Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2013-1166.NASL
HistoryAug 23, 2013 - 12:00 a.m.

Oracle Linux 5 : kernel (ELSA-2013-1166)

2013-08-2300:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
JSON

From Red Hat Security Advisory 2013:1166 :

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

This update fixes the following security issues :

  • A flaw was found in the way the Linux kernel’s Stream Control Transmission Protocol (SCTP) implementation handled duplicate cookies.
    If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash. (CVE-2013-2206, Important)

  • It was found that the fix for CVE-2012-3552 released via RHSA-2012:1540 introduced an invalid free flaw in the Linux kernel’s TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to corrupt kernel memory via crafted sendmsg() calls, allowing them to cause a denial of service or, potentially, escalate their privileges on the system. (CVE-2013-2224, Important)

  • An invalid pointer dereference flaw was found in the Linux kernel’s TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system by using sendmsg() with an IPv6 socket connected to an IPv4 destination. (CVE-2013-2232, Moderate)

  • Information leak flaws in the Linux kernel could allow a privileged, local user to leak kernel memory to user-space. (CVE-2013-2164, CVE-2013-2147, CVE-2013-2234, CVE-2013-2237, Low)

This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.

Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2013:1166 and 
# Oracle Linux Security Advisory ELSA-2013-1166 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(69456);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/08/24");

  script_cve_id("CVE-2013-2147", "CVE-2013-2164", "CVE-2013-2206", "CVE-2013-2224", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2237");
  script_bugtraq_id(60280, 60375, 60715, 60858, 60874, 60893, 60953);
  script_xref(name:"RHSA", value:"2013:1166");

  script_name(english:"Oracle Linux 5 : kernel (ELSA-2013-1166)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Oracle Linux host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"From Red Hat Security Advisory 2013:1166 :

Updated kernel packages that fix multiple security issues and several
bugs are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues :

* A flaw was found in the way the Linux kernel's Stream Control
Transmission Protocol (SCTP) implementation handled duplicate cookies.
If a local user queried SCTP connection information at the same time a
remote attacker has initialized a crafted SCTP connection to the
system, it could trigger a NULL pointer dereference, causing the
system to crash. (CVE-2013-2206, Important)

* It was found that the fix for CVE-2012-3552 released via
RHSA-2012:1540 introduced an invalid free flaw in the Linux kernel's
TCP/IP protocol suite implementation. A local, unprivileged user could
use this flaw to corrupt kernel memory via crafted sendmsg() calls,
allowing them to cause a denial of service or, potentially, escalate
their privileges on the system. (CVE-2013-2224, Important)

* An invalid pointer dereference flaw was found in the Linux kernel's
TCP/IP protocol suite implementation. A local, unprivileged user could
use this flaw to crash the system or, potentially, escalate their
privileges on the system by using sendmsg() with an IPv6 socket
connected to an IPv4 destination. (CVE-2013-2232, Moderate)

* Information leak flaws in the Linux kernel could allow a privileged,
local user to leak kernel memory to user-space. (CVE-2013-2164,
CVE-2013-2147, CVE-2013-2234, CVE-2013-2237, Low)

This update also fixes several bugs. Documentation for these changes
will be available shortly from the Technical Notes document linked to
in the References section.

Users should upgrade to these updated packages, which contain
backported patches to correct these issues. The system must be
rebooted for this update to take effect."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/el-errata/2013-August/003637.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected kernel packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-PAE");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-PAE-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-xen-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/06/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/08/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/08/23");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Oracle Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
include("ksplice.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5", "Oracle Linux " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);

if (get_one_kb_item("Host/ksplice/kernel-cves"))
{
  cve_list = make_list("CVE-2013-2147", "CVE-2013-2164", "CVE-2013-2206", "CVE-2013-2224", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2237");  
  if (ksplice_cves_check(cve_list))
  {
    audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for ELSA-2013-1166");
  }
  else
  {
    __rpm_report = ksplice_reporting_text();
  }
}

kernel_major_minor = get_kb_item("Host/uname/major_minor");
if (empty_or_null(kernel_major_minor)) exit(1, "Unable to determine kernel major-minor level.");
expected_kernel_major_minor = "2.6";
if (kernel_major_minor != expected_kernel_major_minor)
  audit(AUDIT_OS_NOT, "running kernel level " + expected_kernel_major_minor + ", it is running kernel level " + kernel_major_minor);

flag = 0;
if (rpm_exists(release:"EL5", rpm:"kernel-2.6.18") && rpm_check(release:"EL5", reference:"kernel-2.6.18-348.16.1.el5")) flag++;
if (rpm_exists(release:"EL5", rpm:"kernel-PAE-2.6.18") && rpm_check(release:"EL5", cpu:"i386", reference:"kernel-PAE-2.6.18-348.16.1.el5")) flag++;
if (rpm_exists(release:"EL5", rpm:"kernel-PAE-devel-2.6.18") && rpm_check(release:"EL5", cpu:"i386", reference:"kernel-PAE-devel-2.6.18-348.16.1.el5")) flag++;
if (rpm_exists(release:"EL5", rpm:"kernel-debug-2.6.18") && rpm_check(release:"EL5", reference:"kernel-debug-2.6.18-348.16.1.el5")) flag++;
if (rpm_exists(release:"EL5", rpm:"kernel-debug-devel-2.6.18") && rpm_check(release:"EL5", reference:"kernel-debug-devel-2.6.18-348.16.1.el5")) flag++;
if (rpm_exists(release:"EL5", rpm:"kernel-devel-2.6.18") && rpm_check(release:"EL5", reference:"kernel-devel-2.6.18-348.16.1.el5")) flag++;
if (rpm_exists(release:"EL5", rpm:"kernel-doc-2.6.18") && rpm_check(release:"EL5", reference:"kernel-doc-2.6.18-348.16.1.el5")) flag++;
if (rpm_exists(release:"EL5", rpm:"kernel-headers-2.6.18") && rpm_check(release:"EL5", reference:"kernel-headers-2.6.18-348.16.1.el5")) flag++;
if (rpm_exists(release:"EL5", rpm:"kernel-xen-2.6.18") && rpm_check(release:"EL5", reference:"kernel-xen-2.6.18-348.16.1.el5")) flag++;
if (rpm_exists(release:"EL5", rpm:"kernel-xen-devel-2.6.18") && rpm_check(release:"EL5", reference:"kernel-xen-devel-2.6.18-348.16.1.el5")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "affected kernel");
}
VendorProductVersionCPE
oraclelinuxkernelp-cpe:/a:oracle:linux:kernel
oraclelinuxkernel-paep-cpe:/a:oracle:linux:kernel-pae
oraclelinuxkernel-pae-develp-cpe:/a:oracle:linux:kernel-pae-devel
oraclelinuxkernel-debugp-cpe:/a:oracle:linux:kernel-debug
oraclelinuxkernel-debug-develp-cpe:/a:oracle:linux:kernel-debug-devel
oraclelinuxkernel-develp-cpe:/a:oracle:linux:kernel-devel
oraclelinuxkernel-docp-cpe:/a:oracle:linux:kernel-doc
oraclelinuxkernel-headersp-cpe:/a:oracle:linux:kernel-headers
oraclelinuxkernel-xenp-cpe:/a:oracle:linux:kernel-xen
oraclelinuxkernel-xen-develp-cpe:/a:oracle:linux:kernel-xen-devel
Rows per page:
1-10 of 111

