MiracleLinux 3 : kernel-2.6.18-348.1.AXS3 (AXSA:2013-80:01)

🗓️ 16 Jan 2026 00:00:00Reported by TenableType

MiracleLinux 3 kernel fixes CVEs 2012-2372, 2012-3552, 2012-4508, 2012-4535, 2012-4537.

Reporter	Title	Published	Views	Family All 512
0day.today	Xen - Broken Check in memory_exchange() Permits PV Guest Breakout Vulnerability	12 Apr 201700:00	–	zdt
Amazon	Medium: kernel	5 Jul 201200:00	–	amazon
Amazon	Medium: kernel	8 Oct 201200:00	–	amazon
Amazon	Medium: kernel	20 Nov 201200:00	–	amazon
Tenable Nessus	Amazon Linux AMI : kernel (ALAS-2012-100)	4 Sep 201300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : kernel (ALAS-2012-133)	4 Sep 201300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : kernel (ALAS-2012-142)	4 Sep 201300:00	–	nessus
Tenable Nessus	CentOS 6 : kernel (CESA-2012:0743)	21 Jun 201200:00	–	nessus
Tenable Nessus	CentOS 6 : kernel (CESA-2012:1304)	27 Sep 201200:00	–	nessus
Tenable Nessus	CentOS 5 : kernel (CESA-2012:1540)	7 Dec 201200:00	–	nessus

Source	Link
tsn	www.tsn.miraclelinux.com/en/node/3708
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2013-80:01.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(290045);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/19");

  script_cve_id(
    "CVE-2012-2372",
    "CVE-2012-3552",
    "CVE-2012-4508",
    "CVE-2012-4535",
    "CVE-2012-4537",
    "CVE-2012-5513"
  );

  script_name(english:"MiracleLinux 3 : kernel-2.6.18-348.1.AXS3 (AXSA:2013-80:01)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2013-80:01 advisory.

    The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel
    handles the basic functions of the operating system: memory allocation, process allocation, device input
    and output, etc.
    Security issues fixed with this release:
     CVE-2012-2372
    The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol
    implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service
    (BUG_ON and kernel panic) by establishing an RDS connection with the source IP address equal to the IPoIB
    interface's own IP address, as demonstrated by rds-ping.
     CVE-2012-3552
    The IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of
    service (slab corruption and system crash) by sending packets to an application that sets socket options
    during the handling of network traffic.
     CVE-2012-4508
    Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain
    sensitive information from a deleted file by reading an extent that was not properly marked as
    uninitialized.
     CVE-2012-4535
    Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial
    of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an inappropriate
    deadline.
     CVE-2012-4537
    Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables
    when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of
    service (memory consumption and assertion failure), aka Memory mapping failure DoS vulnerability.
     CVE-2012-5513
    The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which
    allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges
    via unspecified vectors that overwrite memory in the hypervisor reserved range.
    Fixed bugs:
     Modified the qla2xxx driver so that it now correctly detects all attached LUNs.
     The Media Independent Interfacestatus of the bond interface in 802.3ad appeared as up even when MII
    status of all of the slave devices was down. This has been fixed.
    Enhancements:
     Backported many changes from the bnx2x driver upstream version, in particular, the remote-fault link
    detection feature.
     The INET socket interface now sends a warning when a third-party module using the kmalloc() function
    allocates the ip_options structure.
    Please also check the changelog for extensive details.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/3708");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-5513");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2012-3552");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/06/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/02/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-PAE");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-PAE-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-xen-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:3");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^3([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 3.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '3',
    'pkgs': [
      {'reference':'kernel-2.6.18-348.1.AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-2.6.18-348.1.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-devel-2.6.18-348.1.AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-devel-2.6.18-348.1.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-headers-2.6.18-348.1.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-PAE-2.6.18-348.1.AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-PAE-devel-2.6.18-348.1.AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-xen-2.6.18-348.1.AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-xen-2.6.18-348.1.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-xen-devel-2.6.18-348.1.AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-xen-devel-2.6.18-348.1.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-PAE / kernel-PAE-devel / kernel-devel / etc');
}

19 Jan 2026 00:00Current

6.9Medium risk

Vulners AI Score6.9

CVSS 27.1

CVSS 3.15.9

EPSS0.02031