Test ID:	1.3.6.1.4.1.25623.1.0.870860
Category:	Red Hat Local Security Checks
Title:	RedHat Update for kernel RHSA-2012:1445-01
Summary:	The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the referenced advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * It was found that the RHSA-2010:0178 update did not correctly fix the CVE-2009-4307 issue, a divide-by-zero flaw in the ext4 file system code. A local, unprivileged user with the ability to mount an ext4 file system could use this flaw to cause a denial of service. (CVE-2012-2100, Low) This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct this issue, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect. Affected Software/OS: kernel on Red Hat Enterprise Linux (v. 5 server) Solution: Please Install the Updated Packages. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2100 53414 http://www.securityfocus.com/bid/53414 RHSA-2012:1445 http://rhn.redhat.com/errata/RHSA-2012-1445.html RHSA-2012:1580 http://rhn.redhat.com/errata/RHSA-2012-1580.html [oss-security] 20120412 Re: fix to CVE-2009-4307 http://www.openwall.com/lists/oss-security/2012/04/12/11 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d50f2ab6f050311dbf7b8f5501b25f0bf64a439b http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2 https://bugzilla.redhat.com/show_bug.cgi?id=809687 https://github.com/torvalds/linux/commit/d50f2ab6f050311dbf7b8f5501b25f0bf64a439b Common Vulnerability Exposure (CVE) ID: CVE-2009-4307 http://www.mandriva.com/security/advisories?name=MDVSA-2011:029 http://lkml.org/lkml/2009/12/9/255 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9874 http://www.redhat.com/support/errata/RHSA-2010-0380.html http://secunia.com/advisories/37658 http://secunia.com/advisories/38017 http://secunia.com/advisories/38276 SuSE Security Announcement: SUSE-SA:2010:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html SuSE Security Announcement: SUSE-SA:2010:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2012-2934 BugTraq ID: 53961 http://www.securityfocus.com/bid/53961 Debian Security Information: DSA-2501 (Google Search) http://www.debian.org/security/2012/dsa-2501 http://security.gentoo.org/glsa/glsa-201309-24.xml http://support.amd.com/us/Processor_TechDocs/25759.pdf http://lists.xen.org/archives/html/xen-announce/2012-06/msg00002.html http://secunia.com/advisories/51413 http://secunia.com/advisories/55082 SuSE Security Announcement: openSUSE-SU-2012:1572 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html SuSE Security Announcement: openSUSE-SU-2012:1573 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.