Lucene search
CentOS Update for kernel CESA-2012:0480 centos5
ποΈΒ 30 Jul 2012Β 00:00:00Reported byΒ Copyright (C) 2012 Greenbone AGTypeΒ 
Β openvasπΒ plugins.openvas.orgπΒ 28Β Views
CentOS Update for kernel CESA-2012:048
Show more
| Reporter | Title | Published | Views | Family All 38 |
|---|---|---|---|---|
 | Oracle Linux 5 : kernel (ELSA-2012-0480) | 12 Jul 201300:00 | β | nessus |
| CentOS 5 : kernel (CESA-2012:0480) | 19 Apr 201200:00 | β | nessus |
| Oracle Linux 5 : kernel (ELSA-2012-0480-1) | 12 Jul 201300:00 | β | nessus |
| Oracle Linux 5 : ELSA-2012-0480-1: / kernel (ELSA-2012-04801) | 7 Sep 202300:00 | β | nessus |
| RHEL 5 : kernel (RHSA-2012:0480) | 18 Apr 201200:00 | β | nessus |
| Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20120417) | 1 Aug 201200:00 | β | nessus |
| RHEL 5 : kernel (RHSA-2012:0720) | 24 Jan 201300:00 | β | nessus |
| RHEL 5 : rhev-hypervisor5 (RHSA-2012:0488) | 17 Nov 201400:00 | β | nessus |
| VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0013) (remote check) | 29 Feb 201600:00 | β | nessus |
| VMSA-2012-0013 : VMware vSphere and vCOps updates to third-party libraries | 31 Aug 201200:00 | β | nessus |
10
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2012-April/018578.html");
script_oid("1.3.6.1.4.1.25623.1.0.881158");
script_version("2023-07-10T08:07:43+0000");
script_tag(name:"last_modification", value:"2023-07-10 08:07:43 +0000 (Mon, 10 Jul 2023)");
script_tag(name:"creation_date", value:"2012-07-30 16:25:34 +0530 (Mon, 30 Jul 2012)");
script_cve_id("CVE-2012-1583");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_xref(name:"CESA", value:"2012:0480");
script_name("CentOS Update for kernel CESA-2012:0480 centos5");
script_tag(name:"summary", value:"The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2012 Greenbone AG");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS5");
script_tag(name:"affected", value:"kernel on CentOS 5");
script_tag(name:"solution", value:"Please install the updated packages.");
script_tag(name:"insight", value:"The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issue:
* A flaw in the xfrm6_tunnel_rcv() function in the Linux kernel's IPv6
implementation could lead to a use-after-free or double free flaw in
tunnel6_rcv(). A remote attacker could use this flaw to send
specially-crafted packets to a target system that is using IPv6 and also
has the xfrm6_tunnel kernel module loaded, causing it to crash.
(CVE-2012-1583, Important)
If you do not run applications that use xfrm6_tunnel, you can prevent the
xfrm6_tunnel module from being loaded by creating (as the root user) a
'/etc/modprobe.d/xfrm6_tunnel.conf' file, and adding the following line to
it:
blacklist xfrm6_tunnel
This way, the xfrm6_tunnel module cannot be loaded accidentally. A reboot
is not necessary for this change to take effect.
This update also fixes various bugs and adds an enhancement. Documentation
for these changes will be available shortly from the Technical Notes
document linked to in the References section.
Users should upgrade to these updated packages, which contain backported
patches to correct this issue, and fix the bugs and add the enhancement
noted in the Technical Notes. The system must be rebooted for this update
to take effect.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "CentOS5")
{
if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.18~308.4.1.el5", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.18~308.4.1.el5", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.18~308.4.1.el5", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.18~308.4.1.el5", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.18~308.4.1.el5", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.18~308.4.1.el5", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.18~308.4.1.el5", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.18~308.4.1.el5", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.18~308.4.1.el5", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~2.6.18~308.4.1.el5", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo30 Jul 2012 00:00Current
9.3High risk
Vulners AI Score9.3
CVSS25
EPSS0.06299