Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20130827_KERNEL_ON_SL6_X.NASL
HistoryAug 29, 2013 - 12:00 a.m.

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20130827)

2013-08-2900:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
25
JSON

This update fixes the following security issues :

  • A flaw was found in the way the Linux kernel’s Stream Control Transmission Protocol (SCTP) implementation handled duplicate cookies. If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash. (CVE-2013-2206, Important)

  • It was found that the fix for CVE-2012-3552 released via SLSA-2012:1304 introduced an invalid free flaw in the Linux kernel’s TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to corrupt kernel memory via crafted sendmsg() calls, allowing them to cause a denial of service or, potentially, escalate their privileges on the system. (CVE-2013-2224, Important)

  • A flaw was found in the Linux kernel’s Performance Events implementation. On systems with certain Intel processors, a local, unprivileged user could use this flaw to cause a denial of service by leveraging the perf subsystem to write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1 model-specific registers. (CVE-2013-2146, Moderate)

  • An invalid pointer dereference flaw was found in the Linux kernel’s TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system by using sendmsg() with an IPv6 socket connected to an IPv4 destination. (CVE-2013-2232, Moderate)

  • Information leak flaws in the Linux kernel’s Bluetooth implementation could allow a local, unprivileged user to leak kernel memory to user- space. (CVE-2012-6544, Low)

  • An information leak flaw in the Linux kernel could allow a privileged, local user to leak kernel memory to user-space. (CVE-2013-2237, Low)

The system must be rebooted for this update to take effect.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(69503);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2012-3552", "CVE-2012-6544", "CVE-2013-2146", "CVE-2013-2206", "CVE-2013-2224", "CVE-2013-2232", "CVE-2013-2237");

  script_name(english:"Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20130827)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis",
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description",
    value:
"This update fixes the following security issues :

  - A flaw was found in the way the Linux kernel's Stream
    Control Transmission Protocol (SCTP) implementation
    handled duplicate cookies. If a local user queried SCTP
    connection information at the same time a remote
    attacker has initialized a crafted SCTP connection to
    the system, it could trigger a NULL pointer dereference,
    causing the system to crash. (CVE-2013-2206, Important)

  - It was found that the fix for CVE-2012-3552 released via
    SLSA-2012:1304 introduced an invalid free flaw in the
    Linux kernel's TCP/IP protocol suite implementation. A
    local, unprivileged user could use this flaw to corrupt
    kernel memory via crafted sendmsg() calls, allowing them
    to cause a denial of service or, potentially, escalate
    their privileges on the system. (CVE-2013-2224,
    Important)

  - A flaw was found in the Linux kernel's Performance
    Events implementation. On systems with certain Intel
    processors, a local, unprivileged user could use this
    flaw to cause a denial of service by leveraging the perf
    subsystem to write into the reserved bits of the
    OFFCORE_RSP_0 and OFFCORE_RSP_1 model-specific
    registers. (CVE-2013-2146, Moderate)

  - An invalid pointer dereference flaw was found in the
    Linux kernel's TCP/IP protocol suite implementation. A
    local, unprivileged user could use this flaw to crash
    the system or, potentially, escalate their privileges on
    the system by using sendmsg() with an IPv6 socket
    connected to an IPv4 destination. (CVE-2013-2232,
    Moderate)

  - Information leak flaws in the Linux kernel's Bluetooth
    implementation could allow a local, unprivileged user to
    leak kernel memory to user- space. (CVE-2012-6544, Low)

  - An information leak flaw in the Linux kernel could allow
    a privileged, local user to leak kernel memory to
    user-space. (CVE-2013-2237, Low)

The system must be rebooted for this update to take effect."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1308&L=scientific-linux-errata&T=0&P=1468
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?cf91b714"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-i686");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-firmware");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:python-perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/03");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/08/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/08/29");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL6", reference:"kernel-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", reference:"kernel-debug-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", reference:"kernel-debug-debuginfo-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", reference:"kernel-debug-devel-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", reference:"kernel-debuginfo-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", cpu:"i386", reference:"kernel-debuginfo-common-i686-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", cpu:"x86_64", reference:"kernel-debuginfo-common-x86_64-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", reference:"kernel-devel-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", reference:"kernel-doc-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", reference:"kernel-firmware-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", reference:"kernel-headers-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", reference:"perf-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", reference:"perf-debuginfo-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", reference:"python-perf-2.6.32-358.18.1.el6")) flag++;
if (rpm_check(release:"SL6", reference:"python-perf-debuginfo-2.6.32-358.18.1.el6")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc");
}
VendorProductVersionCPE
fermilabscientific_linuxkernelp-cpe:/a:fermilab:scientific_linux:kernel
fermilabscientific_linuxkernel-debugp-cpe:/a:fermilab:scientific_linux:kernel-debug
fermilabscientific_linuxkernel-debug-debuginfop-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo
fermilabscientific_linuxkernel-debug-develp-cpe:/a:fermilab:scientific_linux:kernel-debug-devel
fermilabscientific_linuxkernel-debuginfop-cpe:/a:fermilab:scientific_linux:kernel-debuginfo
fermilabscientific_linuxkernel-debuginfo-common-i686p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-i686
fermilabscientific_linuxkernel-debuginfo-common-x86_64p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64
fermilabscientific_linuxkernel-develp-cpe:/a:fermilab:scientific_linux:kernel-devel
fermilabscientific_linuxkernel-docp-cpe:/a:fermilab:scientific_linux:kernel-doc
fermilabscientific_linuxkernel-firmwarep-cpe:/a:fermilab:scientific_linux:kernel-firmware
Rows per page:
1-10 of 161

