Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2011-0283.NASL
HistoryFeb 23, 2011 - 12:00 a.m.

RHEL 6 : kernel (RHSA-2011:0283)

2011-02-2300:00:00
This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
JSON

Updated kernel packages that fix three security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

This update fixes the following security issues :

  • A divide-by-zero flaw was found in the tcp_select_initial_window() function in the Linux kernel’s TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to trigger a denial of service by calling setsockopt() with certain options. (CVE-2010-4165, Moderate)

  • A use-after-free flaw in the mprotect() system call in the Linux kernel could allow a local, unprivileged user to cause a local denial of service. (CVE-2010-4169, Moderate)

  • A flaw was found in the Linux kernel execve() system call implementation. A local, unprivileged user could cause large amounts of memory to be allocated but not visible to the OOM (Out of Memory) killer, triggering a denial of service. (CVE-2010-4243, Moderate)

Red Hat would like to thank Steve Chen for reporting CVE-2010-4165, and Brad Spengler for reporting CVE-2010-4243.

This update also fixes several bugs and adds two enhancements.
Documentation for these bug fixes and enhancements will be available shortly from the Technical Notes document linked to in the References section.

Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs and add the enhancements noted in the Technical Notes. The system must be rebooted for this update to take effect.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2011:0283. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(52062);
  script_version("1.25");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2010-4165", "CVE-2010-4169", "CVE-2010-4243");
  script_bugtraq_id(44830, 44861, 45004);
  script_xref(name:"RHSA", value:"2011:0283");

  script_name(english:"RHEL 6 : kernel (RHSA-2011:0283)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated kernel packages that fix three security issues, several bugs,
and add two enhancements are now available for Red Hat Enterprise
Linux 6.

The Red Hat Security Response Team has rated this update as having
moderate security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues :

* A divide-by-zero flaw was found in the tcp_select_initial_window()
function in the Linux kernel's TCP/IP protocol suite implementation. A
local, unprivileged user could use this flaw to trigger a denial of
service by calling setsockopt() with certain options. (CVE-2010-4165,
Moderate)

* A use-after-free flaw in the mprotect() system call in the Linux
kernel could allow a local, unprivileged user to cause a local denial
of service. (CVE-2010-4169, Moderate)

* A flaw was found in the Linux kernel execve() system call
implementation. A local, unprivileged user could cause large amounts
of memory to be allocated but not visible to the OOM (Out of Memory)
killer, triggering a denial of service. (CVE-2010-4243, Moderate)

Red Hat would like to thank Steve Chen for reporting CVE-2010-4165,
and Brad Spengler for reporting CVE-2010-4243.

This update also fixes several bugs and adds two enhancements.
Documentation for these bug fixes and enhancements will be available
shortly from the Technical Notes document linked to in the References
section.

Users should upgrade to these updated packages, which contain
backported patches to correct these issues, and fix the bugs and add
the enhancements noted in the Technical Notes. The system must be
rebooted for this update to take effect."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2010-4165"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2010-4169"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2010-4243"
  );
  # http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?056c0c27"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2011:0283"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-firmware");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/11/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2011/02/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/02/23");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
include("ksplice.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

if (get_one_kb_item("Host/ksplice/kernel-cves"))
{
  rm_kb_item(name:"Host/uptrack-uname-r");
  cve_list = make_list("CVE-2010-4165", "CVE-2010-4169", "CVE-2010-4243");
  if (ksplice_cves_check(cve_list))
  {
    audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for RHSA-2011:0283");
  }
  else
  {
    __rpm_report = ksplice_reporting_text();
  }
}

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2011:0283";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL6", cpu:"i686", reference:"kernel-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"kernel-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"kernel-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"i686", reference:"kernel-debug-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"kernel-debug-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"kernel-debug-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"i686", reference:"kernel-debug-debuginfo-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"kernel-debug-debuginfo-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"kernel-debug-debuginfo-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"i686", reference:"kernel-debug-devel-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"kernel-debug-devel-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"kernel-debug-devel-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"i686", reference:"kernel-debuginfo-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"kernel-debuginfo-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"kernel-debuginfo-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"i686", reference:"kernel-debuginfo-common-i686-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"kernel-debuginfo-common-s390x-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"kernel-debuginfo-common-x86_64-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"i686", reference:"kernel-devel-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"kernel-devel-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"kernel-devel-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", reference:"kernel-doc-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", reference:"kernel-firmware-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"i686", reference:"kernel-headers-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"kernel-headers-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"kernel-headers-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"kernel-kdump-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"kernel-kdump-debuginfo-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"kernel-kdump-devel-2.6.32-71.18.1.el6")) flag++;

  if (rpm_check(release:"RHEL6", reference:"perf-2.6.32-71.18.1.el6")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxkernelp-cpe:/a:redhat:enterprise_linux:kernel
redhatenterprise_linuxkernel-debugp-cpe:/a:redhat:enterprise_linux:kernel-debug
redhatenterprise_linuxkernel-debug-debuginfop-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo
redhatenterprise_linuxkernel-debug-develp-cpe:/a:redhat:enterprise_linux:kernel-debug-devel
redhatenterprise_linuxkernel-debuginfop-cpe:/a:redhat:enterprise_linux:kernel-debuginfo
redhatenterprise_linuxkernel-debuginfo-common-i686p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686
redhatenterprise_linuxkernel-debuginfo-common-s390xp-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x
redhatenterprise_linuxkernel-debuginfo-common-x86_64p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64
redhatenterprise_linuxkernel-develp-cpe:/a:redhat:enterprise_linux:kernel-devel
redhatenterprise_linuxkernel-docp-cpe:/a:redhat:enterprise_linux:kernel-doc
Rows per page:
1-10 of 181

