Executive Summary
Summary | |
---|---|
Title | kernel security and bug fix update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0275 | First vendor Publication | 2008-05-20 |
Vendor | RedHat | Last vendor Modification | 2008-05-20 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.1 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues: * on AMD64 architectures, the possibility of a kernel crash was discovered by testing the Linux kernel process-trace ability. This could allow a local unprivileged user to cause a denial of service (kernel crash). (CVE-2008-1615, Important) * on 64-bit architectures, the possibility of a timer-expiration value overflow was found in the Linux kernel high-resolution timers functionality, hrtimer. This could allow a local unprivileged user to setup a large interval value, forcing the timer expiry value to become negative, causing a denial of service (kernel hang). (CVE-2007-6712, Important) * the possibility of a kernel crash was found in the Linux kernel IPsec protocol implementation, due to improper handling of fragmented ESP packets. When an attacker controlling an intermediate router fragmented these packets into very small pieces, it would cause a kernel crash on the receiving node during packet reassembly. (CVE-2007-6282, Important) * a potential denial of service attack was discovered in the Linux kernel PWC USB video driver. A local unprivileged user could use this flaw to bring the kernel USB subsystem into the busy-waiting state, causing a denial of service. (CVE-2007-5093, Low) As well, these updated packages fix the following bugs: * in certain situations, a kernel hang and a possible panic occurred when disabling the cpufreq daemon. This may have prevented system reboots from completing successfully. * continual "softlockup" messages, which occurred on the guest's console after a successful save and restore of a Red Hat Enterprise Linux 5 para-virtualized guest, have been resolved. * in the previous kernel packages, the kernel may not have reclaimed NFS locks after a system reboot. Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 306591 - CVE-2007-5093 kernel PWC driver DoS 400821 - rhel5.1s2 hang at 'Disabling ondemand cpu frequency scaling' [rhel-5.1.z] 404291 - CVE-2007-6282 IPSec ESP kernel panics 429516 - booting with maxcpus=1 panics when starting cpufreq service [rhel-5.1.z] 431430 - CVE-2008-1615 kernel: ptrace: Unprivileged crash on x86_64 %cs corruption 439999 - CVE-2007-6712 kernel: infinite loop in highres timers (kernel hang) 444402 - [RHEL5]: Softlockup after save/restore in PV guest 445360 - RHEL5.1 kernel not reclaiming NFS locks when server reboots |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0275.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-399 | Resource Management Errors |
25 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
25 % | CWE-16 | Configuration |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10494 | |||
Oval ID: | oval:org.mitre.oval:def:10494 | ||
Title: | The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device. | ||
Description: | The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5093 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18091 | |||
Oval ID: | oval:org.mitre.oval:def:18091 | ||
Title: | DSA-1381-2 linux-2.6 | ||
Description: | Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1381-2 CVE-2006-5755 CVE-2007-4133 CVE-2007-4573 CVE-2007-5093 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | linux-2.6 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9210 | |||
Oval ID: | oval:org.mitre.oval:def:9210 | ||
Title: | Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired. | ||
Description: | Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6712 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-13 | Name : SLES10: Security update for Linux kernel File : nvt/sles10_kernel3.nasl |
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5028577.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:167 (kernel) File : nvt/gb_mandriva_MDVSA_2008_167.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:105 (kernel) File : nvt/gb_mandriva_MDVSA_2008_105.nasl |
2009-03-23 | Name : Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-625-1 File : nvt/gb_ubuntu_USN_625_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-578-1 File : nvt/gb_ubuntu_USN_578_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.17/20/22 vulnerabilities USN-574-1 File : nvt/gb_ubuntu_USN_574_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.17/20/22 vulnerabilities USN-558-1 File : nvt/gb_ubuntu_USN_558_1.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0972-01 File : nvt/gb_RHSA-2008_0972-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0275-01 File : nvt/gb_RHSA-2008_0275-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0237-01 File : nvt/gb_RHSA-2008_0237-01_kernel.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0972 centos4 x86_64 File : nvt/gb_CESA-2008_0972_kernel_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0972 centos4 i386 File : nvt/gb_CESA-2008_0972_kernel_centos4_i386.nasl |
2009-02-17 | Name : Fedora Update for kernel FEDORA-2008-4043 File : nvt/gb_fedora_2008_4043_kernel_fc7.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:030 File : nvt/gb_suse_2008_030.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:031 File : nvt/gb_suse_2008_031.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:032 File : nvt/gb_suse_2008_032.nasl |
2008-09-04 | Name : Debian Security Advisory DSA 1630-1 (linux-2.6) File : nvt/deb_1630_1.nasl |
2008-06-11 | Name : Debian Security Advisory DSA 1588-2 (linux-2.6) File : nvt/deb_1588_2.nasl |
2008-06-11 | Name : Debian Security Advisory DSA 1588-1 (linux-2.6) File : nvt/deb_1588_1.nasl |
2008-03-11 | Name : Debian Security Advisory DSA 1503-2 (kernel-source-2.4.27 (2.4.27-10sarge7)) File : nvt/deb_1503_2.nasl |
2008-02-28 | Name : Debian Security Advisory DSA 1504-1 (kernel-source-2.6.8 (2.6.8-17sarge1)) File : nvt/deb_1504_1.nasl |
2008-02-28 | Name : Debian Security Advisory DSA 1503-1 (kernel-source-2.4.27 (2.4.27-10sarge6)) File : nvt/deb_1503_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1381-1 (linux-2.6) File : nvt/deb_1381_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1381-2 (linux-2.6) File : nvt/deb_1381_2.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
44992 | Linux Kernel on AMD64 Unspecified ptrace Calls Local DoS |
44930 | Linux Kernel IPsec Implementation Malformed Fragmented ESP Packet Remote DoS |
44688 | Linux Kernel on 64-bit hrtimer_forward Function (hrtimer.c) Timer Expiration ... |
39233 | Linux Kernel Philips USB Webcam (pwc) Driver Disconnect Method Local DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2008-2005.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0275.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0237.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081119_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080507_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5477.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5370.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0275.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0237.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5473.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-167.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-105.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
2008-08-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1630.nasl - Type : ACT_GATHER_INFO |
2008-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-625-1.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5375.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5336.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5339.nasl - Type : ACT_GATHER_INFO |
2008-05-28 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1588.nasl - Type : ACT_GATHER_INFO |
2008-05-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0275.nasl - Type : ACT_GATHER_INFO |
2008-05-20 | Name : The remote Fedora host is missing a security update. File : fedora_2008-4043.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0237.nasl - Type : ACT_GATHER_INFO |
2008-02-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1503.nasl - Type : ACT_GATHER_INFO |
2008-02-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1504.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-578-1.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-574-1.nasl - Type : ACT_GATHER_INFO |
2007-12-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-558-1.nasl - Type : ACT_GATHER_INFO |
2007-10-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1381.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:38 |
|