Turbolinux Local Security Tests : Turbolinux TLSA-2004-34 (kernel)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52907

Categoría: Turbolinux Local Security Tests

Título: Turbolinux TLSA-2004-34 (kernel)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to kernel
announced via advisory TLSA-2004-34.

The kernel package contains the Linux kernel -- the core of the Linux
operating system.

The following have been addressed:
- Numerous issues in the Linux ELF binary loader
- