Vulners
Lucene search
MiracleLinux 3 : kernel-2.6.18-53.11AXS3 (AXSA:2008-150:05)
| Reporter | Title | Published | Views | Family All 615 |
|---|---|---|---|---|
 | CVE-2007-6694 | 29 Jan 200820:00 | – | attackerkb |
 | CentOS 4 : kernel (CESA-2007:0488) | 27 Jun 200700:00 | – | nessus |
| CentOS 5 : kernel (CESA-2007:0936) | 3 Oct 200700:00 | – | nessus |
| CentOS 4 : kernel (CESA-2007:0937) | 3 Oct 200700:00 | – | nessus |
| CentOS 3 : kernel (CESA-2007:0938) | 3 Oct 200700:00 | – | nessus |
| CentOS 4 : kernel (CESA-2007:0939) | 23 Apr 200900:00 | – | nessus |
| CentOS 5 : kernel (CESA-2007:0940) | 6 Jan 201000:00 | – | nessus |
| CentOS 3 : kernel (CESA-2007:1049) | 4 Dec 200700:00 | – | nessus |
| CentOS 4 : kernel (CESA-2007:1104) | 24 Dec 200700:00 | – | nessus |
| CentOS 4 : kernel (CESA-2008:0055) | 5 Feb 200800:00 | – | nessus |
10
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2008-150:05.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(284402);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/12");
script_cve_id(
"CVE-2006-6921",
"CVE-2007-3104",
"CVE-2007-4308",
"CVE-2007-4571",
"CVE-2007-4573",
"CVE-2007-4997",
"CVE-2007-5494",
"CVE-2007-5938",
"CVE-2007-6063",
"CVE-2007-6206",
"CVE-2007-6694",
"CVE-2008-0001",
"CVE-2008-0600"
);
script_name(english:"MiracleLinux 3 : kernel-2.6.18-53.11AXS3 (AXSA:2008-150:05)");
script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2008-150:05 advisory.
The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The
kernel handles the basic functions of the operating system: memory allocation, process allocation, device
input and output, etc.
- [cpufreq] : coordinate to keep abi compatibility with rhel51 (Patch104214)
[Bug 4145]
- revert : CVE-2007-4571 : Convert snd-page-alloc proc file to use seq_file for
alsa (Patch200105) [Bug 4145]
- [sky2] : Disable checksum on Yukon2-XL to prevent an annoying error message
caused by the chip glitch (Patch102620) [Bug 4898]
- [x86_64] replace : extend MCE banks support for Dunnington, Nehalem
(Patch108110 -> Patch108111) [Bug 4793]
- [scsi] replace : megaraid_sas: wait for cmd_status to change (Patch103130)
[Bug 4543]
- [nfs] sunrpc: fix hang due to eventd deadlock (Patch108090) [Bug 4703]
- [nfs] sunrpc: fix a race in rpciod_down (Patch108091) [Bug 4703]
- [x86_64] Switching to vsyscall64 causes oops (Jeff Burke) (Patch108100)
[Bug 4740]
- [x86_64] Remove 6 bank limitation in 64 bit MCE reporting code (Patch108110)
[Bug 4457]
- [scsi] megaraid_sas: wait for cmd_status to change (Patch103130) [Bug 4543]
- [scsi] megaraid_sas: many illegal interrupts appear (Patch103131) [Bug 4779]
- [cpufreq] Add check for dmi_data in powernow_k8 driver
(Patch104211 Patch104213) [Bug 4604]
- [MAZE] Update MAZE to replace Patch file (Patch300002) [Bug 4774]
- [cpufreq] revert: Hot fix about cpufreq (Patch104211) [Bug 4604]
- [cxgb3] revert: Merge cxgb3 driver version 1.0.129a. Although TOE can work with
CONFIG_TCP_OFFLOAD, we disable by default. (Patch103090) [Bug 4145]
- [net] ipv6: Drop packets for loopback address from outside of the box
(Patch108086) [Bug 4546]
- [scsi] lpfc: Update version from 8.1.10.9 to 8.2.0.22 with bug fix
(Patch102100 - Patch102104) [Bug 4462]
- [cpufreq] Hot fix about cpufreq (Patch104200 - Patch104211) [Bug 3958]
- [cpufreq] Hot fix about cpufreq (Patch104212) [Bug 4531]
- [x86] Correct cpu cache info for Intel Tolapai (Patch108084) [Bug 4475]
- [x86] Support ICH10 (Patch108085) [Bug 4527]
- [misc] Fix a deadlock about smp_send_stop when panic (Patch200100) [Bug 4205]
- [misc] Fix a deadlock on on_each_cpu (Patch200101) [Bug 4345]
- [x86] report_lost_ticks fix up (Patch100120) [Bug 4161]
- [e1000e] Revert 7.6.15.5-NAPI and update to 0.2.9.5 (Patch103113 Patch103114)
[Bug 4247]
- [net] (IPV6) Accept routing header only when hdr->segments_left is zero
(Patch108080) [Bug 4377]
- [net] (IPV6) Fix BUG of ndisc_send_redirect()
backport from 2.6.20 (Patch108081) [Bug 4379]
- [net] (IPV6) Fix ICMPv6 redirect handling with target multicast address
backport from 2.6.23 (Patch108082) [Bug 4379]
- [net] (IPV6) Defer IPv6 device initialization until a valid qdisc is specified
(Patch108083) [Bug 4380]
- [ioat] Update ioat device ids (Patch108032) [Bug 4289]
- CVE-2007-4571 : Convert snd-page-alloc proc file to use seq_file for alsa
[Patch200105]
- CVE-2007-4997 : off-by-two integer underflow for ieee80211 [Patch200106]
- CVE-2007-5494 : missing dput in do_lookup error leaks dentries for fs
[Patch200107]
- [fs] sysfs: store inode nrs in s_ino (Eric Sandeen ) [245777] {CVE-2007-3104}
[Patch200108]
- Delete [Patch103007], which been instead by [Patch200108]
- [fs] sysfs: fix condition check in sysfs_drop_dentry() (Eric Sandeen )
[245777] {CVE-2007-3104} [Patch200109]
- [fs] sysfs: fix race condition around sd->s_dentry (Eric Sandeen ) [245777]
{CVE-2007-3104} [Patch200110]
- [fs] core dump file ownership (Don Howard ) [396991] {CVE-2007-6206}
[Patch200111]
- [fs] corruption by unprivileged user in directories (Vitaly Mayatskikh )
[428796] {CVE-2008-0001} [Patch200112]
- CVE-2008-0600 : kernel vmsplice_to_pipe flaw [Patch200115]
- CVE-2006-6921 : Denial of service with wedged processes [Patch200116]
- CVE-2007-6063 : fix possible isdn_net buffer overflows [Patch200118]
- CVE-2007-6694 : fix possible strncmp NULL pointer usage [Patch200119]
- CVE-2007-5938 : fix NULL dereference in iwl driver [Patch200120]
- [KAHO] Delete Debug option (Patch300004) [Bug 4290]
- [KAHO] Fix the invalid state change (Patch300004) [Bug 4291]
- [KAHO] Fix the deadlock in consecutive memory allocation (Patch300004) [Bug 4292]
- [KAHO] Fix typo in error message (Patch300004) [Bug 4293]
- [MAZE] Update MAZE to replace Patch file (Patch300002) [Bug 4309]
- [e1000e] Fix network link down when repeating to reboot (Patch103112)
[Bug 4184]
- [MAZE] Update MAZE to replace Patch file (Patch300002) [Bug 4181]
- [E7221] Add E7221 pci ids to kernel (Patch108040) [Bug 3909]
- [IA64] forbid ptrace changes psr.ri to 3 (Patch108050) [Bug 3576]
- [igb] Backport patch for 2.6.18 (Patch103081) [Bug 4129]
- [stex] Update patch of 3.06.0205.00 (Patch102060) [Bug 3858]
- [ocfs2] Update version number to 1.2.8 (Patch103100) [Bug 4073]
- [e1000e] Fix unknown symbol e1000_intr_msi (Patch103110) [Bug 4105]
- [e1000e] Fix ethtool gets a wrong driver name (Patch103111) [Bug 4144]
- [IOAPIC] Fix IOAPIC uniqe ID checking (Patch108060) [Bug 4057]
- [cxgb3] Merge cxgb3 driver version 1.0.129a. Although TOE can work with
CONFIG_TCP_OFFLOAD, we disable by default. (Patch103090) [Bug 3928]
- [x86 oprofile] Add support for the latest Intel processors to Oprofile
[Patch108001 Bug 3948]
- [ixgbe] Add support ixgbe-1.3.16.1 [Patch103071 Patch103072 Bug 3950]
- [dca] Add a new module dca which depend by ioat && ixgbe [Patch103070]
- [igb] Update igb driver to version 1.2.22 (Patch103080) [Bug 3954]
- [ioat] Update ioat driver to version 1.9 and support unisys
(Patch108030, Patch108030) [Bug 3956]
- [ACPICA] Fix acpi-cpufreq boot crash due to _PSD return-by-reference
[Patch108000 Bug 3957]
- [e1000e] Update e1000e to v7.6.15 with replace Patch files
(Patch103042, Patch103043, Patch103044, Patch103045, Patch103047,
Patch103048, Patch103049) [Bug 4055]
- [comptemp] Add support coretemp driver for hwmon using a snapshot of
torvalds/linux-2.6.git (Patch108010) [Bug 4071]
- [it87] Add IT8716F/IT8718F/IT8726F support (Patch108020) [Bug 4072]
- [ocfs2] Update ocfs2 driver to version 1.2.8-2 (Patch103051) [Bug 4073]
- [PCI IDS] Update pci_ids
HT1000 [Patch104001 ~ Patch104002]
MCP67/73/77 [Patch104003 ~ Patch104006]
VIA VT8237S [Patch104007]
INTEL TOLAPAI [Patch104008 ~ Patch104009]
BCM82XX [Patch104010 ~ Patch104014]
- [KAHO] Add KAHO runtime binary patch function (Patch300001, bug#4019)
- [MAZE] Add MAZE Monitoring function (Patch300002, bug#4025)
- [SCTP] Upgrade of based codes to 2.6.21 of stock kernel
and bug fix for AXS3SP1 (Patch300003, bug#4027)
- Build Base Kernel For Asianux
- Merge patches from AX20 SP2
- [Patches 100100 100101 100200 100201 102030 102031 102040 102050 103000
