Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2010:0398
The remote host is missing updates announced in
advisory RHSA-2010:0398.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* a flaw was found in the Unidirectional Lightweight Encapsulation (ULE)
implementation. A remote attacker could send a specially-crafted ISO
MPEG-2 Transport Stream (TS) frame to a target system, resulting in an
infinite loop (denial of service). (CVE-2010-1086, Important)

* on AMD64 systems, it was discovered that the kernel did not ensure the
ELF interpreter was available before making a call to the SET_PERSONALITY
macro. A local attacker could use this flaw to cause a denial of service by
running a 32-bit application that attempts to execute a 64-bit application.
(CVE-2010-0307, Moderate)

* a flaw was found in the kernel connector implementation. A local,
unprivileged user could trigger this flaw by sending an arbitrary number
of notification requests using specially-crafted netlink messages,
resulting in a denial of service. (CVE-2010-0410, Moderate)

* a flaw was found in the Memory-mapped I/O (MMIO) instruction decoder in
the Xen hypervisor implementation. An unprivileged guest user could use
this flaw to trick the hypervisor into emulating a certain instruction,
which could crash the guest (denial of service). (CVE-2010-0730, Moderate)

* a divide-by-zero flaw was found in the azx_position_ok() function in the
driver for Intel High Definition Audio, snd-hda-intel. A local,
unprivileged user could trigger this flaw to cause a kernel crash (denial
of service). (CVE-2010-1085, Moderate)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : High

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-0307
BugTraq ID: 38027
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
Debian Security Information: DSA-1996 (Google Search),20100202,15754.html
RedHat Security Advisories: RHSA-2010:0146
SuSE Security Announcement: SUSE-SA:2010:014 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-0410
BugTraq ID: 38058
Debian Security Information: DSA-2005 (Google Search)
SuSE Security Announcement: SUSE-SA:2010:018 (Google Search)
SuSE Security Announcement: SUSE-SA:2010:019 (Google Search)
SuSE Security Announcement: SUSE-SA:2010:023 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-0730
BugTraq ID: 39979
Common Vulnerability Exposure (CVE) ID: CVE-2010-1085
BugTraq ID: 38348
Common Vulnerability Exposure (CVE) ID: CVE-2010-1086
BugTraq ID: 38479
Debian Security Information: DSA-2053 (Google Search)
CopyrightCopyright (c) 2010 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.