Executive Summary
Summary | |
---|---|
Title | Updated kernel packages available for Red Hat Enterprise Linux 3 Update 6 |
Informations | |||
---|---|---|---|
Name | RHSA-2005:663 | First vendor Publication | 2005-09-28 |
Vendor | RedHat | Last vendor Modification | 2005-09-28 |
Severity (Vendor) | N/A | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.4 | Attack Range | Network |
Cvss Impact Score | 4.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the sixth regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. This is the sixth regular kernel update to Red Hat Enterprise Linux 3. New features introduced by this update include: - diskdump support on HP Smart Array devices There were many bug fixes in various parts of the kernel. The ongoing effort to resolve these problems has resulted in a marked improvement in the reliability and scalability of Red Hat Enterprise Linux 3. There were numerous driver updates and security fixes (elaborated below). Other key areas affected by fixes in this update include kswapd, inode handling, the SATA subsystem, diskdump handling, ptrace() syscall support, and signal handling. The following device drivers have been upgraded to new versions: 3w-9xxx ---- 2.24.03.008RH The following security bugs were fixed in this update: - a flaw in syscall argument checking on Itanium systems that allowed - a flaw in stack expansion that allowed a local user of mlockall() - a small memory leak in network packet defragmenting that allowed a - flaws in ptrace() syscall handling on AMD64 and Intel EM64T systems - flaws in ISO-9660 file system handling that allowed the mounting of - a flaw in ptrace() syscall handling on Itanium systems that allowed - a flaw in the alternate stack switching on AMD64 and Intel EM64T - race conditions in the ia32-compat support for exec() syscalls on - flaws in IPSEC network handling that allowed a local user to cause - a flaw in sendmsg() syscall handling on 64-bit systems that allowed - flaws in unsupported modules that allowed denial-of-service attacks - potential leaks of kernel data from jfs and ext2 file system handling Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed. All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure that all previously released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 79086 - Request for enhancement for callback function 98542 - iostat -x shows infeasible avgqu-sz results and max util 99502 - LTC3549 - ps wchan broken 116037 - Existence of race condition in Linux SD driver that leads to a deadlock 116317 - symbolic links have invalid permissions 116900 - RHEL3_U4 Data corruption in spite of using O_SYNC 119451 - System can hang while running multiple instances of fdisk 121041 - CAN-2004-0181 jfs infoleak 122982 - microcode_ctl errors with modprobe: Can't locate module char-major-10-184 123331 - LUN i not getting registered 128428 - Opteron gettimeofday granularity problem 128788 - RHEL3 U6: Diskdump support for Compaq Smart Array Controllers (cciss) 128907 - iostat -x 1 5 give bogus statistics... 129853 - RHEL3 U4: need netdump to work with the bonding driver 131029 - gart errors when using 2.4.21-15.0.3.EL.smp or -9.0.1 on AMD64 quad system 131136 - [Patch] Simultaneous calls to open() on a usb device hangs the kernel 131886 - __put_task_struct unresolved when loading externally compiled module 132754 - char-major-10-184 microcode error with kernel 2.4.21-15.ELhugemem 134579 - bogus data in /proc/partitions for IDE whole-disk device 137788 - Extraneous data in option name for scsi_mod 138192 - gart errors when using 2.4.21-20.EL on HP DL585 138534 - CAN-2004-1056 insufficient locking checks in DRM code 139033 - RHEL3 U5: netdump does not work over bonded interfaces 139113 - System hangs for 15-45 seconds on RHEL3 / kernel 2.4.21-20.EL 140849 - "fdisk -l" broken when over 26 EMC Powerpath disks 142263 - Only 16 EMC powerpath LUNs usable with LVM1 142532 - error unmounting /var filesystem while shutdown 142586 - Potential kernel DOS 142856 - 'ghosted' autofs shares disappear 142960 - Unable to umount /var during shutdown process when connected with ssh 143823 - [PATCH] Stale POSIX flock 144524 - CAN-2005-0179 RLIMIT_MEMLOCK bypass and (2.6) unprivileged user DoS 144781 - Kernel panic in shutdown path when iSCSI LUNs are mounted 145476 - netdump client/server problems 145551 - Use of bonding driver in mode 5 can cause multicast packet loss 145950 - high loads / high iowait / up 100% cpu time for kscand on oracle box 146080 - CAN-2005-0124 Coverity: coda fs flaw 146105 - CAN-2005-0504 moxa CAP_SYS_RAWIO missing (-unsupported) 146460 - Need openIPMI driver to work with IBM's x336 BMC [PATCH] 147823 - FEAT: RHEL3 U6: Enable dual-core processors from Intel 148862 - CAN-2005-0136 ptrace corner cases on ia64 149011 - Oracle 8 import of Oracle 9 database can lock system. 