RedHat Update for kernel RHSA-2010:0147-01

2010-03-22T00:00:00
ID OPENVAS:870233
Type openvas
Reporter Copyright (c) 2010 Greenbone Networks GmbH
Modified 2017-12-22T00:00:00

Description

Check for the Version of kernel

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for kernel RHSA-2010:0147-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "The kernel packages contain the Linux kernel, the core of any Linux
  operating system.

  Security fixes:
  
  * a NULL pointer dereference flaw was found in the sctp_rcv_ootb() function
  in the Linux kernel Stream Control Transmission Protocol (SCTP)
  implementation. A remote attacker could send a specially-crafted SCTP
  packet to a target system, resulting in a denial of service.
  (CVE-2010-0008, Important)
  
  * a missing boundary check was found in the do_move_pages() function in
  the memory migration functionality in the Linux kernel. A local user could
  use this flaw to cause a local denial of service or an information leak.
  (CVE-2010-0415, Important)
  
  * a NULL pointer dereference flaw was found in the ip6_dst_lookup_tail()
  function in the Linux kernel. An attacker on the local network could
  trigger this flaw by sending IPv6 traffic to a target system, leading to a
  system crash (kernel OOPS) if dst->neighbour is NULL on the target system
  when receiving an IPv6 packet. (CVE-2010-0437, Important)
  
  * a NULL pointer dereference flaw was found in the ext4 file system code in
  the Linux kernel. A local attacker could use this flaw to trigger a local
  denial of service by mounting a specially-crafted, journal-less ext4 file
  system, if that file system forced an EROFS error. (CVE-2009-4308,
  Moderate)
  
  * an information leak was found in the print_fatal_signal() implementation
  in the Linux kernel. When "/proc/sys/kernel/print-fatal-signals" is set to
  1 (the default value is 0), memory that is reachable by the kernel could be
  leaked to user-space. This issue could also result in a system crash. Note
  that this flaw only affected the i386 architecture. (CVE-2010-0003,
  Moderate)
  
  * missing capability checks were found in the ebtables implementation, used
  for creating an Ethernet bridge firewall. This could allow a local,
  unprivileged user to bypass intended capability restrictions and modify
  ebtables rules. (CVE-2010-0007, Low)
  
  Bug fixes:
  
  * a bug prevented Wake on LAN (WoL) being enabled on certain Intel
  hardware. (BZ#543449)
  
  * a race issue in the Journaling Block Device. (BZ#553132)
  
  * programs compiled on x86, and that also call sched_rr_get_interval(),
  were silently corrupted when run on 64-bit systems. (BZ#557684)
  
  * the RHSA-2010:0019 update introduced a regression, preventing WoL from
  working for network devices using the e1000e driver. (BZ#559335)
  
  * adding a bonding interface in mode balance-alb to a bridge was not
  functional. (BZ#560588)
  
  * some KVM (Kernel ... 

  Description truncated, for more information please check the Reference URL";

tag_affected = "kernel on Red Hat Enterprise Linux (v. 5 server)";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2010-March/msg00011.html");
  script_id(870233);
  script_version("$Revision: 8226 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $");
  script_tag(name:"creation_date", value:"2010-03-22 11:34:53 +0100 (Mon, 22 Mar 2010)");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_xref(name: "RHSA", value: "2010:0147-01");
  script_cve_id("CVE-2009-4308", "CVE-2010-0003", "CVE-2010-0007", "CVE-2010-0008", "CVE-2010-0415", "CVE-2010-0437");
  script_name("RedHat Update for kernel RHSA-2010:0147-01");

  script_tag(name: "summary" , value: "Check for the Version of kernel");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_family("Red Hat Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "RHENT_5")
{

  if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.18~164.15.1.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}