Fedora Local Security Checks : Fedora Core 9 FEDORA-2008-11618 (kernel)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.63058
Category:	Fedora Local Security Checks
Title:	Fedora Core 9 FEDORA-2008-11618 (kernel)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to kernel announced via advisory FEDORA-2008-11618. Update Information: Update kernel from version 2.6.27.7 to 2.6.27.9: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9 Also includes three critical fixes scheduled for 2.6.27.10 References: [ 1 ] Bug #473696 - CVE-2008-5079 Linux Kernel 'atm module' Local Denial of Service https://bugzilla.redhat.com/show_bug.cgi?id=473696 [ 2 ] Bug #472325 - CVE-2008-5182 kernel: fix inotify watch removal/umount races https://bugzilla.redhat.com/show_bug.cgi?id=472325 [ 3 ] Bug #473259 - CVE-2008-5300 kernel: fix soft lockups/OOM issues with unix socket garbage collector https://bugzilla.redhat.com/show_bug.cgi?id=473259 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update kernel' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2008-11618 Risk factor : High CVSS Score: 7.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5079 1021360 http://www.securitytracker.com/id?1021360 20081205 CVE-2008-5079: multiple listen()s on same socket corrupts the vcc table http://www.securityfocus.com/archive/1/498943/100/0/threaded 20081209 rPSA-2008-0332-1 kernel http://www.securityfocus.com/archive/1/499044/100/0/threaded 32676 http://www.securityfocus.com/bid/32676 32913 http://secunia.com/advisories/32913 33083 http://secunia.com/advisories/33083 33348 http://secunia.com/advisories/33348 33623 http://secunia.com/advisories/33623 33641 http://secunia.com/advisories/33641 33704 http://secunia.com/advisories/33704 33706 http://secunia.com/advisories/33706 33756 http://secunia.com/advisories/33756 33854 http://secunia.com/advisories/33854 34981 http://secunia.com/advisories/34981 4694 http://securityreason.com/securityalert/4694 DSA-1787 http://www.debian.org/security/2009/dsa-1787 FEDORA-2008-11618 https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01358.html MDVSA-2009:032 http://www.mandriva.com/security/advisories?name=MDVSA-2009:032 RHSA-2009:0053 http://www.redhat.com/support/errata/RHSA-2009-0053.html RHSA-2009:0225 http://www.redhat.com/support/errata/RHSA-2009-0225.html SUSE-SA:2009:004 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html SUSE-SA:2009:008 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html SUSE-SA:2009:010 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html USN-714-1 https://usn.ubuntu.com/714-1/ USN-715-1 http://www.ubuntu.com/usn/usn-715-1 [linux-netdev] 20081204 [PATCH] ATM: CVE-2008-5079: multiple listen()s on same socket corrupts the vcc table http://marc.info/?l=linux-netdev&m=122841256115780&w=2 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0332 https://issues.rpath.com/browse/RPL-2915 oval:org.mitre.oval:def:11288 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11288 Common Vulnerability Exposure (CVE) ID: CVE-2008-5182 BugTraq ID: 33503 http://www.securityfocus.com/bid/33503 Bugtraq: 20081209 rPSA-2008-0332-1 kernel (Google Search) Debian Security Information: DSA-1681 (Google Search) http://www.debian.org/security/2008/dsa-1681 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10584 http://secunia.com/advisories/32998 SuSE Security Announcement: SUSE-SA:2009:004 (Google Search) SuSE Security Announcement: SUSE-SA:2009:008 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2008-5300 BugTraq ID: 32516 http://www.securityfocus.com/bid/32516 Bugtraq: 20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel (Google Search) http://www.securityfocus.com/archive/1/512019/100/0/threaded http://marc.info/?l=linux-netdev&m=122721862313564&w=2 http://marc.info/?l=linux-netdev&m=122765505415944&w=2 http://osvdb.org/50272 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10283 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11427 http://www.redhat.com/support/errata/RHSA-2009-0014.html RedHat Security Advisories: RHSA-2009:1550 https://rhn.redhat.com/errata/RHSA-2009-1550.html http://secunia.com/advisories/33556 http://securityreason.com/securityalert/4673 XForce ISS Database: linux-kernel-sendmsg-dos(46943) https://exchange.xforce.ibmcloud.com/vulnerabilities/46943 Common Vulnerability Exposure (CVE) ID: CVE-2008-3528 20081112 rPSA-2008-0316-1 kernel http://www.securityfocus.com/archive/1/498285/100/0/threaded 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components http://www.securityfocus.com/archive/1/507985/100/0/threaded 32356 http://secunia.com/advisories/32356 32370 http://secunia.com/advisories/32370 32509 http://secunia.com/advisories/32509 32709 http://secunia.com/advisories/32709 32759 http://secunia.com/advisories/32759 32799 http://secunia.com/advisories/32799 32998 33180 http://secunia.com/advisories/33180 33586 http://secunia.com/advisories/33586 33758 http://secunia.com/advisories/33758 37471 http://secunia.com/advisories/37471 ADV-2009-3316 http://www.vupen.com/english/advisories/2009/3316 DSA-1681 DSA-1687 http://www.debian.org/security/2008/dsa-1687 MDVSA-2008:224 http://www.mandriva.com/security/advisories?name=MDVSA-2008:224 