Oracle Linux 5 : kernel (ELSA-2011-0004)

medium Nessus Plugin ID 68176

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0004 advisory.

- [virt] xen: fix netback hotplug regression in xenbus fix (Laszlo Ersek) [636412 635999] {CVE-2010-3699}
- [misc] posix-cpu-timers: workaround for mt exec problems (Oleg Nesterov) [656265 656266] {CVE-2010-4248}
- [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645226 645227] {CVE-2010-3858}
- [net] inet_diag: make sure we run audited bytecode (Jiri Pirko) [651266 651267] {CVE-2010-3880}
- [net] limit sendto/recvfrom/iovec total length to INT_MAX (Jiri Pirko) [645871 645872] {CVE-2010-3859}
- [bluetooth] hci_ldisc: fix missing NULL check (Jarod Wilson) [655664 655666] {CVE-2010-4242}
- [virt] xen: add bounds req-process loop in blkback/blktap (Laszlo Ersek) [656208 654546] {CVE-2010-4247}
- [virt] xen: don't leak dev refs on bad xenbus transitions (Laszlo Ersek) [636412 635999] {CVE-2010-3699}
- [net] rds: fix rds_iovec page count overflow (Jiri Pirko) [647421 647422] {CVE-2010-3865}
- [net] fix deadlock in sock_queue_rcv_skb (Danny Feng) [652536 652537] {CVE-2010-4161}
- [net] packet: fix information leak to userland (Jiri Pirko) [649897 649898] {CVE-2010-3876}
- [ipc] sys_semctl: fix kernel stack leakage (Danny Feng) [648721 648722] {CVE-2010-4083}
- [net] sctp: do not reset packet during sctp_packet_config (Jiri Pirko) [637866 637867] {CVE-2010-3432}
- [scsi] gdth: prevent integer overflow in ioc_general (Frantisek Hrbata) [651175 651176] {CVE-2010-4157}
- [sound] core: prevent heap corruption in snd_ctl_new (Jerome Marchand) [638483 638484] {CVE-2010-3442}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2011-0004.html

Plugin Details

Severity: Medium

ID: 68176

File Name: oraclelinux_ELSA-2011-0004.nasl

Version: 1.18

Type: local

Agent: unix

Published: 7/12/2013

Updated: 11/1/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2010-3865

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 5.3

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS Score Source: CVE-2010-3880

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-xen-devel, p-cpe:/a:oracle:linux:oracleasm-2.6.18-194.32.1.0.1.el5pae, p-cpe:/a:oracle:linux:kernel-pae, p-cpe:/a:oracle:linux:ocfs2-2.6.18-194.32.1.0.1.el5pae, p-cpe:/a:oracle:linux:oracleasm-2.6.18-194.32.1.0.1.el5, p-cpe:/a:oracle:linux:oracleasm-2.6.18-194.32.1.0.1.el5xen, p-cpe:/a:oracle:linux:kernel-debug-devel, p-cpe:/a:oracle:linux:kernel-debug, p-cpe:/a:oracle:linux:kernel-headers, p-cpe:/a:oracle:linux:kernel, p-cpe:/a:oracle:linux:kernel-xen, cpe:/o:oracle:linux:5, p-cpe:/a:oracle:linux:kernel-devel, p-cpe:/a:oracle:linux:ocfs2-2.6.18-194.32.1.0.1.el5debug, p-cpe:/a:oracle:linux:oracleasm-2.6.18-194.32.1.0.1.el5debug, p-cpe:/a:oracle:linux:kernel-pae-devel, p-cpe:/a:oracle:linux:ocfs2-2.6.18-194.32.1.0.1.el5xen, p-cpe:/a:oracle:linux:ocfs2-2.6.18-194.32.1.0.1.el5

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/5/2011

Vulnerability Publication Date: 10/4/2010

Reference Information

CVE: CVE-2010-3432, CVE-2010-3442, CVE-2010-3699, CVE-2010-3858, CVE-2010-3859, CVE-2010-3865, CVE-2010-3876, CVE-2010-3880, CVE-2010-4083, CVE-2010-4157, CVE-2010-4161, CVE-2010-4242, CVE-2010-4247, CVE-2010-4248

BID: 43480, 43787, 43809, 44301, 44354, 44549, 44630, 44648, 44665, 45014, 45028, 45029, 45039, 45064

RHSA: 2011:0004