux kernel's implementation of the server-side External Data Representation (XDR) for the Network File System (NFS) version 4. An attacker on the local network could send a specially crafted large compound request to the NFSv4 server, which could possibly result in a kernel panic (denial of service) or, potentially, code execution.
(CVE-2010-2521, Important)

This update also fixes the following bug :

- the rpc_call_async() function in the SUN Remote Procedure Call (RPC) subsystem in the Linux kernel had a reference counting bug. In certain situations, some Network Lock Manager (NLM) messages may have triggered this bug on NFSv2 and NFSv3 servers, leading to a kernel panic (with 'kernel BUG at fs/lockd/host.c:[xxx]!' logged to '/var/log/messages'). (BZ#612962)

The system must be rebooted for this update to take effect.

Solution

Update the affected packages.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=612962

http://www.nessus.org/u?73caa5af

Plugin Details

Severity: Critical

ID: 60831

File Name: sl_20100805_kernel_on_SL4_x.nasl

Version: 1.6

Type: local

Agent: unix

Published: 8/1/2012

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 8/5/2010

Reference Information

CVE: CVE-2010-2248, CVE-2010-2521