149405 - LTC13257-LTPstress sigaction01 Testcase Ends up Segmentation Fault [PATCH] 149636 - Kernel panic (EIP is at find_inode) 149691 - No data avaliable for eth card 149965 - panic at ia64_leave_kernel [kernel] 0x1 (2.4.21-27.EL) 150019 - Don't oom kill TASK_UNINTERRUPTIBLE processes 150130 - e1000 has memory leak when run continuously getting new dhcp leases. 150209 - Over time, autofs leaks kernel memory in the size-256 slab 151054 - kernel panic when bringing up and down multiple interfaces simultaneously 151488 - sk98lin driver drops udp packets 151920 - 8GB SMP servers appear to hang in VM subsystem under stress 152400 - CAN-2005-0400 ext2 mkdir() directory entry random kernel memory leak 152406 - CAN-2005-0815 isofs range checking flaws 153775 - [RHEL3-U6][Diskdump] Backtrace of OS_INIT doesn't work 154245 - RHEL3 U4 - kswapd/rpciod deadlock 154678 - [Texas Instruments] nfs bindresvport: Address already in use 154797 - [RHEL3 U6] diskdump fails with block_order=8 154925 - [RHEL3 U6] Diskdump fails if module parameter 'block_order' has too big value 155244 - Kernel Panics on kernel 2.4.21-27 155259 - [LSI Logic] Feature RHEL: Add mpt fusion SAS support, and new PCI IDs 155289 - [RHEL 3 U6]inode_lock deadlock/race? 155365 - 20041216 ROSE ndigis verification 155473 - ext3 data corruption under Samba share 155978 - CAN-2005-1762 x86_64 sysret exception leads to DoS 156142 - kernel may oops if more than 4k worth of string data returned in /proc/devices 156364 - [RHEL3] IPv6 Neighbor Cache : RHEL 3.0 does not update the IsRouter flag in the cache entry and improperly remove router from the Default Router List. 156608 - [RHEL3 U4] The system clock gains much time when netconle is activated. 156644 - CRM 479318 Unexpected IO-APIC on Opteron system 156831 - sd _mod doesn't handle removable drives (USB floppy) well 156923 - PPC64 not setting backchain in signal frames 156985 - FEAT: RHEL3 U6: cciss driver updates (STOPSHIP) 156989 - FEAT: RH EL 3 U6: diskdump driver 156991 - RHEL3 U6: Add 'ht' flag in EM64T /proc/cpuinfo [PATCH] 156993 - FEAT: RHEL3 U6: Add ICH4L support to kernel (MEDIUM) 156994 - 529692 - /proc/stat documentation is out of date. 156998 - RHEL 3 U6: Use of Performance Monitoring Counters based on Model number (x86-64) 157075 - When an AX100i SP reboot occurs, the Cisco iSCSI driver doesnt log back into array. 157434 - FEAT RHEL3 U6: Need e1000 driver Update to v.6.0.54 or higher (MUSTFIX) 157439 - LTC14642-NetDump is too slow to dump...[PATCH] 157446 - [RFE] [RHEL3 U6]Update 3w-9xxx driver 157571 - [CRM 511714] bonding and arp ping failure detection 157669 - attempt to access beyond end of device: ext2 symlink/EA problem 157846 - Potential kernel panic with stale POSIX locks 157849 - IPVS panic at ip_vs_conn_flush() when unloading ip_vs module 158358 - Updated Qlogic driver is requested in RHEL 3 U6 158456 - Update Emulex driver in RHEL 3 U6 158457 - Long tape commands (e.g. erase) timeout on dpt_i2o. 158459 - RHEL 3 configures non-existent SCSI target devices 158581 - FEAT RHEL3U6: new devices supported by tg3 (STOPSHIP) 158724 - CAN-2005-0210 dst leak 158814 - FEAT: [RHEL3 U6] add PCI_VENDOR_ID_NEC to megaraid subsysvid 158817 - Adding 3pardata to the scsi device whitelist 158877 - [RHEL3 U4] setsockopt SO_RCVTIMEO call fails from a 32 bit binary running on a x86_64 system 158880 - [Patch] RHEL3 U6: lower severity of blk: queue xxxx printks (~MF) 159045 - CAN-2005-1767 x86_64 crashes from context switches on stk-seg-fault stack 159300 - FEAT: RHEL3 U6: Update e100 driver to later than v.3.4.1 159330 - x86_64 kernel stops allocating memory too early when overcommit_memory set to strict 159420 - RHEL3 U6: ESB2 support (PATA, SATA, USB, SMBUS, LPC, Audio and AHCI) 159790 - ptrace changes to registers during ia32 syscall tracing stop are lost 159814 - x86-64 PTRACE_SETOPTIONS does not support most option flags 159823 - CAN-2005-1761 local user can use ptrace to crash system 159915 - CAN-2005-1762 x86_64 crash (ptrace-canonical) 159917 - CAN-2005-0756 x86_64 crash (ptrace-check-segment) 159938 - Diskdump disk controllers support 159979 - Fix dangling pointer in acpi_pci_root_add() 159989 - [RHEL3][PATCH] suppress medum-not-present messages from idefloppy 159991 - [taroon patch] fix for indefinite postponement under __alloc_pages() 159992 - Add docs detailing which drivers support netconsole 159993 - CAN-2005-2553 x86_64 fix for 32-bit ptrace find_target() oops 160093 - [RHEL3][PATCH] suppress medum-not-present messages from idefloppy 160199 - CAN-2005-1768 64bit execve() race leads to buffer overflow 160392 - Memory Leak in autofs 160400 - The AHCI driver was incorrectly resetting the hardware on error 160495 - RHEL 3 U5 code base contains duplicate USB ESSENTIAL_REALITY 160664 - cable link state ignored on ethernet card (b44). 160752 - accounting of SETITIMER_PROF inaccurate 160799 - Kernel panic: pci_map_single: high address but no IOMMU. 160820 - nVidia driver requires upstream page_attr patch 161097 - CRM 565876: samba-3.0.8pre1-smbmnt.patch to fix smbmount UID wraparound bug for RHEL3 Samba packages 161238 - superbh function causing a server to crash when Veritas Volume Manager Modules for VxVM 4.0 are loaded. 