Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Red Hat Enterprise Linux 6 kernel security, bug fix and enhancement update
Informations
Name RHSA-2012:0862 First vendor Publication 2012-06-20
Vendor RedHat Last vendor Modification 2012-06-20
Severity (Vendor) Moderate Revision 04

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 4.9 Attack Range Local
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated kernel packages that fix two security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2012-0862.html

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
50 % CWE-189 Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:21343
 
Oval ID: oval:org.mitre.oval:def:21343
Title: RHSA-2012:0150: Red Hat Enterprise Linux 5.8 kernel update (Moderate)
Description: The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.
Family: unix Class: patch
Reference(s): RHSA-2012:0150-03
CVE-2011-1083
 Version: 4
Platform(s): Red Hat Enterprise Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21454
 
Oval ID: oval:org.mitre.oval:def:21454
Title: RHSA-2012:0862: Red Hat Enterprise Linux 6 kernel security, bug fix and enhancement update (Moderate)
Description: The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.
Family: unix Class: patch
Reference(s): RHSA-2012:0862-04
CESA-2012:0862
CVE-2011-1083
CVE-2011-4131
 Version: 29
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22915
 
Oval ID: oval:org.mitre.oval:def:22915
Title: ELSA-2012:0150: Oracle Linux 5.x.8 kernel update (Moderate)
Description: The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.
Family: unix Class: patch
Reference(s): ELSA-2012:0150-03
CVE-2011-1083
 Version: 6
Platform(s): Oracle Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23707
 
Oval ID: oval:org.mitre.oval:def:23707
Title: ELSA-2012:0862: Red Hat Enterprise Linux 6 kernel security, bug fix and enhancement update (Moderate)
Description: The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.
Family: unix Class: patch
Reference(s): ELSA-2012:0862-04
CVE-2011-1083
CVE-2011-4131
 Version: 13
Platform(s): Oracle Linux 6
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27614
 
Oval ID: oval:org.mitre.oval:def:27614
Title: DEPRECATED: ELSA-2012-0862 -- Oracle Linux 6 kernel security, bug fix and enhancement update (moderate)
Description: [2.6.32-279.el6] - [netdrv] mlx4: ignore old module parameters (Jay Fenlason) [830553] [2.6.32-278.el6] - [kernel] sysctl: silence warning about missing strategy for file-max at boot time (Jeff Layton) [803431] - [net] sunrpc: make new tcp_max_slot_table_entries sysctl use CTL_UNNUMBERED (Jeff Layton) [803431] - [drm] i915: set AUD_CONFIG N_value_index for DisplayPort (Dave Airlie) [747890] - [scsi] scsi_lib: fix scsi_io_completions SG_IO error propagation (Mike Snitzer) [827163] - [fs] nfs: Fix corrupt read data after short READ from server (Sachin Prabhu) [817738]
Family: unix Class: patch
Reference(s): ELSA-2012-0862
CVE-2011-1083
CVE-2011-4131
 Version: 4
Platform(s): Oracle Linux 6
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27798
 
Oval ID: oval:org.mitre.oval:def:27798
Title: DEPRECATED: ELSA-2012-0150 -- Oracle Linux 5.8 kernel security and bug update (moderate)
Description: kernel [2.6.18-308.el5] - [scsi] lpfc: Update lpfc version for 8.2.0.108.4p driver release (Rob Evers) [784073] - [scsi] lpfc: Fix FCP EQ memory check init w/single int vector (Rob Evers) [784073]
Family: unix Class: patch
Reference(s): ELSA-2012-0150
CVE-2011-1083
 Version: 4
Platform(s): Oracle Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27877
 
Oval ID: oval:org.mitre.oval:def:27877
Title: ELSA-2012-0150-1 -- Oracle Linux 5.8 kernel security and bug update (moderate)
Description: A flaw was found in the way the Linux kernel's Event Poll (epoll) subsystem handled large, nested epoll structures. A local, unprivileged user could use this flaw to cause a denial of service.
Family: unix Class: patch
Reference(s): ELSA-2012-0150-1
CVE-2011-1083
 Version: 5
Platform(s): Oracle Linux 5
 Product(s): kernel
ocfs2
oracleasm
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 1369
Os 1
Os 1
Os 1
Os 2
Os 4

