Lucene search

K

RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01

🗓️ 18 Feb 2011 00:00:00Reported by Copyright (c) 2011 Greenbone Networks GmbHType 
openvas
 openvas
🔗 plugins.openvas.org👁 33 Views

RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01 - OpenVAS Vulnerability Test. This update includes security fixes for buffer overflow, missing boundary check, and initialization flaw, along with bug fixes and enhancements

Show more
Related
Refs
Code
###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "The kernel packages contain the Linux kernel, the core of any Linux
  operating system.

  This update fixes the following security issues:
  
  * A buffer overflow flaw was found in the load_mixer_volumes() function in
  the Linux kernel's Open Sound System (OSS) sound driver. On 64-bit PowerPC
  systems, a local, unprivileged user could use this flaw to cause a denial
  of service or escalate their privileges. (CVE-2010-4527, Important)
  
  * A missing boundary check was found in the dvb_ca_ioctl() function in the
  Linux kernel's av7110 module. On systems that use old DVB cards that
  require the av7110 module, a local, unprivileged user could use this flaw
  to cause a denial of service or escalate their privileges. (CVE-2011-0521,
  Important)
  
  * A missing initialization flaw was found in the ethtool_get_regs()
  function in the Linux kernel's ethtool IOCTL handler. A local user who has
  the CAP_NET_ADMIN capability could use this flaw to cause an information
  leak. (CVE-2010-4655, Low)
  
  Red Hat would like to thank Dan Rosenberg for reporting CVE-2010-4527, and
  Kees Cook for reporting CVE-2010-4655.
  
  These updated kernel packages also fix hundreds of bugs and add numerous
  enhancements. For details on individual bug fixes and enhancements included
  in this update, refer to the Red Hat Enterprise Linux 4.9 Release Notes,
  linked to in the References section.
  
  Users should upgrade to these updated packages, which contain backported
  patches to correct these issues and add these enhancements. The system must
  be rebooted for this update to take effect.";

tag_affected = "Red Hat Enterprise Linux 4.9 kernel on Red Hat Enterprise Linux AS version 4,
  Red Hat Enterprise Linux ES version 4,
  Red Hat Enterprise Linux WS version 4";
tag_solution = "Please Install the Updated Packages.";


if(description)
{
  script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2011-February/msg00021.html");
  script_id(870396);
  script_version("$Revision: 6685 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $");
  script_tag(name:"creation_date", value:"2011-02-18 15:15:05 +0100 (Fri, 18 Feb 2011)");
  script_tag(name:"cvss_base", value:"6.9");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_xref(name: "RHSA", value: "2011:0263-01");
  script_cve_id("CVE-2010-4527", "CVE-2010-4655", "CVE-2011-0521");
  script_name("RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01");

  script_summary("Check for the Version of Red Hat Enterprise Linux 4.9 kernel");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
  script_family("Red Hat Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "RHENT_4")
{

  if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.9~100.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.9~100.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.9~100.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-hugemem", rpm:"kernel-hugemem~2.6.9~100.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-hugemem-devel", rpm:"kernel-hugemem-devel~2.6.9~100.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.9~100.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.9~100.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-xenU", rpm:"kernel-xenU~2.6.9~100.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-xenU-devel", rpm:"kernel-xenU-devel~2.6.9~100.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.9~100.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-largesmp", rpm:"kernel-largesmp~2.6.9~100.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-largesmp-devel", rpm:"kernel-largesmp-devel~2.6.9~100.EL", rls:"RHENT_4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo