RedHat Update for kernel RHSA-2010:0606-01

RedHat Update fixes kernel security issues and a bug, and requires a system reboot

Reporter	Title	Published	Views	Family All 111
BDU FSTEC	Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
Tenable Nessus	CentOS 4 : kernel (CESA-2010:0606)	29 Aug 201000:00	–	nessus
Tenable Nessus	CentOS 5 : kernel (CESA-2010:0610)	12 Aug 201000:00	–	nessus
Tenable Nessus	Debian DSA-2094-1 : linux-2.6 - privilege escalation/denial of service/information leak	23 Aug 201000:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : kernel (MDVSA-2010:188)	24 Sep 201000:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : kernel (MDVSA-2010:198)	8 Oct 201000:00	–	nessus
Tenable Nessus	MiracleLinux 3 : kernel-2.6.18-194.4.AXS3 (AXSA:2010-426:13)	14 Jan 202600:00	–	nessus
Tenable Nessus	Oracle Linux 4 : kernel (ELSA-2010-0606)	12 Jul 201300:00	–	nessus
Tenable Nessus	Oracle Linux 5 : kernel (ELSA-2010-0610)	12 Jul 201300:00	–	nessus

Source	Link
redhat	www.redhat.com/archives/rhsa-announce/2010-August/msg00010.html

###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for kernel RHSA-2010:0606-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "The kernel packages contain the Linux kernel, the core of any Linux
  operating system.

  This update fixes the following security issues:
  
  * a flaw was found in the CIFSSMBWrite() function in the Linux kernel
  Common Internet File System (CIFS) implementation. A remote attacker could
  send a specially-crafted SMB response packet to a target CIFS client,
  resulting in a kernel panic (denial of service). (CVE-2010-2248, Important)
  
  * buffer overflow flaws were found in the Linux kernel's implementation of
  the server-side External Data Representation (XDR) for the Network File
  System (NFS) version 4. An attacker on the local network could send a
  specially-crafted large compound request to the NFSv4 server, which could
  possibly result in a kernel panic (denial of service) or, potentially, code
  execution. (CVE-2010-2521, Important)
  
  This update also fixes the following bug:
  
  * the rpc_call_async() function in the SUN Remote Procedure Call (RPC)
  subsystem in the Linux kernel had a reference counting bug. In certain
  situations, some Network Lock Manager (NLM) messages may have triggered
  this bug on NFSv2 and NFSv3 servers, leading to a kernel panic (with
  &quot;kernel BUG at fs/lockd/host.c:[xxx]!&quot; logged to &quot;/var/log/messages&quot;).
  (BZ#612962)
  
  Users should upgrade to these updated packages, which contain backported
  patches to correct these issues. The system must be rebooted for this
  update to take effect.";

tag_affected = "kernel on Red Hat Enterprise Linux AS version 4,
  Red Hat Enterprise Linux ES version 4,
  Red Hat Enterprise Linux WS version 4";
tag_solution = "Please Install the Updated Packages.";


if(description)
{
  script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2010-August/msg00010.html");
  script_id(870303);
  script_version("$Revision: 8153 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $");
  script_tag(name:"creation_date", value:"2010-08-06 10:34:50 +0200 (Fri, 06 Aug 2010)");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_xref(name: "RHSA", value: "2010:0606-01");
  script_cve_id("CVE-2010-2248", "CVE-2010-2521");
  script_name("RedHat Update for kernel RHSA-2010:0606-01");

  script_tag(name: "summary" , value: "Check for the Version of kernel");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_family("Red Hat Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "RHENT_4")
{

  if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.9~89.0.28.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.9~89.0.28.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.9~89.0.28.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-hugemem", rpm:"kernel-hugemem~2.6.9~89.0.28.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-hugemem-devel", rpm:"kernel-hugemem-devel~2.6.9~89.0.28.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.9~89.0.28.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.9~89.0.28.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-xenU", rpm:"kernel-xenU~2.6.9~89.0.28.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-xenU-devel", rpm:"kernel-xenU-devel~2.6.9~89.0.28.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.9~89.0.28.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-largesmp", rpm:"kernel-largesmp~2.6.9~89.0.28.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-largesmp-devel", rpm:"kernel-largesmp-devel~2.6.9~89.0.28.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

18 Dec 2017 00:00Current

0.7Low risk

Vulners AI Score0.7

EPSS0.02446