OpenVAS Exploits

Date Description
2012-12-26 Name : CentOS Update for kernel CESA-2012:1580 centos6
File : nvt/gb_CESA-2012_1580_kernel_centos6.nasl
2012-12-26 Name : RedHat Update for kernel RHSA-2012:1580-01
File : nvt/gb_RHSA-2012_1580-01_kernel.nasl
2012-12-18 Name : Fedora Update for kernel FEDORA-2012-20240
File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl
2012-12-04 Name : Fedora Update for kernel FEDORA-2012-19337
File : nvt/gb_fedora_2012_19337_kernel_fc17.nasl
2012-11-29 Name : Fedora Update for kernel FEDORA-2012-18691
File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl
2012-11-23 Name : Fedora Update for kernel FEDORA-2012-18684
File : nvt/gb_fedora_2012_18684_kernel_fc17.nasl
2012-11-06 Name : Fedora Update for kernel FEDORA-2012-17479
File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl
2012-11-06 Name : Fedora Update for kernel FEDORA-2012-17462
File : nvt/gb_fedora_2012_17462_kernel_fc17.nasl
2012-10-29 Name : Fedora Update for kernel FEDORA-2012-16669
File : nvt/gb_fedora_2012_16669_kernel_fc17.nasl
2012-09-04 Name : Fedora Update for kernel FEDORA-2012-12684
File : nvt/gb_fedora_2012_12684_kernel_fc16.nasl
2012-08-30 Name : Fedora Update for kernel FEDORA-2012-8824
File : nvt/gb_fedora_2012_8824_kernel_fc17.nasl
2012-08-30 Name : Fedora Update for kernel FEDORA-2012-8314
File : nvt/gb_fedora_2012_8314_kernel_fc17.nasl
2012-08-30 Name : Fedora Update for kernel FEDORA-2012-12490
File : nvt/gb_fedora_2012_12490_kernel_fc17.nasl
2012-08-14 Name : Ubuntu Update for linux-ti-omap4 USN-1530-1
File : nvt/gb_ubuntu_USN_1530_1.nasl
2012-08-06 Name : Fedora Update for kernel FEDORA-2012-11348
File : nvt/gb_fedora_2012_11348_kernel_fc16.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2012:0862 centos6
File : nvt/gb_CESA-2012_0862_kernel_centos6.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2012:1061 centos5
File : nvt/gb_CESA-2012_1061_kernel_centos5.nasl
2012-07-16 Name : RedHat Update for kernel RHSA-2012:1061-01
File : nvt/gb_RHSA-2012_1061-01_kernel.nasl
2012-06-25 Name : Fedora Update for kernel FEDORA-2012-8931
File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl
2012-06-22 Name : RedHat Update for Red Hat Enterprise Linux 6 kernel RHSA-2012:0862-04
File : nvt/gb_RHSA-2012_0862-04_Red_Hat_Enterprise_Linux_6_kernel.nasl
2012-06-19 Name : Ubuntu Update for linux-ti-omap4 USN-1476-1
File : nvt/gb_ubuntu_USN_1476_1.nasl
2012-06-15 Name : Fedora Update for kernel FEDORA-2012-8890
File : nvt/gb_fedora_2012_8890_kernel_fc16.nasl
2012-06-15 Name : Ubuntu Update for linux-lts-backport-natty USN-1470-1
File : nvt/gb_ubuntu_USN_1470_1.nasl
2012-06-15 Name : Ubuntu Update for linux-lts-backport-oneiric USN-1471-1
File : nvt/gb_ubuntu_USN_1471_1.nasl
2012-06-15 Name : Ubuntu Update for linux USN-1472-1
File : nvt/gb_ubuntu_USN_1472_1.nasl
2012-06-01 Name : Ubuntu Update for linux USN-1457-1
File : nvt/gb_ubuntu_USN_1457_1.nasl
2012-05-17 Name : Fedora Update for kernel FEDORA-2012-7594
File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl
2012-05-14 Name : Fedora Update for kernel FEDORA-2012-7538
File : nvt/gb_fedora_2012_7538_kernel_fc16.nasl
2012-04-26 Name : Fedora Update for kernel FEDORA-2012-6406
File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl
2012-04-02 Name : Fedora Update for kernel FEDORA-2012-0480
File : nvt/gb_fedora_2012_0480_kernel_fc16.nasl
2012-04-02 Name : Fedora Update for kernel FEDORA-2012-3712
File : nvt/gb_fedora_2012_3712_kernel_fc16.nasl
2012-04-02 Name : Fedora Update for kernel FEDORA-2012-3030
File : nvt/gb_fedora_2012_3030_kernel_fc16.nasl
2012-04-02 Name : Fedora Update for kernel FEDORA-2012-0363
File : nvt/gb_fedora_2012_0363_kernel_fc16.nasl
2012-04-02 Name : Fedora Update for kernel FEDORA-2012-0876
File : nvt/gb_fedora_2012_0876_kernel_fc16.nasl
2012-04-02 Name : Fedora Update for kernel FEDORA-2012-0145
File : nvt/gb_fedora_2012_0145_kernel_fc16.nasl
2012-04-02 Name : Fedora Update for kernel FEDORA-2011-17381
File : nvt/gb_fedora_2011_17381_kernel_fc16.nasl
2012-04-02 Name : Fedora Update for kernel FEDORA-2011-15959
File : nvt/gb_fedora_2011_15959_kernel_fc16.nasl
2012-04-02 Name : Fedora Update for kernel FEDORA-2011-16237
File : nvt/gb_fedora_2011_16237_kernel_fc16.nasl
2012-03-29 Name : Fedora Update for kernel FEDORA-2012-3715
File : nvt/gb_fedora_2012_3715_kernel_fc15.nasl
2012-03-22 Name : Fedora Update for kernel FEDORA-2012-4410
File : nvt/gb_fedora_2012_4410_kernel_fc16.nasl
2012-03-19 Name : Fedora Update for kernel FEDORA-2012-3350
File : nvt/gb_fedora_2012_3350_kernel_fc16.nasl
2012-03-19 Name : Fedora Update for kernel FEDORA-2012-1497
File : nvt/gb_fedora_2012_1497_kernel_fc16.nasl
2012-03-16 Name : Fedora Update for kernel FEDORA-2012-3356
File : nvt/gb_fedora_2012_3356_kernel_fc15.nasl
2012-03-07 Name : Fedora Update for kernel FEDORA-2012-2753
File : nvt/gb_fedora_2012_2753_kernel_fc15.nasl
2012-02-13 Name : Fedora Update for kernel FEDORA-2012-1503
File : nvt/gb_fedora_2012_1503_kernel_fc15.nasl
2012-01-25 Name : Fedora Update for kernel FEDORA-2012-0861
File : nvt/gb_fedora_2012_0861_kernel_fc15.nasl
2012-01-16 Name : Fedora Update for kernel FEDORA-2012-0492
File : nvt/gb_fedora_2012_0492_kernel_fc15.nasl
2011-12-12 Name : Fedora Update for kernel FEDORA-2011-16621
File : nvt/gb_fedora_2011_16621_kernel_fc15.nasl
2011-12-02 Name : Fedora Update for kernel FEDORA-2011-16346
File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl
2011-11-18 Name : Fedora Update for kernel FEDORA-2011-15856
File : nvt/gb_fedora_2011_15856_kernel_fc15.nasl
2011-11-08 Name : Fedora Update for kernel FEDORA-2011-15241
File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl
2011-07-18 Name : Ubuntu Update for linux USN-1167-1
File : nvt/gb_ubuntu_USN_1167_1.nasl
2011-07-08 Name : Ubuntu Update for linux USN-1160-1
File : nvt/gb_ubuntu_USN_1160_1.nasl
2011-06-06 Name : Ubuntu Update for linux USN-1141-1
File : nvt/gb_ubuntu_USN_1141_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
77100 Linux Kernel ACL Attribute Request NFSv4 Response Parsing Local DoS
71265 Linux Kernel epoll Nested Structures Local DoS

