Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59600
Category:Fedora Local Security Checks
Title:Fedora Core 6 FEDORA-2007-679 (kernel)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to kernel
announced via advisory FEDORA-2007-679.

The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

Update Information:

Update to linux 2.6.22.3 and 2.6.22.4:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.3
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.4

CVE-2007-3848:
Linux kernel 2.4.35 and other versions allows local users to
send arbitrary signals to a child process that is running at
higher privileges by causing a setuid-root parent process to
die, which delivers an attacker-controlled parent process
death signal (PR_SET_PDEATHSIG).

Update to 2.6.22.5-rc1. Highlights:
ACPI fixes.
Fix wrong temperature reports with some sensor chips.
Four sky2 ethernet driver fixes.
Fix detection of an AMD chip bug.
Revert serial driver patch that broke port detection.

Plus:
Additional sky2 fix for some motherboards.

* Tue Aug 21 2007 Chuck Ebbert
- 2.6.22.5-rc1
- fix e820 memory hole sizing on x86_64
- export GFS2 symbols for lock modules
- sky2: don't clear PHY power bits
* Tue Aug 21 2007 Chuck Ebbert
- Linux 2.6.22.4

Solution: Apply the appropriate updates.

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.


http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-679

Risk factor : Low

CVSS Score:
1.9

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-3848
BugTraq ID: 25387
http://www.securityfocus.com/bid/25387
Bugtraq: 20070814 COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/476464/100/0/threaded
Bugtraq: 20070814 COSEINC Linux Advisory #1: Linux Kernel Parent Process DeathSignal Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=118711306802632&w=2
Bugtraq: 20070816 Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/476538/100/0/threaded
http://www.securityfocus.com/archive/1/476677/100/0/threaded
http://www.securityfocus.com/archive/1/476803/100/0/threaded
Debian Security Information: DSA-1356 (Google Search)
http://www.debian.org/security/2007/dsa-1356
Debian Security Information: DSA-1503 (Google Search)
http://www.debian.org/security/2008/dsa-1503
Debian Security Information: DSA-1504 (Google Search)
http://www.debian.org/security/2008/dsa-1504
http://www.mandriva.com/security/advisories?name=MDKSA-2007:195
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-3848
http://marc.info/?l=openwall-announce&m=118710356812637&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10120
http://www.redhat.com/support/errata/RHSA-2007-0939.html
http://www.redhat.com/support/errata/RHSA-2007-0940.html
http://www.redhat.com/support/errata/RHSA-2007-1049.html
http://www.redhat.com/support/errata/RHSA-2008-0787.html
http://secunia.com/advisories/26450
http://secunia.com/advisories/26500
http://secunia.com/advisories/26643
http://secunia.com/advisories/26651
http://secunia.com/advisories/26664
http://secunia.com/advisories/27212
http://secunia.com/advisories/27227
http://secunia.com/advisories/27322
http://secunia.com/advisories/27436
http://secunia.com/advisories/27747
http://secunia.com/advisories/27913
http://secunia.com/advisories/28806
http://secunia.com/advisories/29058
http://secunia.com/advisories/29570
http://secunia.com/advisories/33280
SuSE Security Announcement: SUSE-SA:2007:053 (Google Search)
http://www.novell.com/linux/security/advisories/2007_53_kernel.html
SuSE Security Announcement: SUSE-SA:2008:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
SuSE Security Announcement: SUSE-SA:2008:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html
http://www.ubuntu.com/usn/usn-508-1
http://www.ubuntu.com/usn/usn-509-1
http://www.ubuntu.com/usn/usn-510-1
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.