161657 - iscsi_sfnet driver does not calculate ConnFailTimeout correctly when greater than 15 secs 161957 - CRM: 507606 / short freezes on Informix server 161986 - RHEL3 U5 panic in kmem_cache_grow 162103 - add SGI scsi devices to list in scsi_scan.c 162603 - dpt_i2o driver oopses on insmod in U5 163152 - Initiator does not retry login on target error when PortalFailover is disabled 164074 - Placeholder for 2.4.x SATA update 20050723-1 164185 - rpm install of -33.EL on ia64 gets unresolved pm_power_off symbol 164226 - User-mode program run on IA64 AS 3.0 causes system to crash due to invalid stack pointer 164819 - [RHEL3U6] diskdump - scsi dump fails with module CRC error 165467 - [RHEL3 U6] Fix to update openipmi drivers for Dell 8G server line (MUSTFIX) 165565 - CAN-2005-2456 IPSEC overflow 165739 - LTC14996-IPMI driver is broken on multiple platforms 165841 - [RHEL3U6] diskdump fails with machine check error on x86_64 165850 - Disable FAN processing in Emulex lpfc driver 165866 - Add Invista to RHEL 3 SCSI Whitelist 165993 - NFS deadlock when multiple processes creating/deleting a file 166066 - IBM TapeLibrary 3583 166132 - CAN-2005-2555 IPSEC lacks restrictions 166172 - Kernel crash on 2.4.21-34 base due to kiobuf_init() setting the initialized state when expand_kiobuf() was not called. 166329 - CAN-2005-2490 sendmsg compat stack overflow 167047 - cciss, add pci id for P400 167222 - [BETA RHEL3 U6] kernel panic while booting numa=off on x86_64 167265 - drivers/addon/lpfc/lpfcdfc/Makefile change causing intermittent build failures 167369 - [RHEL3] cosmetic change to IPMI drivers to update version revision number |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-663.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
25 % | CWE-399 | Resource Management Errors |
25 % | CWE-264 | Permissions, Privileges, and Access Controls |
12 % | CWE-667 | Insufficient Locking |
12 % | CWE-476 | NULL Pointer Dereference |
12 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
12 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10275 | |||
Oval ID: | oval:org.mitre.oval:def:10275 | ||
Title: | The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. | ||
Description: | Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a denial of service (memory consumption) via certain packet fragments that are reassembled twice, which causes a data structure to be allocated twice. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0210 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10329 | |||
Oval ID: | oval:org.mitre.oval:def:10329 | ||
Title: | The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device. | ||
Description: | The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0181 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10336 | |||
Oval ID: | oval:org.mitre.oval:def:10336 | ||
Title: | The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. | ||
Description: | The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0400 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10444 | |||
Oval ID: | oval:org.mitre.oval:def:10444 | ||
Title: | Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c. | ||
Description: | Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2555 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10481 | |||
Oval ID: | oval:org.mitre.oval:def:10481 | ||
Title: | Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users execute arbitrary code by calling sendmsg and modifying the message contents in another thread. | ||
Description: | Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users execute arbitrary code by calling sendmsg and modifying the message contents in another thread. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2490 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10630 | |||
Oval ID: | oval:org.mitre.oval:def:10630 | ||
Title: | The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address. | ||
Description: | The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1762 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10858 | |||
Oval ID: | oval:org.mitre.oval:def:10858 | ||
Title: | Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p-dir value that is larger than XFRM_POLICY_OUT, which is used as an index in the sock-sk_policy array. | ||
Description: | Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, which is used as an index in the sock->sk_policy array. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2456 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11101 | |||
Oval ID: | oval:org.mitre.oval:def:11101 | ||
Title: | traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception). | ||
Description: | traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1767 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11117 | |||
Oval ID: | oval:org.mitre.oval:def:11117 | ||
Title: | Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow. | ||