RHSA-2008:0972 http://rhn.redhat.com/errata/RHSA-2008-0972.html RHSA-2009:0009 http://www.redhat.com/support/errata/RHSA-2009-0009.html RHSA-2009:0326 http://www.redhat.com/support/errata/RHSA-2009-0326.html SUSE-SA:2008:051 http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.html SUSE-SA:2008:052 http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html SUSE-SA:2008:053 http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html SUSE-SA:2008:056 http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00000.html SUSE-SA:2008:057 http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00001.html SUSE-SR:2008:025 http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html USN-662-1 http://www.ubuntu.com/usn/usn-662-1 [linux-kernel] 20080913 [PATCH 3/4] ext2: Avoid printk floods in the face of directory corruption http://lkml.org/lkml/2008/9/13/98 [linux-kernel] 20080913 [PATCH 4/4] ext3: Avoid printk floods in the face of directory corruption http://lkml.org/lkml/2008/9/13/99 [linux-kernel] 20080918 Re: [PATCH 4/4] ext3: Avoid printk floods in the face of directory corruption http://lkml.org/lkml/2008/9/17/371 [oss-security] 20080918 CVE-2008-3528 Linux kernel ext[234] directory corruption DoS http://www.openwall.com/lists/oss-security/2008/09/18/2 http://wiki.rpath.com/Advisories:rPSA-2008-0316 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0316 http://www.vmware.com/security/advisories/VMSA-2009-0016.html https://bugzilla.redhat.com/show_bug.cgi?id=459577 kernel-errorreporting-dos(45720) https://exchange.xforce.ibmcloud.com/vulnerabilities/45720 oval:org.mitre.oval:def:10852 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10852 oval:org.mitre.oval:def:8642 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8642 Common Vulnerability Exposure (CVE) ID: CVE-2008-3525 1020969 http://www.securitytracker.com/id?1020969 32103 http://secunia.com/advisories/32103 32237 http://secunia.com/advisories/32237 32315 http://secunia.com/advisories/32315 32386 http://secunia.com/advisories/32386 32393 http://secunia.com/advisories/32393 33201 http://secunia.com/advisories/33201 33280 http://secunia.com/advisories/33280 ADV-2008-2511 http://www.vupen.com/english/advisories/2008/2511 ADV-2008-2714 http://www.vupen.com/english/advisories/2008/2714 DSA-1653 http://www.debian.org/security/2008/dsa-1653 DSA-1655 http://www.debian.org/security/2008/dsa-1655 FEDORA-2008-8929 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00693.html FEDORA-2008-8980 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00689.html MDVSA-2008:220 http://www.mandriva.com/security/advisories?name=MDVSA-2008:220 MDVSA-2008:223 http://www.mandriva.com/security/advisories?name=MDVSA-2008:223 RHSA-2008:0787 http://www.redhat.com/support/errata/RHSA-2008-0787.html RHSA-2008:0973 http://www.redhat.com/support/errata/RHSA-2008-0973.html SUSE-SA:2008:047 http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html SUSE-SA:2008:049 http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html USN-659-1 http://www.ubuntu.com/usn/usn-659-1 [oss-security] 20080829 CVE-2008-3525 kernel: missing capability checks in sbni_ioctl() http://www.openwall.com/lists/oss-security/2008/08/29/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f2455eb176ac87081bbfc9a44b21c7cd2bc1967e http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.7 oval:org.mitre.oval:def:5671 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5671 oval:org.mitre.oval:def:9364 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9364 Common Vulnerability Exposure (CVE) ID: CVE-2008-3831 1021065 http://securitytracker.com/id?1021065 245846 http://sunsolve.sun.com/search/document.do?assetkey=1-26-245846-1 31792 http://www.securityfocus.com/bid/31792 32918 http://secunia.com/advisories/32918 33182 http://secunia.com/advisories/33182 RHSA-2008:1017 http://www.redhat.com/support/errata/RHSA-2008-1017.html USN-679-1 http://www.ubuntu.com/usn/usn-679-1 [source-changes] 20081017 CVS: cvs.openbsd.org: src http://archives.neohapsis.com/archives/openbsd/cvs/2008-10/0365.html http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.6.diff.gz http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c.diff?r1=1.7%3Br2=1.8 oval:org.mitre.oval:def:11542 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11542 Common Vulnerability Exposure (CVE) ID: CVE-2008-2750 BugTraq ID: 29747 http://www.securityfocus.com/bid/29747 https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00082.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:167 http://www.openwall.com/lists/oss-security/2008/06/19/3 http://securitytracker.com/id?1020297 http://secunia.com/advisories/30719 http://secunia.com/advisories/30901 http://secunia.com/advisories/30920 http://secunia.com/advisories/31107 http://secunia.com/advisories/31202 SuSE Security Announcement: SUSE-SA:2008:037 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html http://www.ubuntu.com/usn/usn-625-1 http://www.vupen.com/english/advisories/2008/1854 XForce ISS Database: linux-kernel-pppol2tprecvmsg-dos(43111) https://exchange.xforce.ibmcloud.com/vulnerabilities/43111
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com