Related

openvas 61
nessus 39
redhat 6
centos 2
oraclelinux 7
vmware 1
ubuntu 14
cve 8
prion 8
debiancve 8
ubuntucve 8
altlinux 2
osv 2
debian 2
mageia 7
fedora 5
securityvulns 1
veracode 10
suse 6
checkpoint_advisories 1
f5 1
openvas
openvas
CentOS Update for kernel CESA-2013:1166 centos5
2013-08-27 00:00:00
RedHat Update for kernel RHSA-2013:1166-01
2013-09-06 00:00:00
CentOS Update for kernel CESA-2013:1166 centos5
2013-08-27 00:00:00
nessus
nessus
Oracle Linux 5 : kernel (ELSA-2013-1166-1)
2013-08-23 00:00:00
Oracle Linux 5 : ELSA-2013-1166-1: / kernel (ELSA-2013-11661)
2023-09-07 00:00:00
Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20130820)
2013-08-22 00:00:00
redhat
redhat
(RHSA-2013:1166) Important: kernel security and bug fix update
2013-08-20 00:00:00
(RHSA-2013:1173) Important: kernel security and bug fix update
2013-08-27 00:00:00
(RHSA-2013:1195) Important: kernel security and bug fix update
2013-09-03 00:00:00
centos
centos
kernel security update
2013-08-21 14:07:08
kernel, perf, python security update
2013-08-28 19:03:34
oraclelinux
oraclelinux
kernel security and bug fix update
2013-08-21 00:00:00
kernel security and bug fix update
2013-08-21 00:00:00
kernel security and bug fix update
2013-08-27 00:00:00
vmware
vmware
VMware ESX updates to third party libraries
2013-12-05 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2013-07-29 00:00:00
Linux kernel (EC2) vulnerabilities
2013-07-29 00:00:00
Linux kernel (OMAP4) vulnerabilities
2013-09-06 00:00:00
cve
cve
CVE-2013-2224
2013-07-04 21:55:00
CVE-2013-2206
2013-07-04 21:55:00
CVE-2012-3552
2012-10-03 11:02:00
prion
prion
Design/Logic Flaw
2013-07-04 21:55:00
Design/Logic Flaw
2013-06-07 14:03:00
Null pointer dereference
2013-07-04 21:55:00
debiancve
debiancve
CVE-2013-2224
2013-07-04 21:55:00
CVE-2013-2147
2013-06-07 14:03:00
CVE-2013-2234
2013-07-04 21:55:00
ubuntucve
ubuntucve
CVE-2013-2224
2013-07-04 00:00:00
CVE-2013-2147
2013-06-07 00:00:00
CVE-2012-3552
2012-10-03 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt11
2013-08-30 00:00:00
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt8
2013-07-02 00:00:00
osv
osv
linux-2.6 - several
2013-09-27 00:00:00
linux - several
2013-08-28 00:00:00
debian
debian
[SECURITY] [DSA 2766-1] linux-2.6 security update
2013-09-27 23:24:02
[SECURITY] [DSA 2745-1] linux security update
2013-08-29 05:07:31
mageia
mageia
Updated kernel packages fix multiple security vulnerabilities
2013-07-06 18:25:03
Updated kernel-vserver package fixes security issues
2013-07-16 11:34:52
Updated kernel-rt package fixes security issues.
2013-07-16 12:08:34
fedora
fedora
[SECURITY] Fedora 19 Update: kernel-3.9.9-302.fc19
2013-07-14 03:30:56
[SECURITY] Fedora 19 Update: kernel-3.10.3-300.fc19
2013-07-26 22:59:37
[SECURITY] Fedora 19 Update: kernel-3.9.5-301.fc19
2013-06-14 04:52:17
securityvulns
securityvulns
[ MDVSA-2013:194 ] kernel
2013-07-15 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 04:52:18
Denial Of Service (DoS)
2019-05-02 04:52:19
Denial Of Service (DoS)
2019-05-02 04:52:18
suse
suse
Security update for Linux kernel (important)
2013-09-21 01:04:16
Security update for Linux kernel (important)
2013-09-21 00:04:17
Security update for Real Time Linux Kernel (important)
2013-11-22 05:04:54
checkpoint_advisories
checkpoint_advisories
Linux Kernel SCTP Duplicate Cookie Handling Denial of Service (CVE-2013-2206)
2013-11-18 00:00:00
f5
f5
K72453266 : Linux kernel vulnerability CVE-2013-2164
2018-09-26 00:00:00
JSON
Related for ORACLELINUX_ELSA-2013-1166.NASL
openvas61nessus39redhat6centos2oraclelinux7vmware1ubuntu14cve8prion8debiancve8ubuntucve8altlinux2osv2debian2mageia7fedora5securityvulns1veracode10suse6checkpoint_advisories1f51