Description: | Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1768 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11628 | |||
Oval ID: | oval:org.mitre.oval:def:11628 | ||
Title: | The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. | ||
Description: | The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0136 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11690 | |||
Oval ID: | oval:org.mitre.oval:def:11690 | ||
Title: | The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trigger a buffer overflow. | ||
Description: | The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trigger a buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0124 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11723 | |||
Oval ID: | oval:org.mitre.oval:def:11723 | ||
Title: | Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired. | ||
Description: | Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-3274 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9307 | |||
Oval ID: | oval:org.mitre.oval:def:9307 | ||
Title: | Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem. | ||
Description: | Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0815 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9552 | |||
Oval ID: | oval:org.mitre.oval:def:9552 | ||
Title: | The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats. | ||
Description: | The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-3273 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9647 | |||
Oval ID: | oval:org.mitre.oval:def:9647 | ||
Title: | The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace program with the -i option on a 64-bit executable program. | ||
Description: | The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace program with the -i option on a 64-bit executable program. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2553 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9795 | |||
Oval ID: | oval:org.mitre.oval:def:9795 | ||
Title: | Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output. | ||
Description: | Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1056 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for kernel File : nvt/sles9p5009598.nasl |
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5011171.nasl |
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5012519.nasl |
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5015723.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-508-1 File : nvt/gb_ubuntu_USN_508_1.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0237-01 File : nvt/gb_RHSA-2008_0237-01_kernel.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200407-02 (Kernel) File : nvt/glsa_200407_02.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1017-1 (kernel-source-2.6.8) File : nvt/deb_1017_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1018-1 (kernel-source-2.4.27) File : nvt/deb_1018_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1018-2 (kernel-source-2.4.27) File : nvt/deb_1018_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1067-1 (kernel 2.4.16) File : nvt/deb_1067_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-... File : nvt/deb_1070_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1082-1 (kernel-2.4.17) File : nvt/deb_1082_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 921-1 (kernel-source-2.4.27) File : nvt/deb_921_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 922-1 (kernel-source-2.4.27) File : nvt/deb_922_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
21280 | Linux Kernel on SMP ip_vs_conn_flush Function Race Condition DoS |
19260 | Linux Kernel sendmsg() 32bit msg_control Copy Overflow |
18978 | Linux Kernel CAP_NET_ADMIN Socket Policy Bypass |
18807 | Linux Kernel ptrace32.c ltrace find_task_by_pid Function Local DoS |
18702 | SuSE Linux Kernel Unspecified Stack Fault Exception Local DoS Linux contains a flaw related to the kernel that may allow an attacker to cause a stack fault exception, resulting in a local denial of service. No further details have been provided. |
18555 | Linux Kernel xfrm Array Indexing Overflow |
17803 | Linux Kernel IA32 Compatibility execve() Function Local Overflow |
17693 | Linux Kernel on AMD64 ptrace() Non-canonical Address Call Local DoS |
17479 | Linux Kernel ptrace / restore_sigcontext ar.rsc Access Issue |
17235 | Linux Kernel on Itanium Unspecified Auditing Code Local DoS |
17233 | Linux Kernel on AMD64 ptrace() Invalid Segment Base Local DoS |
15115 | Linux Kernel ext2 Directory Creation Arbitrary Memory Disclosure The Linux kernel EXT2 filesystem contains a flaw that may lead to an unauthorized information disclosure. The problem is that the 'ext2_make_empty()' function does not properly clear filesystem contents when creating a directory and the block written to store the '.' and '..' directory entries remains uninitialized. Up to 4,072 bytes of kernel memory may be leaked on each directory creation, which may allow a malicious user to disclose sensitive kernel memory contents resulting in a loss of confidentiality. |
