Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20150210_KERNEL_ON_SL5_X.NASL
HistoryFeb 12, 2015 - 12:00 a.m.

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20150210)

2015-02-1200:00:00
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
JSON
  • A flaw was found in the way the Linux kernel’s splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system. (CVE-2014-7822, Moderate)

This update also fixes the following bugs :

  • Previously, hot-unplugging of a virtio-blk device could in some cases lead to a kernel panic, for example during in-flight I/O requests. This update fixes race condition in the hot-unplug code in the virtio_blk.ko module. As a result, hot unplugging of the virtio-blk device no longer causes the guest kernel oops when there are in-flight I/O requests.

  • Before this update, due to a bug in the error-handling path, a corrupted metadata block could be used as a valid block. With this update, the error handling path has been fixed and more checks have been added to verify the metadata block. Now, when a corrupted metadata block is encountered, it is properly marked as corrupted and handled accordingly.

  • Previously, an incorrectly initialized variable resulted in a random value being stored in the variable that holds the number of default ACLs, and is sent in the SET_PATH_INFO data structure. Consequently, the setfacl command could, under certain circumstances, fail with an ‘Invalid argument’ error. With this update, the variable is correctly initialized to zero, thus fixing the bug.

The system must be rebooted for this update to take effect.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(81308);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2014-7822");

  script_name(english:"Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20150210)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"  - A flaw was found in the way the Linux kernel's splice()
    system call validated its parameters. On certain file
    systems, a local, unprivileged user could use this flaw
    to write past the maximum file size, and thus crash the
    system. (CVE-2014-7822, Moderate)

This update also fixes the following bugs :

  - Previously, hot-unplugging of a virtio-blk device could
    in some cases lead to a kernel panic, for example during
    in-flight I/O requests. This update fixes race condition
    in the hot-unplug code in the virtio_blk.ko module. As a
    result, hot unplugging of the virtio-blk device no
    longer causes the guest kernel oops when there are
    in-flight I/O requests.

  - Before this update, due to a bug in the error-handling
    path, a corrupted metadata block could be used as a
    valid block. With this update, the error handling path
    has been fixed and more checks have been added to verify
    the metadata block. Now, when a corrupted metadata block
    is encountered, it is properly marked as corrupted and
    handled accordingly.

  - Previously, an incorrectly initialized variable resulted
    in a random value being stored in the variable that
    holds the number of default ACLs, and is sent in the
    SET_PATH_INFO data structure. Consequently, the setfacl
    command could, under certain circumstances, fail with an
    'Invalid argument' error. With this update, the variable
    is correctly initialized to zero, thus fixing the bug.

The system must be rebooted for this update to take effect."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1502&L=scientific-linux-errata&T=0&P=901
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?173e2366"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-PAE");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-xen-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-xen-devel");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/03/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/02/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/02/12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 5.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL5", reference:"kernel-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-PAE-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-PAE-debuginfo-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-PAE-devel-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-debug-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-debug-debuginfo-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-debug-devel-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-debuginfo-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-debuginfo-common-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-devel-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-doc-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-headers-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-xen-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-xen-debuginfo-2.6.18-402.el5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-xen-devel-2.6.18-402.el5")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc");
}
VendorProductVersionCPE
fermilabscientific_linuxkernelp-cpe:/a:fermilab:scientific_linux:kernel
fermilabscientific_linuxkernel-paep-cpe:/a:fermilab:scientific_linux:kernel-pae
fermilabscientific_linuxkernel-pae-debuginfop-cpe:/a:fermilab:scientific_linux:kernel-pae-debuginfo
fermilabscientific_linuxkernel-pae-develp-cpe:/a:fermilab:scientific_linux:kernel-pae-devel
fermilabscientific_linuxkernel-debugp-cpe:/a:fermilab:scientific_linux:kernel-debug
fermilabscientific_linuxkernel-debug-debuginfop-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo
fermilabscientific_linuxkernel-debug-develp-cpe:/a:fermilab:scientific_linux:kernel-debug-devel
fermilabscientific_linuxkernel-debuginfop-cpe:/a:fermilab:scientific_linux:kernel-debuginfo
fermilabscientific_linuxkernel-debuginfo-commonp-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common
fermilabscientific_linuxkernel-develp-cpe:/a:fermilab:scientific_linux:kernel-devel
Rows per page:
1-10 of 161