Related

openvas 51
oraclelinux 3
redhat 5
nessus 30
securityvulns 5
cve 3
prion 3
veracode 3
ubuntucve 3
packetstorm 3
seebug 6
exploitpack 2
exploitdb 2
ubuntu 13
suse 7
fedora 4
debian 1
osv 1
vmware 2
openvas
openvas
RedHat Update for kernel RHSA-2011:0283-01
2012-07-09 00:00:00
RedHat Update for kernel RHSA-2011:0283-01
2012-07-09 00:00:00
Oracle Linux Local Check: ELSA-2011-0283
2015-10-06 00:00:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2011-02-23 00:00:00
Oracle Linux 6 Unbreakable Enterprise kernel security fix update
2011-03-16 00:00:00
Oracle Linux 5.6 kernel security and bug fix update
2011-01-20 00:00:00
redhat
redhat
(RHSA-2011:0283) Moderate: kernel security, bug fix, and enhancement update
2011-02-22 00:00:00
(RHSA-2011:0017) Important: Red Hat Enterprise Linux 5.6 kernel security and bug fix update
2011-01-13 00:00:00
(RHSA-2011:0330) Important: kernel-rt security and bug fix update
2011-03-10 00:00:00
nessus
nessus
Scientific Linux Security Update : kernel on SL6.x i386/x86_64
2012-08-01 00:00:00
Oracle Linux 6 : kernel (ELSA-2011-0283)
2013-07-12 00:00:00
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2010)
2013-07-12 00:00:00
securityvulns
securityvulns
[USN-1054-1] Linux kernel vulnerabilities
2011-02-02 00:00:00
Linux kernel multiple security vulnerabilities
2011-02-02 00:00:00
Microsoft Security Bulletin MS10-071 - Critical Cumulative Security Update for Internet Explorer &#40;2360131&#41;
2010-10-13 00:00:00
cve
cve
CVE-2010-4169
2010-11-22 13:00:00
CVE-2010-4165
2010-11-22 13:00:00
CVE-2010-4243
2011-01-22 22:00:00
prion
prion
Design/Logic Flaw
2010-11-22 13:00:00
Design/Logic Flaw
2010-11-22 13:00:00
Sql injection
2011-01-22 22:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:55:17
Denial Of Service (DoS)
2020-04-10 00:58:27
Denial Of Service (DoS)
2020-04-10 00:55:43
ubuntucve
ubuntucve
CVE-2010-4169
2010-11-22 00:00:00
CVE-2010-4165
2010-11-22 00:00:00
CVE-2010-4243
2011-01-22 00:00:00
packetstorm
packetstorm
Linux Kernel 2.6 TCP_MAXSEG Denial Of Service
2011-03-10 00:00:00
Linux Kernel 2.6.37 Denial Of Service
2011-03-01 00:00:00
Ubuntu Security Notice USN-1202-1
2011-09-14 00:00:00
seebug
seebug
Linux Kernel &lt; 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS
2011-03-14 00:00:00
Linux Kernel <= 2.6.37 Local Kernel Denial of Service
2014-07-01 00:00:00
Linux Kernel TCP_MAXSEG本地拒绝服务漏洞
2010-11-17 00:00:00
exploitpack
exploitpack
Linux Kernel 2.6.37-rc2 - TCP_MAXSEG Kernel Panic (Denial of Service) (2)
2011-03-10 00:00:00
Linux Kernel 2.6.37 - Local Kernel Denial of Service (1)
2011-03-02 00:00:00
exploitdb
exploitdb
Linux Kernel &lt; 2.6.37-rc2 - &#039;TCP_MAXSEG&#039; Kernel Panic (Denial of Service) (2)
2011-03-10 00:00:00
Linux Kernel 2.6.37 - Local Kernel Denial of Service (1)
2011-03-02 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2011-02-01 00:00:00
Linux kernel vulnerabilities
2011-02-25 00:00:00
Linux kernel vulnerabilities
2011-08-09 00:00:00
suse
suse
local privilege escalation in kernel
2011-01-14 16:35:40
local privilege escalation, remote denial of in kernel
2011-01-03 15:33:10
potential local privilege escalation in kernel
2011-01-03 15:33:25
fedora
fedora
[SECURITY] Fedora 14 Update: kernel-2.6.35.11-83.fc14
2011-02-10 21:27:10
[SECURITY] Fedora 13 Update: kernel-2.6.34.8-68.fc13
2011-03-07 21:06:13
[SECURITY] Fedora 13 Update: kernel-2.6.34.9-69.fc13
2011-06-21 17:22:40
debian
debian
[SECURITY] [DSA 2153-1] linux-2.6 security update
2011-01-30 06:42:05
osv
osv
linux-2.6 - several issues
2011-01-30 00:00:00
vmware
vmware
VMware ESXi and ESX updates to third party libraries and ESX Service Console
2011-10-12 00:00:00
VMware ESX third party updates for Service Console packages glibc and dhcp
2011-10-12 00:00:00
JSON
Related for REDHAT-RHSA-2011-0283.NASL
openvas51oraclelinux3redhat5nessus30securityvulns5cve3prion3veracode3ubuntucve3packetstorm3seebug6exploitpack2exploitdb2ubuntu13suse7fedora4debian1osv1vmware2