Executive Summary
Summary | |
---|---|
Title | kernel security and bug fix update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0167 | First vendor Publication | 2008-03-14 |
Vendor | RedHat | Last vendor Modification | 2008-03-14 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:H/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Adjacent network |
Cvss Impact Score | 10 | Attack Complexity | High |
Cvss Expoit Score | 3.2 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. A buffer overflow flaw was found in the CIFS virtual file system. A remote authenticated user could issue a request that could lead to a denial of service. (CVE-2007-5904, Moderate) As well, these updated packages fix the following bugs: * a bug was found in the Linux kernel audit subsystem. When the audit daemon was setup to log the execve system call with a large number of arguments, the kernel could run out out memory while attempting to create audit log messages. This could cause a kernel panic. In these updated packages, large audit messages are split into acceptable sizes, which resolves this issue. * on certain Intel chipsets, it was not possible to load the acpiphp module using the "modprobe acpiphp" command. Because the acpiphp module did not recurse across PCI bridges, hardware detection for PCI hot plug slots failed. In these updated packages, hardware detection works correctly. * on IBM System z architectures that run the IBM z/VM hypervisor, the IBM eServer zSeries HiperSockets network interface (layer 3) allowed ARP packets to be sent and received, even when the "NOARP" flag was set. These ARP packets caused problems for virtual machines. * it was possible for the iounmap function to sleep while holding a lock. This may have caused a deadlock for drivers and other code that uses the iounmap function. In these updated packages, the lock is dropped before the sleep code is called, which resolves this issue. Red Hat Enterprise Linux 4 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 372701 - CVE-2007-5904 Buffer overflow in CIFS VFS 427393 - audit: Logging execve arguments, out of memory in audit_expand 428174 - ACPIPHP.ko will not load : RHEL4.x and RHEL5.0 on X8450 (Intel 4 socket Quad Core) but will load on RHEL5.1 430670 - LTC39262-qeth: HiperSockets layer-3 interface to drop non-IP packets 433267 - [Stratus 4.6.z bug] iounmap may sleep while holding vmlist_lock, causing a deadlock. |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0167.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:20179 | |||
Oval ID: | oval:org.mitre.oval:def:20179 | ||
Title: | DSA-1428-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities | ||
Description: | Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1428-1 CVE-2007-3104 CVE-2007-4997 CVE-2007-5500 CVE-2007-5904 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | linux-2.6 fai-kernels user-mode-linux |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5023071.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.15/20/22 vulnerabilities USN-618-1 File : nvt/gb_ubuntu_USN_618_1.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0089-01 File : nvt/gb_RHSA-2008_0089-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0167-01 File : nvt/gb_RHSA-2008_0167-01_kernel.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0167 centos4 i386 File : nvt/gb_CESA-2008_0167_kernel_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0167 centos4 x86_64 File : nvt/gb_CESA-2008_0167_kernel_centos4_x86_64.nasl |
2009-01-28 | Name : SuSE Update for kernel SUSE-SA:2007:063 File : nvt/gb_suse_2007_063.nasl |
2009-01-28 | Name : SuSE Update for kernel SUSE-SA:2007:064 File : nvt/gb_suse_2007_064.nasl |
2009-01-23 | Name : SuSE Update for kernel-rt SUSE-SA:2008:013 File : nvt/gb_suse_2008_013.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:017 File : nvt/gb_suse_2008_017.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:030 File : nvt/gb_suse_2008_030.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1428-2 (linux-2.6) File : nvt/deb_1428_2.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
39238 | Linux Kernel CIFS VFS SendReceive() Function SMB Response Remote Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0089.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0167.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080123_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080314_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4745.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0089.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5336.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-618-1.nasl - Type : ACT_GATHER_INFO |
2008-03-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0167.nasl - Type : ACT_GATHER_INFO |
2008-03-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0167.nasl - Type : ACT_GATHER_INFO |
2008-01-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0089.nasl - Type : ACT_GATHER_INFO |
2008-01-08 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4752.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4741.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1428.nasl - Type : ACT_GATHER_INFO |
2007-12-07 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4749.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:29 |
|