Related

openvas 60
nessus 44
centos 4
redhat 8
oraclelinux 9
altlinux 2
cve 7
prion 7
debiancve 7
ubuntucve 7
vmware 1
veracode 11
ubuntu 9
suse 6
checkpoint_advisories 1
mageia 7
debian 2
osv 2
fedora 2
securityvulns 2
amazon 1
openvas
openvas
RedHat Update for kernel RHSA-2013:1173-01
2013-09-02 00:00:00
CentOS Update for kernel CESA-2013:1173 centos6
2013-09-02 00:00:00
RedHat Update for kernel RHSA-2013:1173-01
2013-09-02 00:00:00
nessus
nessus
CentOS 6 : kernel (CESA-2013:1173)
2013-08-29 00:00:00
Oracle Linux 6 : kernel (ELSA-2013-1173)
2013-08-28 00:00:00
RHEL 6 : kernel (RHSA-2013:1173)
2013-08-28 00:00:00
centos
centos
kernel, perf, python security update
2013-08-28 19:03:34
kernel security update
2013-08-21 14:07:08
kernel, perf, python security update
2012-09-26 01:59:30
redhat
redhat
(RHSA-2013:1173) Important: kernel security and bug fix update
2013-08-27 00:00:00
(RHSA-2013:1195) Important: kernel security and bug fix update
2013-09-03 00:00:00
(RHSA-2013:1166) Important: kernel security and bug fix update
2013-08-20 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2013-08-27 00:00:00
unbreakable enterprise kernel security update
2013-08-28 00:00:00
unbreakable enterprise kernel security update
2013-08-28 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt11
2013-08-30 00:00:00
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt8
2013-07-02 00:00:00
cve
cve
CVE-2013-2224
2013-07-04 21:55:00
CVE-2012-6544
2013-03-15 20:55:00
CVE-2013-2146
2013-06-07 14:03:00
prion
prion
Design/Logic Flaw
2013-07-04 21:55:00
Information disclosure
2013-03-15 20:55:00
Design/Logic Flaw
2013-06-07 14:03:00
debiancve
debiancve
CVE-2013-2224
2013-07-04 21:55:00
CVE-2012-6544
2013-03-15 20:55:00
CVE-2013-2146
2013-06-07 14:03:00
ubuntucve
ubuntucve
CVE-2013-2224
2013-07-04 00:00:00
CVE-2012-6544
2013-03-07 00:00:00
CVE-2013-2146
2013-06-05 00:00:00
vmware
vmware
VMware ESX updates to third party libraries
2013-12-05 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:52:18
Information Disclosure
2019-05-02 04:52:18
Denial Of Service (DoS)
2019-05-02 04:52:19
ubuntu
ubuntu
Linux kernel vulnerabilities
2013-07-29 00:00:00
Linux kernel (EC2) vulnerabilities
2013-07-29 00:00:00
Linux kernel vulnerability
2013-10-22 00:00:00
suse
suse
Security update for Real Time Linux Kernel (important)
2013-11-22 05:04:54
Security update for Real Time Linux Kernel (important)
2013-11-22 08:04:29
Security update for Linux Kernel (important)
2013-11-22 08:04:16
checkpoint_advisories
checkpoint_advisories
Linux Kernel SCTP Duplicate Cookie Handling Denial of Service (CVE-2013-2206)
2013-11-18 00:00:00
mageia
mageia
Updated kernel packages fix multiple security vulnerabilities
2013-07-09 21:56:42
Updated kernel packages fix multiple security vulnerabilities
2013-07-06 18:25:03
Updated kernel-vserver package fixes security issues
2013-07-16 11:34:52
debian
debian
[SECURITY] [DSA 2766-1] linux-2.6 security update
2013-09-27 23:24:02
[SECURITY] [DSA 2745-1] linux security update
2013-08-29 05:07:31
osv
osv
linux-2.6 - several
2013-09-27 00:00:00
linux - several
2013-08-28 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: kernel-3.9.9-302.fc19
2013-07-14 03:30:56
[SECURITY] Fedora 19 Update: kernel-3.10.3-300.fc19
2013-07-26 22:59:37
securityvulns
securityvulns
[USN-1939-1] Linux kernel vulnerabilities
2013-09-09 00:00:00
[ MDVSA-2013:194 ] kernel
2013-07-15 00:00:00
amazon
amazon
Medium: kernel
2012-10-08 10:43:00
JSON
Related for SL_20130827_KERNEL_ON_SL6_X.NASL
openvas60nessus44centos4redhat8oraclelinux9altlinux2cve7prion7debiancve7ubuntucve7vmware1veracode11ubuntu9suse6checkpoint_advisories1mageia7debian2osv2fedora2securityvulns2amazon1