Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

MiracleLinux 4 : kernel-2.6.32-642.4.2.el6 (AXSA:2016-679:07)

🗓️ 16 Jan 2026 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 2 Views

MiracleLinux 4 kernel update fixes CVE-2016-5696 and multiple kernel panics.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM
18 Jun 201801:34
ibm
IBM Security Bulletins		Security Bulletin: Vulnerability in Linux Kernel affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2016-5696)
29 Mar 202301:48
ibm
GithubExploit		Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Google Android
20 Aug 201623:28
githubexploit
GithubExploit		Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Google Android
23 Aug 201600:21
githubexploit
ATTACKERKB		CVE-2016-5389
13 Jul 201616:59
attackerkb
Amazon		Medium: kernel
1 Aug 201600:00
amazon
Tenable Nessus		Amazon Linux AMI : kernel (ALAS-2016-726)
2 Aug 201600:00
nessus
Tenable Nessus		Arista Networks EOS tcp_input Challenge ACKs Shared Counter Disclosure (SA0023)
28 Feb 201800:00
nessus
Tenable Nessus		CentOS 7 : kernel (CESA-2016:1633)
22 Aug 201600:00
nessus
Tenable Nessus		CentOS 6 : kernel (CESA-2016:1664)
25 Aug 201600:00
nessus
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2016-679:07.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(289490);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/19");

  script_cve_id("CVE-2016-5696");

  script_name(english:"MiracleLinux 4 : kernel-2.6.32-642.4.2.el6 (AXSA:2016-679:07)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the
AXSA:2016-679:07 advisory.

    The kernel package contains the Linux kernel (vmlinuz), the core of any
    Linux operating system.  The kernel handles the basic functions
    of the operating system: memory allocation, process allocation, device
    input and output, etc.
    Security issues fixed with this release:
    CVE-2016-5696
    net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK
    segments, which makes it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-
    window attack.
    Fixed bugs:
    * When loading the Direct Rendering Manager (DRM) kernel module, the kernel panicked if DRM was previously
    unloaded. The kernel panic was caused by a memory leak of the ID Resolver (IDR2). With this update, IDR2
    is loaded during kernel boot, and the kernel panic no longer occurs in the described scenario.
    * When more than one process attempted to use the configfs directory entry at the same time, a kernel
    panic in some cases occurred. With this update, a race condition between a directory entry and a lookup
    operation has been fixed. As a result, the kernel no longer panics in the described scenario.
    * When shutting down the system by running the halt -p command, a kernel panic occurred due to a conflict
    between the kernel offlining CPUs and the sched command, which used the sched group and the sched domain
    data without first checking the data. The underlying source code has been fixed by adding a check to avoid
    the conflict. As a result, the described scenario no longer results in a kernel panic.
    * In some cases, running the ipmitool command caused a kernel panic due to a race condition in the ipmi
    message handler. This update fixes the race condition, and the kernel panic no longer occurs in the
    described scenario.
    * Previously, multiple Very Secure FTP daemon (vsftpd) processes on a directory with a large number of
    files led to a high contention rate on each inode's spinlock, which caused excessive CPU usage. With this
    update, a spinlock to protect a single memory-to-memory copy has been removed from the ext4_getattr()
    function. As a result, system CPU usage has been reduced and is no longer excessive in the described
    situation.
    * When the gfs2_grow utility is used to extend Global File System 2 (GFS2), the next block allocation
    causes the GFS2 kernel module to re-read its resource group index. If multiple processes in the GFS2
    module raced to do the same thing, one process sometimes overwrote a valid object pointer with an invalid
    pointer, which caused either a kernel panic or a file system corruption. This update ensures that the
    resource group object pointer is not overwritten. As a result, neither kernel panic nor file system
    corruption occur in the described scenario.
    * Previously, the SCSI Remote Protocol over InfiniBand (IB-SRP) was disabled due to a bug in the
    srp_queue() function. As a consequence, an attempt to enable the Remote Direct Memory Access (RDMA) at
    boot caused the kernel to crash. With this update, srp_queue() has been fixed, and the system now boots as
    expected when RDMA is enabled.
    Enhancements:
    * This update optimizes the efficiency of the Transmission Control Protocol (TCP) when the peer is using a
    window under 537 bytes in size. As a result, devices that use maximum segment size (MSS) of 536 bytes or
    fewer will experience improved network performance.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/7111");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-5696");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/07/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/09/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-abi-whitelists");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-firmware");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:perf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:4");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 4.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '4',
    'pkgs': [
      {'reference':'kernel-2.6.32-642.4.2.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-2.6.32-642.4.2.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-abi-whitelists-2.6.32-642.4.2.el6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-debug-2.6.32-642.4.2.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-debug-2.6.32-642.4.2.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-debug-devel-2.6.32-642.4.2.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-debug-devel-2.6.32-642.4.2.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-devel-2.6.32-642.4.2.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-devel-2.6.32-642.4.2.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-firmware-2.6.32-642.4.2.el6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-headers-2.6.32-642.4.2.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-headers-2.6.32-642.4.2.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'perf-2.6.32-642.4.2.el6', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'perf-2.6.32-642.4.2.el6', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / kernel-debug-devel / etc');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
19 Jan 2026 00:00Current
7.2High risk
Vulners AI Score7.2
CVSS 34.8
CVSS 25.8
EPSS0.51991
tcp session hijackkernel panicsdrm moduleconfigfs racehalt shutdownipmi race
2