ID de Prueba:	1.3.6.1.4.1.25623.1.0.69785
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2011:0836
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2011:0836. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * An integer underflow flaw, leading to a buffer overflow, was found in the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation. This could allow a remote attacker to cause a denial of service. (CVE-2011-1770, Important) * Missing sanity checks were found in setup_arg_pages() in the Linux kernel. When making the size of the argument and environment area on the stack very large, it could trigger a BUG_ON(), resulting in a local denial of service. (CVE-2010-3858, Moderate) * A missing validation check was found in the bcm_release() and raw_release() functions in the Linux kernel's Controller Area Network (CAN) implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2011-1598, CVE-2011-1748, Moderate) * The fix for Red Hat Bugzilla bug 656461, as provided in RHSA-2011:0542, introduced a regression in the cifs_close() function in the Linux kernel's Common Internet File System (CIFS) implementation. A local, unprivileged user with write access to a CIFS file system could use this flaw to cause a denial of service. (CVE-2011-1771, Moderate) Red Hat would like to thank Dan Rosenberg for reporting CVE-2011-1770 Brad Spengler for reporting CVE-2010-3858 and Oliver Hartkopp for reporting CVE-2011-1748. This update also fixes various bugs. Documentation for these bug fixes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to resolve these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2011-0836.html Risk factor : High CVSS Score: 7.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3858 15619 http://www.exploit-db.com/exploits/15619 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console http://www.securityfocus.com/archive/1/520102/100/0/threaded 42758 http://secunia.com/advisories/42758 42789 http://secunia.com/advisories/42789 44301 http://www.securityfocus.com/bid/44301 46397 http://secunia.com/advisories/46397 ADV-2011-0024 http://www.vupen.com/english/advisories/2011/0024 ADV-2011-0070 http://www.vupen.com/english/advisories/2011/0070 DSA-2126 http://www.debian.org/security/2010/dsa-2126 MDVSA-2010:257 http://www.mandriva.com/security/advisories?name=MDVSA-2010:257 RHSA-2010:0958 http://www.redhat.com/support/errata/RHSA-2010-0958.html RHSA-2011:0004 http://www.redhat.com/support/errata/RHSA-2011-0004.html USN-1041-1 http://www.ubuntu.com/usn/USN-1041-1 [oss-security] 20101021 CVE request: kernel: setup_arg_pages: diagnose excessive argument size http://www.openwall.com/lists/oss-security/2010/10/21/1 [oss-security] 20101022 Re: CVE request: kernel: setup_arg_pages: diagnose excessive argument size http://www.openwall.com/lists/oss-security/2010/10/22/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1b528181b2ffa14721fb28ad1bd539fe1732c583 http://grsecurity.net/~spender/64bit_dos.c http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=645222 Common Vulnerability Exposure (CVE) ID: CVE-2011-1598 47503 http://www.securityfocus.com/bid/47503 [netdev] 20110420 Add missing socket check in can/bcm release. http://permalink.gmane.org/gmane.linux.network/192898 [oss-security] 20110420 CVE request: kernel: missing socket check in can/bcm release http://openwall.com/lists/oss-security/2011/04/20/2 [oss-security] 20110420 Re: CVE request: kernel: missing socket check in can/bcm release http://openwall.com/lists/oss-security/2011/04/20/6 [oss-security] 20110421 Re: CVE request: kernel: missing socket check in can/bcm release http://openwall.com/lists/oss-security/2011/04/20/7 http://openwall.com/lists/oss-security/2011/04/21/1 http://openwall.com/lists/oss-security/2011/04/21/2 http://openwall.com/lists/oss-security/2011/04/21/7 [oss-security] 20110422 Re: CVE request: kernel: missing socket check in can/bcm release http://openwall.com/lists/oss-security/2011/04/22/2 [oss-security] 20110425 Re: CVE request: kernel: missing socket check in can/bcm release http://openwall.com/lists/oss-security/2011/04/25/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c6914a6f261aca0c9f715f883a353ae7ff51fe83 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.39-rc6 https://bugzilla.redhat.com/show_bug.cgi?id=698057 Common Vulnerability Exposure (CVE) ID: CVE-2011-1748 47835 http://www.securityfocus.com/bid/47835 [netdev] 20110420 [PATCH v2] can: add missing socket check in can/raw release http://permalink.gmane.org/gmane.linux.network/192974 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=10022a6c66e199d8f61d9044543f38785713cbbd Common Vulnerability Exposure (CVE) ID: CVE-2011-1770 1025592 http://www.securitytracker.com/id?1025592 44932 http://secunia.com/advisories/44932 47769 http://www.securityfocus.com/bid/47769 8286 http://securityreason.com/securityalert/8286 FEDORA-2011-7551 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html FEDORA-2011-7823 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html [linux-kernel] 20110506 Re: [PATCH] dccp: handle invalid feature options length http://marc.info/?l=linux-kernel&m=130469305815140&w=2 [linux-kernel] 20110506 [PATCH] dccp: handle invalid feature options length http://marc.info/?l=linux-kernel&m=130468845209036&w=2 http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.33/ChangeLog-2.6.33.14 https://bugzilla.redhat.com/show_bug.cgi?id=703011 Common Vulnerability Exposure (CVE) ID: CVE-2011-1771 8367 http://securityreason.com/securityalert/8367 [linux-cifs] 20110405 Re: Repeatable crash in 2.6.38 related to O_DIRECT http://marc.info/?l=linux-cifs&m=130204730006155&w=2 [linux-cifs] 20110405 Repeatable crash in 2.6.38 related to O_DIRECT http://marc.info/?l=linux-cifs&m=130204357001849&w=2 [oss-security] 20110509 CVE-2011-1771 kernel: cifs oops when creating file with O_DIRECT set http://www.openwall.com/lists/oss-security/2011/05/09/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7797069305d13252fd66cf722aa8f2cbeb3c95cd http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 https://bugzilla.redhat.com/show_bug.cgi?id=703016
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.