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when error within the epoll implementation occurs, allowing a local attacker to use nested epoll structures to cause a denial of service via high CPU consumption.

Nessus® Vulnerability Scanner

Date Description
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0287-1.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2012-0042.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0168.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0566.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0333.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-235.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-100.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-22.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0150.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0862.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1061-1.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1061.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1580.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-2022.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-2025.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-2026.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120620.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120621.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120428.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1129.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1541.nasl - Type : ACT_GATHER_INFO
2012-12-20 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20121218_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-12-20 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1580.nasl - Type : ACT_GATHER_INFO
2012-12-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1580.nasl - Type : ACT_GATHER_INFO
2012-08-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1530-1.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120710_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-07-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1061.nasl - Type : ACT_GATHER_INFO
2012-07-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0862.nasl - Type : ACT_GATHER_INFO
2012-07-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1061.nasl - Type : ACT_GATHER_INFO
2012-06-25 Name : The remote Fedora host is missing a security update.
File : fedora_2012-8931.nasl - Type : ACT_GATHER_INFO
2012-06-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0862.nasl - Type : ACT_GATHER_INFO
2012-06-18 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1476-1.nasl - Type : ACT_GATHER_INFO
2012-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1470-1.nasl - Type : ACT_GATHER_INFO
2012-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1471-1.nasl - Type : ACT_GATHER_INFO
2012-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1472-1.nasl - Type : ACT_GATHER_INFO
2012-06-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1457-1.nasl - Type : ACT_GATHER_INFO
2012-05-29 Name : The remote Fedora host is missing a security update.
File : fedora_2012-8359.nasl - Type : ACT_GATHER_INFO
2012-05-29 Name : The remote Fedora host is missing a security update.
File : fedora_2012-8314.nasl - Type : ACT_GATHER_INFO
2012-04-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120418.nasl - Type : ACT_GATHER_INFO
2012-02-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0150.nasl - Type : ACT_GATHER_INFO
2011-12-12 Name : The remote Fedora host is missing a security update.
File : fedora_2011-16621.nasl - Type : ACT_GATHER_INFO
2011-11-22 Name : The remote Fedora host is missing a security update.
File : fedora_2011-15959.nasl - Type : ACT_GATHER_INFO
2011-11-18 Name : The remote Fedora host is missing a security update.
File : fedora_2011-15856.nasl - Type : ACT_GATHER_INFO
2011-11-07 Name : The remote Fedora host is missing a security update.
File : fedora_2011-15241.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO
2011-06-29 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1160-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 11:56:03
  • Multiple Updates
2012-12-19 13:27:03
  • Multiple Updates