14966 | Linux Kernel Netfilter Memory Leak DoS |
14866 | Linux Kernel Malformed ISO9660 File System Command Execution |
14864 | Linux Kernel ROSE rose_rt_ioctl Function ndigis Argument Error |
13533 | Linux Kernel coda_pioctl Function Negative Value Overflow |
12838 | Linux Kernel mlockall() RLIMIT_MEMLOCK Bypass The Linux kernel contains a flaw related to the mlockall() function that may allow an attacker to bypass unspecified system restrictions. No further details have been provided. |
12837 | Linux Kernel MOXA Serial Driver Overflow A local overflow exists in the Linux kernel. The MoxaDriverIoctl() function fails to validate user-supplied data resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
12561 | Linux Kernel Direct Rendering Manager (DRM) X Server DoS |
5398 | Linux Kernel JFS File System Information Leak The Linux kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the kernel does not properly initialize the journal descriptor blocks, which will disclose information stored in kernel memory to the JFS file system device, resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0237.nasl - Type : ACT_GATHER_INFO |
2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-219-1.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080507_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0237.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0237.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-508-1.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1067.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1069.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1070.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1082.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-921.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-922.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1018.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1017.nasl - Type : ACT_GATHER_INFO |
2006-07-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0579.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-420.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-514.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-366.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-663.nasl - Type : ACT_GATHER_INFO |
2006-02-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0191.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-187-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-178-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-169-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-143-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-137-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-103-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-38-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-95-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-235.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-219.nasl - Type : ACT_GATHER_INFO |
2005-10-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-514.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-905.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-906.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-663.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_050.nasl - Type : ACT_GATHER_INFO |
2005-09-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-821.nasl - Type : ACT_GATHER_INFO |
2005-09-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-820.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-313.nasl - Type : ACT_GATHER_INFO |
2005-08-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-529.nasl - Type : ACT_GATHER_INFO |
2005-08-04 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_044.nasl - Type : ACT_GATHER_INFO |
2005-07-05 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-510.nasl - Type : ACT_GATHER_INFO |
2005-07-01 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-110.nasl - Type : ACT_GATHER_INFO |
2005-07-01 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-111.nasl - Type : ACT_GATHER_INFO |
2005-06-10 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_029.nasl - Type : ACT_GATHER_INFO |
2005-06-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-420.nasl - Type : ACT_GATHER_INFO |
2005-05-19 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-262.nasl - Type : ACT_GATHER_INFO |
2005-04-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-366.nasl - Type : ACT_GATHER_INFO |
2005-03-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_018.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-092.nasl - Type : ACT_GATHER_INFO |
2004-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200407-02.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-029.nasl - Type : ACT_GATHER_INFO |
2004-07-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2004_009.nasl - Type : ACT_GATHER_INFO |
2004-07-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-111.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:49:34 |
|