Lucene search

K

RedHat Update for Red Hat Enterprise Linux 5.5 kernel RHSA-2010:0178-02

πŸ—“οΈΒ 06 Apr 2010Β 00:00:00Reported byΒ Copyright (c) 2010 Greenbone Networks GmbHTypeΒ 
openvas
Β openvas
πŸ”—Β plugins.openvas.orgπŸ‘Β 36Β Views

Red Hat Enterprise Linux 5.5 kernel update for race condition, gfs2_lock, and divide-by-zero flaw

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
OpenVAS
RedHat Update for Red Hat Enterprise Linux 5.5 kernel RHSA-2010:0178-02
6 Apr 201000:00
–openvas
OpenVAS
Oracle: Security Advisory (ELSA-2010-0178)
6 Oct 201500:00
–openvas
OpenVAS
Oracle: Security Advisory (ELSA-2010-0291)
6 Oct 201500:00
–openvas
OpenVAS
SuSE Update for kernel SUSE-SA:2010:001
15 Jan 201000:00
–openvas
OpenVAS
SuSE Update for kernel SUSE-SA:2010:001
15 Jan 201000:00
–openvas
OpenVAS
CentOS Update for kernel CESA-2012:1445 centos5
15 Nov 201200:00
–openvas
OpenVAS
RedHat Update for kernel RHSA-2012:1445-01
15 Nov 201200:00
–openvas
OpenVAS
CentOS Update for kernel CESA-2012:1445 centos5
15 Nov 201200:00
–openvas
OpenVAS
RedHat Update for kernel RHSA-2012:1445-01
15 Nov 201200:00
–openvas
OpenVAS
Mandriva Update for drakxtools MDVA-2010:066 (drakxtools)
19 Feb 201000:00
–openvas
Rows per page
###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for Red Hat Enterprise Linux 5.5 kernel RHSA-2010:0178-02
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "The kernel packages contain the Linux kernel, the core of any Linux
  operating system.

  This update fixes the following security issues:
  
  * a race condition was found in the mac80211 implementation, a framework
  used for writing drivers for wireless devices. An attacker could trigger
  this flaw by sending a Delete Block ACK (DELBA) packet to a target system,
  resulting in a remote denial of service. Note: This issue only affected
  users on 802.11n networks, and that also use the iwlagn driver with Intel
  wireless hardware. (CVE-2009-4027, Important)
  
  * a flaw was found in the gfs2_lock() implementation. The GFS2 locking code
  could skip the lock operation for files that have the S_ISGID bit
  (set-group-ID on execution) in their mode set. A local, unprivileged user
  on a system that has a GFS2 file system mounted could use this flaw to
  cause a kernel panic. (CVE-2010-0727, Moderate)
  
  * a divide-by-zero flaw was found in the ext4 file system code. A local
  attacker could use this flaw to cause a denial of service by mounting a
  specially-crafted ext4 file system. (CVE-2009-4307, Low)
  
  These updated packages also include several hundred bug fixes for and
  enhancements to the Linux kernel. Space precludes documenting each of these
  changes in this advisory and users are directed to the Red Hat Enterprise
  Linux 5.5 Release Notes for information on the most significant of these
  changes:
  
  http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.5/html/Release_Notes/ 
  
  Also, for details concerning every bug fixed in and every enhancement added
  to the kernel for this release, refer to the kernel chapter in the Red Hat
  Enterprise Linux 5.5 Technical Notes:
  
  http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.5/html/Technical_Notes/kernel.html
  
  All Red Hat Enterprise Linux 5 users are advised to install these updated
  packages, which address these vulnerabilities as well as fixing the bugs
  and adding the enhancements noted in the Red Hat Enterprise Linux 5.5
  Release Notes and Technical Notes. The system must be rebooted for this
  update to take effect.";

tag_affected = "Red Hat Enterprise Linux 5.5 kernel on Red Hat Enterprise Linux (v. 5 server)";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2010-March/msg00029.html");
  script_id(870251);
  script_version("$Revision: 8130 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $");
  script_tag(name:"creation_date", value:"2010-04-06 08:56:44 +0200 (Tue, 06 Apr 2010)");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_xref(name: "RHSA", value: "2010:0178-02");
  script_cve_id("CVE-2009-4027", "CVE-2009-4307", "CVE-2010-0727", "CVE-2009-4026");
  script_name("RedHat Update for Red Hat Enterprise Linux 5.5 kernel RHSA-2010:0178-02");

  script_tag(name: "summary" , value: "Check for the Version of Red Hat Enterprise Linux 5.5 kernel");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_family("Red Hat Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "RHENT_5")
{

  if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.18~194.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
06 Apr 2010 00:00Current
0.1Low risk
Vulners AI Score0.1
EPSS0.053
36
.json
Report