CentOS Local Security Checks : CentOS Update for kernel CESA-2009:1455 centos5 i386

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.880765

Kategorie: CentOS Local Security Checks

Titel: CentOS Update for kernel CESA-2009:1455 centos5 i386

Zusammenfassung: The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security fix:

* a NULL pointer dereference flaw was found in the Multiple Devices (md)
driver in the Linux kernel. If the 'suspend_lo' or 'suspend_hi' file on the
sysfs file system ('/sys/') is modified when the disk array is inactive, it
could lead to a local denial of service or privilege escalation. Note: By
default, only the root user can write to the files mentioned above.
(CVE-2009-2849, Moderate)

Bug fixes:

* a bug in nlm_lookup_host() could lead to un-reclaimed locks on file
systems, resulting in umount failing and NFS service relocation issues for
clusters. (BZ#517967)

* a bug in the sky2 driver prevented the phy from being reset properly on
some hardware when it hanged, preventing a link from coming back up.
(BZ#517976)

* disabling MSI-X for qla2xxx also disabled MSI interrupts. (BZ#519782)

* performance issues with reads when using the qlge driver on PowerPC
systems. A system hang could also occur during reboot. (BZ#519783)

* unreliable time keeping for Red Hat Enterprise Linux virtual machines.
The KVM pvclock code is now used to detect/correct lost ticks. (BZ#520685)

* /proc/cpuinfo was missing flags for new features in supported processors,
possibly preventing the operating system and applications from getting the
best performance. (BZ#520686)

* reading/writing with a serial loopback device on a certain IBM system did
not work unless booted with 'pnpacpi=off'. (BZ#520905)

* mlx4_core failed to load on systems with more than 32 CPUs. (BZ#520906)

* on big-endian platforms, interfaces using the mlx4_en driver and Large
Receive Offload (LRO) did not handle VLAN traffic properly (a segmentation
fault in the VLAN stack in the kernel occurred). (BZ#520908)

* due to a lock being held for a long time, some systems may have
experienced 'BUG: soft lockup' messages under very heavy load. (BZ#520919)

* incorrect APIC timer calibration may have caused a system hang during
boot, as well as the system time becoming faster or slower. A warning is
now provided. (BZ#521238)

* a Fibre Channel device re-scan via 'echo '---' > /sys/class/scsi_host/
host[x]/scan' may not complete after hot adding a drive, leading to soft
lockups ('BUG: soft lockup detected'). (BZ#521239)

* the Broadcom BCM5761 network device was unable to be initialized
properly, therefore, the associated interface could not obtain an IP
address via DHCP, ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
kernel on CentOS 5

Solution:
Please install the updated packages.

CVSS Score:
4.7

CVSS Vector:
AV:L/AC:M/Au:N/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-2849
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html
http://xorl.wordpress.com/2009/07/21/linux-kernel-md-driver-null-pointer-dereference/
http://www.openwall.com/lists/oss-security/2009/07/24/1
http://www.openwall.com/lists/oss-security/2009/07/26/1
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10396
RedHat Security Advisories: RHSA-2009:1540
https://rhn.redhat.com/errata/RHSA-2009-1540.html
http://www.securitytracker.com/id?1022961
http://secunia.com/advisories/36501
http://secunia.com/advisories/37105
http://secunia.com/advisories/38794
http://secunia.com/advisories/38834
http://www.ubuntu.com/usn/USN-852-1
http://www.vupen.com/english/advisories/2010/0528
XForce ISS Database: kernel-mddriver-dos(52858)
https://exchange.xforce.ibmcloud.com/vulnerabilities/52858

Copyright Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.880765
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for kernel CESA-2009:1455 centos5 i386
Zusammenfassung:	The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the referenced advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fix: * a NULL pointer dereference flaw was found in the Multiple Devices (md) driver in the Linux kernel. If the 'suspend_lo' or 'suspend_hi' file on the sysfs file system ('/sys/') is modified when the disk array is inactive, it could lead to a local denial of service or privilege escalation. Note: By default, only the root user can write to the files mentioned above. (CVE-2009-2849, Moderate) Bug fixes: * a bug in nlm_lookup_host() could lead to un-reclaimed locks on file systems, resulting in umount failing and NFS service relocation issues for clusters. (BZ#517967) * a bug in the sky2 driver prevented the phy from being reset properly on some hardware when it hanged, preventing a link from coming back up. (BZ#517976) * disabling MSI-X for qla2xxx also disabled MSI interrupts. (BZ#519782) * performance issues with reads when using the qlge driver on PowerPC systems. A system hang could also occur during reboot. (BZ#519783) * unreliable time keeping for Red Hat Enterprise Linux virtual machines. The KVM pvclock code is now used to detect/correct lost ticks. (BZ#520685) * /proc/cpuinfo was missing flags for new features in supported processors, possibly preventing the operating system and applications from getting the best performance. (BZ#520686) * reading/writing with a serial loopback device on a certain IBM system did not work unless booted with 'pnpacpi=off'. (BZ#520905) * mlx4_core failed to load on systems with more than 32 CPUs. (BZ#520906) * on big-endian platforms, interfaces using the mlx4_en driver and Large Receive Offload (LRO) did not handle VLAN traffic properly (a segmentation fault in the VLAN stack in the kernel occurred). (BZ#520908) * due to a lock being held for a long time, some systems may have experienced 'BUG: soft lockup' messages under very heavy load. (BZ#520919) * incorrect APIC timer calibration may have caused a system hang during boot, as well as the system time becoming faster or slower. A warning is now provided. (BZ#521238) * a Fibre Channel device re-scan via 'echo '---' > /sys/class/scsi_host/ host[x]/scan' may not complete after hot adding a drive, leading to soft lockups ('BUG: soft lockup detected'). (BZ#521239) * the Broadcom BCM5761 network device was unable to be initialized properly, therefore, the associated interface could not obtain an IP address via DHCP, ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: kernel on CentOS 5 Solution: Please install the updated packages. CVSS Score: 4.7 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2849 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html http://xorl.wordpress.com/2009/07/21/linux-kernel-md-driver-null-pointer-dereference/ http://www.openwall.com/lists/oss-security/2009/07/24/1 http://www.openwall.com/lists/oss-security/2009/07/26/1 http://lists.vmware.com/pipermail/security-announce/2010/000082.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10396 RedHat Security Advisories: RHSA-2009:1540 https://rhn.redhat.com/errata/RHSA-2009-1540.html http://www.securitytracker.com/id?1022961 http://secunia.com/advisories/36501 http://secunia.com/advisories/37105 http://secunia.com/advisories/38794 http://secunia.com/advisories/38834 http://www.ubuntu.com/usn/USN-852-1 http://www.vupen.com/english/advisories/2010/0528 XForce ISS Database: kernel-mddriver-dos(52858) https://exchange.xforce.ibmcloud.com/vulnerabilities/52858
Copyright	Copyright (C) 2011 Greenbone AG