RedHat Update for kernel RHSA-2013:0911-01

RedHat Update for kernel RHSA-2013:0911-01 includes fixes for security issues like KVM flaw, Memory region vulnerability, and Veth driver flaw. Upgraded packages must be installed

Reporter	Title	Published	Views	Family All 73
ALT Linux	Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt7	13 Jun 201300:00	–	altlinux
Tenable Nessus	CentOS 6 : kernel (CESA-2013:0911)	14 Jun 201300:00	–	nessus
Tenable Nessus	MiracleLinux 4 : kernel-2.6.32-358.11.1.el6 (AXSA:2013-540:05)	16 Jan 202600:00	–	nessus
Tenable Nessus	MiracleLinux 4 : kernel-2.6.32-358.11.1.el6 (AXSA:2013-571:06)	16 Jan 202600:00	–	nessus
Tenable Nessus	Oracle Linux 6 : kernel (ELSA-2013-0911)	12 Jul 201300:00	–	nessus
Tenable Nessus	Oracle Linux 5 / 6 : Unbreakable Enterprise kernel Security (ELSA-2013-2534)	12 Jul 201300:00	–	nessus
Tenable Nessus	RHEL 6 : rhev-hypervisor6 (RHSA-2013:0907)	8 Nov 201400:00	–	nessus
Tenable Nessus	RHEL 6 : kernel (RHSA-2013:0911)	11 Jun 201300:00	–	nessus
Tenable Nessus	RHEL 5 : kvm (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus
Tenable Nessus	RHEL 6 : kvm (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus

Source	Link
redhat	www.redhat.com/archives/rhsa-announce/2013-June/msg00008.html

###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for kernel RHSA-2013:0911-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "The kernel packages contain the Linux kernel, the core of any Linux
  operating system.

  This update fixes the following security issues:

  * A flaw was found in the way KVM (Kernel-based Virtual Machine)
  initialized a guest's registered pv_eoi (paravirtualized end-of-interrupt)
  indication flag when entering the guest. An unprivileged guest user could
  potentially use this flaw to crash the host. (CVE-2013-1935, Important)

  * A missing sanity check was found in the kvm_set_memory_region() function
  in KVM, allowing a user-space process to register memory regions pointing
  to the kernel address space. A local, unprivileged user could use this flaw
  to escalate their privileges. (CVE-2013-1943, Important)

  * A double free flaw was found in the Linux kernel's Virtual Ethernet
  Tunnel driver (veth). A remote attacker could possibly use this flaw to
  crash a target system. (CVE-2013-2017, Moderate)

  Red Hat would like to thank IBM for reporting the CVE-2013-1935 issue and
  Atzm WATANABE of Stratosphere Inc. for reporting the CVE-2013-2017 issue.
  The CVE-2013-1943 issue was discovered by Michael S. Tsirkin of Red Hat.

  This update also fixes several bugs and adds one enhancement. Documentation
  for these changes will be available shortly from the Technical Notes
  document linked to in the References section.

  Users should upgrade to these updated packages, which contain backported
  patches to correct these issues and add this enhancement. The system must
  be rebooted for this update to take effect.";


tag_affected = "kernel on Red Hat Enterprise Linux Desktop (v. 6),
  Red Hat Enterprise Linux Server (v. 6),
  Red Hat Enterprise Linux Workstation (v. 6)";
tag_solution = "Please Install the Updated Packages.";

if(description)
{
  script_id(871007);
  script_version("$Revision: 8542 $");
  script_tag(name:"last_modification", value:"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $");
  script_tag(name:"creation_date", value:"2013-06-13 10:05:27 +0530 (Thu, 13 Jun 2013)");
  script_cve_id("CVE-2013-1935", "CVE-2013-1943", "CVE-2013-2017");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_name("RedHat Update for kernel RHSA-2013:0911-01");

  script_xref(name: "RHSA", value: "2013:0911-01");
  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2013-June/msg00008.html");
  script_tag(name: "summary" , value: "Check for the Version of kernel");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2013 Greenbone Networks GmbH");
  script_family("Red Hat Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");

res = "";
if(release == NULL){
  exit(0);
}

if(release == "RHENT_6")
{

  if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debuginfo-common-i686", rpm:"kernel-debuginfo-common-i686~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"perf", rpm:"perf~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"perf-debuginfo", rpm:"perf-debuginfo~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"python-perf-debuginfo", rpm:"python-perf-debuginfo~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debuginfo-common-x86_64", rpm:"kernel-debuginfo-common-x86_64~2.6.32~358.11.1.el6", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

26 Jan 2018 00:00Current

0.5Low risk

Vulners AI Score0.5

EPSS0.00871