Lucene search
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20130305_KERNEL_ON_SL5_X.NASLHistoryMar 07, 2013 - 12:00 a.m.
Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20130305)
2013-03-0700:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
This update fixes the following security issues :
- Buffer overflow flaws were found in the udf_load_logicalvol() function in the Universal Disk Format (UDF) file system implementation in the Linux kernel. An attacker with physical access to a system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2012-3400, Low)
This update also fixes the following bugs :
-
Previously, race conditions could sometimes occur in interrupt handling on the Emulex BladeEngine 2 (BE2) controllers, causing the network adapter to become unresponsive. This update provides a series of patches for the be2net driver, which prevents the race from occurring. The network cards using BE2 chipsets no longer hang due to incorrectly handled interrupt events.
-
A boot-time memory allocation pool (the DMI heap) is used to keep the list of Desktop Management Interface (DMI) devices during the system boot. Previously, the size of the DMI heap was only 2048 bytes on the AMD64 and Intel 64 architectures and the DMI heap space could become easily depleted on some systems, such as the IBM System x3500 M2. A subsequent OOM failure could, under certain circumstances, lead to a NULL pointer entry being stored in the DMI device list. Consequently, scanning of such a corrupted DMI device list resulted in a kernel panic. The boot-time memory allocation pool for the AMD64 and Intel 64 architectures has been enlarged to 4096 bytes and the routines responsible for populating the DMI device list have been modified to skip entries if their name string is NULL. The kernel no longer panics in this scenario.
-
The size of the buffer used to print the kernel taint output on kernel panic was too small, which resulted in the kernel taint output not being printed completely sometimes. With this update, the size of the buffer has been adjusted and the kernel taint output is now displayed properly.
-
The code to print the kernel taint output contained a typographical error. Consequently, the kernel taint output, which is displayed on kernel panic, could not provide taint error messages for unsupported hardware.
This update fixes the typo and the kernel taint output is now displayed correctly.
The system must be rebooted for this update to take effect.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(65076);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2012-3400");
script_name(english:"Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20130305)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Scientific Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"This update fixes the following security issues :
- Buffer overflow flaws were found in the
udf_load_logicalvol() function in the Universal Disk
Format (UDF) file system implementation in the Linux
kernel. An attacker with physical access to a system
could use these flaws to cause a denial of service or
escalate their privileges. (CVE-2012-3400, Low)
This update also fixes the following bugs :
- Previously, race conditions could sometimes occur in
interrupt handling on the Emulex BladeEngine 2 (BE2)
controllers, causing the network adapter to become
unresponsive. This update provides a series of patches
for the be2net driver, which prevents the race from
occurring. The network cards using BE2 chipsets no
longer hang due to incorrectly handled interrupt events.
- A boot-time memory allocation pool (the DMI heap) is
used to keep the list of Desktop Management Interface
(DMI) devices during the system boot. Previously, the
size of the DMI heap was only 2048 bytes on the AMD64
and Intel 64 architectures and the DMI heap space could
become easily depleted on some systems, such as the IBM
System x3500 M2. A subsequent OOM failure could, under
certain circumstances, lead to a NULL pointer entry
being stored in the DMI device list. Consequently,
scanning of such a corrupted DMI device list resulted in
a kernel panic. The boot-time memory allocation pool for
the AMD64 and Intel 64 architectures has been enlarged
to 4096 bytes and the routines responsible for
populating the DMI device list have been modified to
skip entries if their name string is NULL. The kernel no
longer panics in this scenario.
- The size of the buffer used to print the kernel taint
output on kernel panic was too small, which resulted in
the kernel taint output not being printed completely
sometimes. With this update, the size of the buffer has
been adjusted and the kernel taint output is now
displayed properly.
- The code to print the kernel taint output contained a
typographical error. Consequently, the kernel taint
output, which is displayed on kernel panic, could not
provide taint error messages for unsupported hardware.
This update fixes the typo and the kernel taint output
is now displayed correctly.
The system must be rebooted for this update to take effect."
);
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind1303&L=scientific-linux-errata&T=0&P=2051
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?b3cb11f4"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-PAE");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-xen-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-xen-devel");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/03");
script_set_attribute(attribute:"patch_publication_date", value:"2013/03/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/07");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Scientific Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 5.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
flag = 0;
if (rpm_check(release:"SL5", reference:"kernel-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-PAE-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-PAE-debuginfo-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-PAE-devel-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-debug-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-debug-debuginfo-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-debug-devel-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-debuginfo-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-debuginfo-common-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-devel-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-doc-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-headers-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-xen-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-xen-debuginfo-2.6.18-348.2.1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-xen-devel-2.6.18-348.2.1.el5")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fermilab | scientific_linux | kernel | p-cpe:/a:fermilab:scientific_linux:kernel |
| fermilab | scientific_linux | kernel-pae | p-cpe:/a:fermilab:scientific_linux:kernel-pae |
| fermilab | scientific_linux | kernel-pae-debuginfo | p-cpe:/a:fermilab:scientific_linux:kernel-pae-debuginfo |
| fermilab | scientific_linux | kernel-pae-devel | p-cpe:/a:fermilab:scientific_linux:kernel-pae-devel |
| fermilab | scientific_linux | kernel-debug | p-cpe:/a:fermilab:scientific_linux:kernel-debug |
| fermilab | scientific_linux | kernel-debug-debuginfo | p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo |
| fermilab | scientific_linux | kernel-debug-devel | p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel |
| fermilab | scientific_linux | kernel-debuginfo | p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo |
| fermilab | scientific_linux | kernel-debuginfo-common | p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common |
| fermilab | scientific_linux | kernel-devel | p-cpe:/a:fermilab:scientific_linux:kernel-devel |
Related
openvas
openvas
RedHat Update for kernel RHSA-2013:0594-01
2013-03-08 00:00:00
Oracle: Security Advisory (ELSA-2013-0594)
2015-10-06 00:00:00
Oracle: Security Advisory (ELSA-2013-0594-1)
2015-10-06 00:00:00
nessus
nessus
Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerability (USN-1562-1)
2012-09-11 00:00:00
Oracle Linux 5 : kernel (ELSA-2013-0594-1)
2013-07-12 00:00:00
Oracle Linux 5 : kernel (ELSA-2013-0594)
2013-07-12 00:00:00
prion
prion
Heap overflow
2012-10-03 11:02:00
ubuntucve
ubuntucve
CVE-2012-3400
2012-07-09 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2013-03-05 00:00:00
1
2013-03-06 00:00:00
Unbreakable Enterprise kernel security update
2012-11-08 00:00:00
debiancve
debiancve
CVE-2012-3400
2012-10-03 11:02:00
redhat
redhat
(RHSA-2013:0594) Low: kernel security and bug fix update
2013-03-05 00:00:00
(RHSA-2012:1426) Moderate: kernel security and bug fix update
2012-11-06 00:00:00
(RHSA-2012:1491) Important: kernel-rt security and bug fix update
2012-12-04 00:00:00
ubuntu
ubuntu
Linux kernel (Natty backport) vulnerability
2012-09-10 00:00:00
Linux kernel vulnerability
2012-09-07 00:00:00
Linux kernel vulnerabilities
2012-09-05 00:00:00
cvelist
cvelist
CVE-2012-3400
2012-10-03 10:00:00
cve
cve
CVE-2012-3400
2012-10-03 11:02:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:41:22
centos
centos
kernel security update
2013-03-06 16:59:50
kernel, perf, python security update
2012-11-07 12:15:29
amazon
amazon
Medium: kernel
2012-11-20 06:34:00
securityvulns
securityvulns
[USN-1529-1] Linux kernel vulnerabilities
2012-08-13 00:00:00
Linux kernel multiple security vulnerabilities
2012-08-13 00:00:00
suse
suse
Security update for Linux kernel (important)
2012-10-24 09:08:54
kernel: security and bugfix update (important)
2013-03-05 18:04:24
Security update for Linux Kernel (important)
2015-04-30 21:04:52
Related for SL_20130305_KERNEL_ON_SL5_X.NASL