Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.870504
Category:Red Hat Local Security Checks
Title:RedHat Update for kernel RHSA-2011:1386-01
Summary:The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security fixes:

* The maximum file offset handling for ext4 file systems could allow a
local, unprivileged user to cause a denial of service. (CVE-2011-2695,
Important)

* IPv6 fragment identification value generation could allow a remote
attacker to disrupt a target system's networking, preventing legitimate
users from accessing its services. (CVE-2011-2699, Important)

* A malicious CIFS (Common Internet File System) server could send a
specially-crafted response to a directory read request that would result in
a denial of service or privilege escalation on a system that has a CIFS
share mounted. (CVE-2011-3191, Important)

* A local attacker could use mount.ecryptfs_private to mount (and then
access) a directory they would otherwise not have access to. Note: To
correct this issue, the RHSA-2011:1241 ecryptfs-utils update must also be
installed. (CVE-2011-1833, Moderate)

* A flaw in the taskstats subsystem could allow a local, unprivileged user
to cause excessive CPU time and memory use. (CVE-2011-2484, Moderate)

* Mapping expansion handling could allow a local, unprivileged user to
cause a denial of service. (CVE-2011-2496, Moderate)

* GRO (Generic Receive Offload) fields could be left in an inconsistent
state. An attacker on the local network could use this flaw to cause a
denial of service. GRO is enabled by default in all network drivers that
support it. (CVE-2011-2723, Moderate)

* RHSA-2011:1065 introduced a regression in the Ethernet bridge
implementation. If a system had an interface in a bridge, and an attacker
on the local network could send packets to that interface, they could cause
a denial of service on that system. Xen hypervisor and KVM (Kernel-based
Virtual Machine) hosts often deploy bridge interfaces. (CVE-2011-2942,
Moderate)

* A flaw in the Xen hypervisor IOMMU error handling implementation could
allow a privileged guest user, within a guest operating system that has
direct control of a PCI device, to cause performance degradation on the
host and possibly cause it to hang. (CVE-2011-3131, Moderate)

* IPv4 and IPv6 protocol sequence number and fragment ID generation could
allow a man-in-the-middle attacker to inject packets and possibly hijack
connections. Protocol sequence number and fragment IDs are now more random.
(CVE-2011-3188, Moderate)

* A flaw in the kernel's clock implementation could allow a local,
unprivileged user to cause a denial of se ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
kernel on Red Hat Enterprise Linux (v. 5 server)

Solution:
Please Install the Updated Packages.

CVSS Score:
8.3

CVSS Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-4067
http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf
https://bugzilla.redhat.com/show_bug.cgi?id=722393
Common Vulnerability Exposure (CVE) ID: CVE-2011-1160
http://www.openwall.com/lists/oss-security/2011/03/15/13
Common Vulnerability Exposure (CVE) ID: CVE-2011-1585
http://www.openwall.com/lists/oss-security/2011/04/15/8
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-1833
SuSE Security Announcement: SUSE-SU-2011:0898 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html
http://www.ubuntu.com/usn/USN-1188-1
Common Vulnerability Exposure (CVE) ID: CVE-2011-2484
BugTraq ID: 48383
http://www.securityfocus.com/bid/48383
https://bugzilla.redhat.com/show_bug.cgi?id=715436
http://lists.openwall.net/linux-kernel/2011/06/16/605
http://openwall.com/lists/oss-security/2011/06/22/1
http://openwall.com/lists/oss-security/2011/06/22/2
XForce ISS Database: kernel-taskstats-dos(68150)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68150
Common Vulnerability Exposure (CVE) ID: CVE-2011-2496
http://www.openwall.com/lists/oss-security/2011/06/27/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-2695
http://www.spinics.net/lists/linux-ext4/msg25697.html
http://www.openwall.com/lists/oss-security/2011/07/15/7
http://www.openwall.com/lists/oss-security/2011/07/15/8
http://secunia.com/advisories/45193
Common Vulnerability Exposure (CVE) ID: CVE-2011-2699
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.openwall.com/lists/oss-security/2011/07/20/5
http://www.securitytracker.com/id?1027274
Common Vulnerability Exposure (CVE) ID: CVE-2011-2723
BugTraq ID: 48929
http://www.securityfocus.com/bid/48929
HPdes Security Advisory: HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
http://openwall.com/lists/oss-security/2011/07/28/13
http://openwall.com/lists/oss-security/2011/07/29/1
http://www.redhat.com/support/errata/RHSA-2011-1321.html
http://securitytracker.com/id?1025876
Common Vulnerability Exposure (CVE) ID: CVE-2011-2942
http://www.openwall.com/lists/oss-security/2011/10/24/3
Common Vulnerability Exposure (CVE) ID: CVE-2011-3131
BugTraq ID: 49146
http://www.securityfocus.com/bid/49146
Debian Security Information: DSA-2582 (Google Search)
http://www.debian.org/security/2012/dsa-2582
http://old-list-archives.xen.org/archives/html/xen-devel/2011-06/msg01106.html
http://old-list-archives.xen.org/archives/html/xen-devel/2011-08/msg00450.html
http://secunia.com/advisories/45622
http://secunia.com/advisories/51468
Common Vulnerability Exposure (CVE) ID: CVE-2011-3188
http://www.openwall.com/lists/oss-security/2011/08/23/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-3191
http://www.openwall.com/lists/oss-security/2011/08/24/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-3209
Common Vulnerability Exposure (CVE) ID: CVE-2011-3347
CopyrightCopyright (C) 2011 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.