Lucene search
RedHat Update for kernel RHSA-2013:0223-01
🗓️ 08 Feb 2013 00:00:00Reported by Copyright (C) 2013 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 30 Views
The kernel packages contain the Linux kernel, the core of any Linux operating system. Update fixes deadlock, KVM subsystem flaw, and memory disclosure. Users should upgrade to the updated packages and reboot the system
Show more
| Reporter | Title | Published | Views | Family All 199 |
|---|---|---|---|---|
| CentOS Update for kernel CESA-2013:0223 centos6 | 8 Feb 201300:00 | – | openvas |
| RedHat Update for kernel RHSA-2013:0223-01 | 8 Feb 201300:00 | – | openvas |
| CentOS Update for kernel CESA-2013:0223 centos6 | 8 Feb 201300:00 | – | openvas |
| Oracle: Security Advisory (ELSA-2013-0223) | 6 Oct 201500:00 | – | openvas |
| Amazon Linux: Security Advisory (ALAS-2013-166) | 8 Sep 201500:00 | – | openvas |
| Ubuntu Update for linux USN-1689-1 | 15 Jan 201300:00 | – | openvas |
| Ubuntu: Security Advisory (USN-1689-1) | 15 Jan 201300:00 | – | openvas |
| Ubuntu: Security Advisory (USN-1688-1) | 15 Jan 201300:00 | – | openvas |
| Ubuntu Update for linux-lts-backport-oneiric USN-1688-1 | 15 Jan 201300:00 | – | openvas |
| Ubuntu Update for linux USN-1699-2 | 4 Feb 201300:00 | – | openvas |
10
# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_tag(name:"affected", value:"kernel on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)");
script_tag(name:"solution", value:"Please Install the Updated Packages.");
script_tag(name:"insight", value:"The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
* It was found that a deadlock could occur in the Out of Memory (OOM)
killer. A process could trigger this deadlock by consuming a large amount
of memory, and then causing request_module() to be called. A local,
unprivileged user could use this flaw to cause a denial of service
(excessive memory consumption). (CVE-2012-4398, Moderate)
* A flaw was found in the way the KVM (Kernel-based Virtual Machine)
subsystem handled guests attempting to run with the X86_CR4_OSXSAVE CPU
feature flag set. On hosts without the XSAVE CPU feature, a local,
unprivileged user could use this flaw to crash the host system. (The
'grep --color xsave /proc/cpuinfo' command can be used to verify if your
system has the XSAVE CPU feature.) (CVE-2012-4461, Moderate)
* A memory disclosure flaw was found in the way the load_script() function
in the binfmt_script binary format handler handled excessive recursions. A
local, unprivileged user could use this flaw to leak kernel stack memory to
user-space by executing specially-crafted scripts. (CVE-2012-4530, Low)
Red Hat would like to thank Tetsuo Handa for reporting CVE-2012-4398, and
Jon Howell for reporting CVE-2012-4461.
This update also fixes several bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.
Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs noted in the Technical
Notes. The system must be rebooted for this update to take effect.");
script_xref(name:"URL", value:"https://www.redhat.com/archives/rhsa-announce/2013-February/msg00010.html");
script_oid("1.3.6.1.4.1.25623.1.0.870903");
script_version("2024-03-21T05:06:54+0000");
script_tag(name:"last_modification", value:"2024-03-21 05:06:54 +0000 (Thu, 21 Mar 2024)");
script_tag(name:"creation_date", value:"2013-02-08 10:15:50 +0530 (Fri, 08 Feb 2013)");
script_cve_id("CVE-2012-4398", "CVE-2012-4461", "CVE-2012-4530");
script_tag(name:"cvss_base", value:"4.9");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name:"RHSA", value:"2013:0223-01");
script_name("RedHat Update for kernel RHSA-2013:0223-01");
script_tag(name:"summary", value:"The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2013 Greenbone AG");
script_family("Red Hat Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms", re:"ssh/login/release=RHENT_6");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release) exit(0);
res = "";
if(release == "RHENT_6")
{
if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debuginfo-common-i686", rpm:"kernel-debuginfo-common-i686~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"perf", rpm:"perf~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"perf-debuginfo", rpm:"perf-debuginfo~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"python-perf-debuginfo", rpm:"python-perf-debuginfo~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debuginfo-common-x86_64", rpm:"kernel-debuginfo-common-x86_64~2.6.32~279.22.1.el6", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo08 Feb 2013 00:00Current
6.9Medium risk
Vulners AI Score6.9
CVSS24.9
EPSS0.00362