10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.232 Low
EPSS
Percentile
96.4%
CentOS Errata and Security Advisory CESA-2010:0606
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
a flaw was found in the CIFSSMBWrite() function in the Linux kernel
Common Internet File System (CIFS) implementation. A remote attacker could
send a specially-crafted SMB response packet to a target CIFS client,
resulting in a kernel panic (denial of service). (CVE-2010-2248, Important)
buffer overflow flaws were found in the Linux kernel’s implementation of
the server-side External Data Representation (XDR) for the Network File
System (NFS) version 4. An attacker on the local network could send a
specially-crafted large compound request to the NFSv4 server, which could
possibly result in a kernel panic (denial of service) or, potentially, code
execution. (CVE-2010-2521, Important)
This update also fixes the following bug:
Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-August/079114.html
https://lists.centos.org/pipermail/centos-announce/2010-August/079115.html
Affected packages:
kernel
kernel-devel
kernel-doc
kernel-hugemem
kernel-hugemem-devel
kernel-largesmp
kernel-largesmp-devel
kernel-smp
kernel-smp-devel
kernel-xenU
kernel-xenU-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0606
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | x86_64 | kernel | < 2.6.9-89.0.28.EL | kernel-2.6.9-89.0.28.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-devel | < 2.6.9-89.0.28.EL | kernel-devel-2.6.9-89.0.28.EL.x86_64.rpm |
CentOS | 4 | noarch | kernel-doc | < 2.6.9-89.0.28.EL | kernel-doc-2.6.9-89.0.28.EL.noarch.rpm |
CentOS | 4 | x86_64 | kernel-largesmp | < 2.6.9-89.0.28.EL | kernel-largesmp-2.6.9-89.0.28.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-largesmp-devel | < 2.6.9-89.0.28.EL | kernel-largesmp-devel-2.6.9-89.0.28.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-smp | < 2.6.9-89.0.28.EL | kernel-smp-2.6.9-89.0.28.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-smp-devel | < 2.6.9-89.0.28.EL | kernel-smp-devel-2.6.9-89.0.28.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-xenu | < 2.6.9-89.0.28.EL | kernel-xenU-2.6.9-89.0.28.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-xenu-devel | < 2.6.9-89.0.28.EL | kernel-xenU-devel-2.6.9-89.0.28.EL.x86_64.rpm |
CentOS | 4 | i586 | kernel | < 2.6.9-89.0.28.EL | kernel-2.6.9-89.0.28.EL.i586.rpm |