Related

f5 2
nessus 28
prion 1
cve 1
oraclelinux 5
debiancve 1
openvas 25
exploitpack 1
centos 3
veracode 4
redhat 4
ubuntucve 1
exploitdb 1
amazon 1
suse 6
ubuntu 4
ibm 1
osv 2
securityvulns 2
debian 2
lenovo 1
f5
f5
SOL17237 - Linux kernel vulnerability CVE-2014-7822
2015-09-08 00:00:00
K17237 : Linux kernel vulnerability CVE-2014-7822
2015-09-08 00:00:00
nessus
nessus
Oracle Linux 5 : ELSA-2015-0164-1: / kernel (ELSA-2015-01641)
2023-09-07 00:00:00
CentOS 5 : kernel (CESA-2015:0164)
2015-02-11 00:00:00
F5 Networks BIG-IP : Linux kernel vulnerability (SOL17237)
2015-09-09 00:00:00
prion
prion
Information disclosure
2015-03-16 10:59:00
cve
cve
CVE-2014-7822
2015-03-16 10:59:00
oraclelinux
oraclelinux
kernel security and bug fix update
2015-02-11 00:00:00
kernel security and bug fix update
2015-02-11 00:00:00
kernel security and bug fix update
2015-03-11 00:00:00
debiancve
debiancve
CVE-2014-7822
2015-03-16 10:59:00
openvas
openvas
RedHat Update for kernel RHSA-2015:0164-01
2015-02-11 00:00:00
CentOS Update for kernel CESA-2015:0164 centos5
2015-02-12 00:00:00
Oracle: Security Advisory (ELSA-2015-0164-1)
2015-10-06 00:00:00
exploitpack
exploitpack
Linux Kernel 3.133.14 (Ubuntu) - splice() System Call Local Denial of Service
2015-04-13 00:00:00
centos
centos
kernel security update
2015-02-11 05:47:40
kernel, perf, python security update
2015-03-12 15:31:30
kernel, perf, python security update
2015-01-29 23:49:27
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:04:29
Denial Of Service (DoS)
2019-05-02 05:12:38
Denial Of Service (DoS)
2019-05-02 05:12:38
redhat
redhat
(RHSA-2015:0164) Moderate: kernel security and bug fix update
2015-02-10 00:00:00
(RHSA-2015:0694) Important: kernel-rt security, bug fix, and enhancement update
2015-03-17 00:00:00
(RHSA-2015:0674) Important: kernel security and bug fix update
2015-03-11 00:00:00
ubuntucve
ubuntucve
CVE-2014-7822
2015-03-16 00:00:00
exploitdb
exploitdb
Linux Kernel 3.13/3.14 (Ubuntu) - &#039;splice()&#039; System Call Local Denial of Service
2015-04-13 00:00:00
amazon
amazon
Medium: kernel
2015-02-11 19:34:00
suse
suse
Security update for the Linux Kernel (important)
2015-03-18 22:04:55
Live patch for the Linux Kernel (important)
2015-09-04 12:11:01
Security update for the Linux Kernel (important)
2015-04-13 14:17:21
ubuntu
ubuntu
Linux kernel (Trusty HWE) vulnerabilities
2015-03-24 00:00:00
Linux kernel (OMAP4) vulnerabilities
2015-03-24 00:00:00
Linux kernel vulnerabilities
2015-03-24 00:00:00
ibm
ibm
Security Bulletin: Multiple Kernel vulnerabilities affect PowerKVM (Multiple CVEs)
2018-06-18 01:28:02
osv
osv
linux-2.6 - security update
2015-02-18 00:00:00
linux - security update
2015-02-23 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3170-1] linux security update
2015-03-07 00:00:00
Linux kernel multiple security vulnerabilities
2015-03-15 00:00:00
debian
debian
[SECURITY] [DSA 3170-1] linux security update
2015-02-23 17:42:49
[SECURITY] [DLA 155-1] linux-2.6 security update
2015-02-18 23:22:13
lenovo
lenovo
AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US
2020-04-13 19:22:04
JSON
Related for SL_20150210_KERNEL_ON_SL5_X.NASL
f52nessus28prion1cve1oraclelinux5debiancve1openvas25exploitpack1centos3veracode4redhat4ubuntucve1exploitdb1amazon1suse6ubuntu4ibm1osv2securityvulns2debian2lenovo1