Test ID:	1.3.6.1.4.1.25623.1.0.66622
Category:	CentOS Local Security Checks
Title:	CentOS Security Advisory CESA-2009:1671 (kernel)
Summary:	The remote host is missing updates to kernel announced in;advisory CESA-2009:1671.
Description:	Summary: The remote host is missing updates to kernel announced in advisory CESA-2009:1671. Vulnerability Insight: For details on the issues addressed in this update, please visit the referenced security advisories. Solution: Update the appropriate packages on your system. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2910 36576 http://www.securityfocus.com/bid/36576 36927 http://secunia.com/advisories/36927 37075 http://secunia.com/advisories/37075 37351 http://secunia.com/advisories/37351 FEDORA-2009-10525 https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00483.html RHSA-2009:1540 https://rhn.redhat.com/errata/RHSA-2009-1540.html RHSA-2009:1671 http://www.redhat.com/support/errata/RHSA-2009-1671.html RHSA-2010:0046 https://rhn.redhat.com/errata/RHSA-2010-0046.html RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html SUSE-SA:2009:054 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html SUSE-SA:2009:056 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html SUSE-SA:2010:012 http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html USN-864-1 http://www.ubuntu.com/usn/usn-864-1 [linux-kernel] 20091001 [tip:x86/urgent] x86: Don't leak 64-bit kernel register values to 32-bit processes http://lkml.org/lkml/2009/10/1/164 [oss-security] 20091001 CVE Request (kernel) http://marc.info/?l=oss-security&m=125442304214452&w=2 [oss-security] 20091001 Re: CVE Request (kernel) http://www.openwall.com/lists/oss-security/2009/10/02/1 [oss-security] 20091002 Re: CVE Request (kernel) http://marc.info/?l=oss-security&m=125444390112831&w=2 [oss-security] 20091009 Re: CVE Request (kernel) http://marc.info/?l=oss-security&m=125511635004768&w=2 http://git.kernel.org/?p=linux/kernel/git/x86/linux-2.6-tip.git%3Ba=commit%3Bh=24e35800cdc4350fc34e2bed37b608a9e13ab3b6 http://support.avaya.com/css/P8/documents/100073666 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.4 https://bugzilla.redhat.com/show_bug.cgi?id=526788 oval:org.mitre.oval:def:10823 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10823 oval:org.mitre.oval:def:7359 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7359 Common Vulnerability Exposure (CVE) ID: CVE-2009-3613 36706 http://www.securityfocus.com/bid/36706 37909 http://secunia.com/advisories/37909 38794 http://secunia.com/advisories/38794 38834 http://secunia.com/advisories/38834 ADV-2010-0528 http://www.vupen.com/english/advisories/2010/0528 RHSA-2009:1548 https://rhn.redhat.com/errata/RHSA-2009-1548.html SUSE-SA:2009:064 http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html [oss-security] 20091015 Re: CVE request kernel: flood ping cause http://marc.info/?l=oss-security&m=125561712529352&w=2 [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates http://lists.vmware.com/pipermail/security-announce/2010/000082.html http://bugzilla.kernel.org/show_bug.cgi?id=9468 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97d477a914b146e7e6722ded21afa79886ae8ccd http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a866bbf6aacf95f849810079442a20be118ce905 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.22 https://bugzilla.redhat.com/show_bug.cgi?id=529137 oval:org.mitre.oval:def:10209 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10209 oval:org.mitre.oval:def:7377 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7377 Common Vulnerability Exposure (CVE) ID: CVE-2009-3620 36707 http://secunia.com/advisories/36707 36824 http://www.securityfocus.com/bid/36824 FEDORA-2009-11038 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html MDVSA-2010:088 http://www.mandriva.com/security/advisories?name=MDVSA-2010:088 MDVSA-2010:198 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 RHSA-2009:1670 http://www.redhat.com/support/errata/RHSA-2009-1670.html RHSA-2010:0882 http://www.redhat.com/support/errata/RHSA-2010-0882.html SUSE-SA:2009:061 http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html SUSE-SA:2010:013 http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html [linux-kernel] 20090921 [git pull] drm tree. http://article.gmane.org/gmane.linux.kernel/892259 [oss-security] 20091019 CVE request: kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised http://www.openwall.com/lists/oss-security/2009/10/19/1 [oss-security] 20091019 Re: CVE request: kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised http://www.openwall.com/lists/oss-security/2009/10/19/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7dc482dfeeeefcfd000d4271c4626937406756d7 http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.31-git11.log https://bugzilla.redhat.com/show_bug.cgi?id=529597 oval:org.mitre.oval:def:6763 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6763 oval:org.mitre.oval:def:9891 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9891 Common Vulnerability Exposure (CVE) ID: CVE-2009-3621 37086 http://secunia.com/advisories/37086 38017 http://secunia.com/advisories/38017 MDVSA-2009:329 http://www.mandriva.com/security/advisories?name=MDVSA-2009:329 SUSE-SA:2010:001 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html [linux-kernel] 20091019 Re: [PATCH] AF_UNIX: Fix deadlock on connecting to shutdown socket http://lkml.org/lkml/2009/10/19/50 [oss-security] 20091019 CVE request: kernel: AF_UNIX: Fix deadlock on connecting to shutdown socket http://www.openwall.com/lists/oss-security/2009/10/19/2 [oss-security] 20091019 Re: CVE request: kernel: AF_UNIX: Fix deadlock on connecting to shutdown socket http://www.openwall.com/lists/oss-security/2009/10/19/4 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=77238f2b942b38ab4e7f3aced44084493e4a8675 http://patchwork.kernel.org/patch/54678/ https://bugzilla.redhat.com/show_bug.cgi?id=529626 oval:org.mitre.oval:def:6895 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6895 oval:org.mitre.oval:def:9921 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9921
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.