- 103002 103060]
- Merge patches from AXS3
- [Patches 100102 100104 100105 100110 100111 100112 100114 100115 100300
- 102011 102012 102014 102015 102020 102021 102022 102023 102024 102051
- 102052 102500 102501 102600 102601 103004 103005 103006 103007 103010
- 103011 103012 103013 103014 103015 103018 103019 103020 103021 103022
- 103023 103031 103032 103034 103039 103040 103041 103042 103043 103044
- 103045 103046 103047 103048 103049 103050 103052 103053 103056 103057
- 103059 103061 103062 200000 200001 200002 200003 200004 200005 200006
- 200007 200011]
- [GFS2] handle multiple demote requests
- [scsi] megaraid_sas: kabi fix for /proc entries
- [sound] allow creation of null parent devices
- [net] iwlwifi: avoid BUG_ON in tx cmd queue processing
- [GFS2] Get super block a different way
- [GFS2] dlm: schedule during recovery loops
- Revert: [pata] IDE (siimage) panics when DRAC4 reset
- Revert: [net] bonding: convert timers to workqueues
- [pata] enable IDE (siimage) DRAC4
- [GFS2] gfs2_writepage(s) workaround
- [scsi] aacraid: Missing ioctl() permission checks {CVE-2007-4308}
- [GFS2] Solve journaling/{release|invalidate}page issues
- [x86_64] syscall vulnerability CVE-2007-4573}
- [GFS2] Fix i_cache stale entry
- [GFS2] deadlock running revolver load with lock_nolock
Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/247");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2008-0600");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:"CANVAS");
script_set_attribute(attribute:"vendor_severity", value:"High");
script_set_attribute(attribute:"vuln_publication_date", value:"2007/01/12");
script_set_attribute(attribute:"patch_publication_date", value:"2008/09/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-PAE");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-PAE-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-xen-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:3");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Miracle Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm2.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^3([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 3.x', 'MIRACLE LINUX ' + os_version);
if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);
var constraints = [
{
'release': '3',
'pkgs': [
{'reference':'kernel-2.6.18-53.11AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-2.6.18-53.11AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-devel-2.6.18-53.11AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-devel-2.6.18-53.11AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-headers-2.6.18-53.11AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-PAE-2.6.18-53.11AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-PAE-devel-2.6.18-53.11AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-xen-2.6.18-53.11AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-xen-2.6.18-53.11AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-xen-devel-2.6.18-53.11AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-xen-devel-2.6.18-53.11AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
]
}
];
var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');
var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
# Check that the target release is equal to the affected release
if (!empty_or_null(constraint['release'])){
if (constraint['release'] != os_release) continue;
}
if (!empty_or_null(constraint['sp'])){
if (constraint['sp'] != os_sp) continue;
}
foreach var pkg ( constraint['pkgs'] ) {
reference = NULL;
sp = NULL;
_cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
exists_check = NULL;
cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
## (no known rpm to check OR known rpm_exists)
(!exists_check || rpm_exists(rpm:exists_check)) &&
rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-PAE / kernel-PAE-devel / kernel-devel / etc');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
12 Feb 2026 00:00Current
7.4High risk
Vulners AI Score7.4
CVSS 27.8
EPSS0.05391