Vulners
Lucene search
MiracleLinux 3 : kernel-2.6.18-371.3.AXS3 (AXSA:2014-405:01)
| Reporter | Title | Published | Views | Family All 1444 |
|---|---|---|---|---|
 | Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt22 | 9 May 201400:00 | – | altlinux |
| Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt18 | 13 Feb 201400:00 | – | altlinux |
| Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt13 | 24 Nov 201300:00 | – | altlinux |
| Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt12 | 25 Oct 201300:00 | – | altlinux |
 | Medium: kernel | 2 Mar 201300:00 | – | amazon |
| Medium: kernel | 24 Sep 201300:00 | – | amazon |
| Medium: kernel | 16 Oct 201300:00 | – | amazon |
| Medium: kernel | 26 Feb 201400:00 | – | amazon |
 | Amazon Linux AMI : kernel (ALAS-2013-166) | 4 Sep 201300:00 | – | nessus |
| Amazon Linux AMI : kernel (ALAS-2013-228) | 1 Oct 201300:00 | – | nessus |
10
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2014-405:01.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(289145);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/19");
script_cve_id(
"CVE-2012-4398",
"CVE-2012-6638",
"CVE-2013-0343",
"CVE-2013-2888",
"CVE-2013-2929",
"CVE-2013-4299",
"CVE-2013-4345",
"CVE-2013-4355",
"CVE-2013-4368",
"CVE-2013-4483",
"CVE-2013-4494",
"CVE-2013-4554",
"CVE-2013-6381",
"CVE-2013-6383",
"CVE-2013-6885",
"CVE-2013-7263"
);
script_name(english:"MiracleLinux 3 : kernel-2.6.18-371.3.AXS3 (AXSA:2014-405:01)");
script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2014-405:01 advisory.
The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel
handles the basic functions of the operating system: memory allocation, process allocation, device input
and output, etc.
Security issues fixed with this release:
CVE-2012-4398
The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain
killable attribute, which allows local users to cause a denial of service (memory consumption) via a
crafted application.
CVE-2012-6638
The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote
attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a
different vulnerability than CVE-2012-2663.
CVE-2013-2888
Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the
Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial
of service (heap memory corruption) via a crafted device that provides an invalid Report ID.
CVE-2013-0343
The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly
handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a
denial of service (excessive retries and address-generation outage), and consequently obtain sensitive
information, via ICMPv6 Router Advertisement (RA) messages.
CVE-2013-4299
Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows
remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a
snapshot block device.
CVE-2013-4345
Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4
makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple
requests for small amounts of data, leading to improper management of the state of the consumed data.
CVE-2013-4368
The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment
override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain
sensitive information (hypervisor stack content) via unspecified vectors related to stale data in a
segment register.
CVE-2013-4355
Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain
hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations
related to addresses without associated memory.
CVE-2013-4494
Xen before 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock and grant_table.lock in the same
order, which allows local guest administrators with access to multiple vcpus to cause a denial of service
(host deadlock) via unspecified vectors.
CVE-2013-2929
The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users
to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a
crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h.
CVE-2013-4483
The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a
reference count, which allows local users to cause a denial of service (memory consumption or system
crash) via a crafted application.
CVE-2013-4554
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not
properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted
application running in ring 1 or 2.
CVE-2013-6381
Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel
through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact
via an SNMP ioctl call with a length value that is incompatible with the command-buffer size.
CVE-2013-6383
The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not
require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via
a crafted ioctl call.
CVE-2013-6885
The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between
locked instructions and write-combined memory types, which allows local users to cause a denial of service
(system hang) via a crafted application, aka the errata 793 issue.
CVE-2013-7263
The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data
structures have been initialized, which allows local users to obtain sensitive information from kernel
stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c,
net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.
Fixed bugs:
Re-ordered the tasks in the RPC wait queue to fix a race condition between the rpc_wake_up_task() and
rpc_wake_up_status() functions introduced by a recent modification to the sunrpc code.
Previously, running a background process on a GFS2 file system could trigger a glock recursion error
leading to a kernel panic. This has been fixed and readpage operations do not attempt to take a glock that
was already held any longer.
Fixed a kernel panic that happened when the kernel dereferenced a NULL pointer; this was due to an
incomplete backport to the IUCV code.
Previously, GFS2 prevented glock work queues from freeing glock-related memory while the glock memory
shrinker queued a large number of demote requests. Because of this bug, glock work queues became
overloaded and resulted in a high CPU usage rendering GFS2 file systems unresponsive for a while. This has
been partially fixed: this still happens but only on extremely high work loads.
With the recent addition of the NT LAN Manager Security Support Provider (NTLMSSP) authentication
mechanism, a regression was introduced resulting in the impossibility to mount multiple SMB shares with
different credentials to the same server. This has been fixed.
The igb driver now uses a a 32-bit mask as expected, instead of the previous 16-bit mask that disrupted
the flow control a network device.
Previously, when a kernel panic occurred on a system utilizing IPMI without Kdump being set up, it could
trigger a second kernel panic. This has been fixed.
Enhancement:
It is now possible to change the 60 seconds timeout for SCSI task management commands within the range
from 5 to 180 seconds: modify the lpfc_task_mgmt_tmo parameter for the lpfc driver.
The system must be rebooted for this update to take effect.
Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/4848");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-6383");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2013-7263");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vendor_severity", value:"High");
script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/31");
script_set_attribute(attribute:"patch_publication_date", value:"2014/06/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-PAE");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-PAE-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-xen-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:3");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Miracle Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm2.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^3([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 3.x', 'MIRACLE LINUX ' + os_version);
if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);
var constraints = [
{
'release': '3',
'pkgs': [
{'reference':'kernel-2.6.18-371.3.AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-2.6.18-371.3.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-devel-2.6.18-371.3.AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-devel-2.6.18-371.3.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-headers-2.6.18-371.3.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-PAE-2.6.18-371.3.AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-PAE-devel-2.6.18-371.3.AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-xen-2.6.18-371.3.AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-xen-2.6.18-371.3.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-xen-devel-2.6.18-371.3.AXS3', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'kernel-xen-devel-2.6.18-371.3.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
]
}
];
var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');
var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
# Check that the target release is equal to the affected release
if (!empty_or_null(constraint['release'])){
if (constraint['release'] != os_release) continue;
}
if (!empty_or_null(constraint['sp'])){
if (constraint['sp'] != os_sp) continue;
}
foreach var pkg ( constraint['pkgs'] ) {
reference = NULL;
sp = NULL;
_cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
exists_check = NULL;
cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
## (no known rpm to check OR known rpm_exists)
(!exists_check || rpm_exists(rpm:exists_check)) &&
rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-PAE / kernel-PAE-devel / kernel-devel / etc');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
19 Jan 2026 00:00Current
7.6High risk
Vulners AI Score7.6
CVSS 27.8
EPSS0.011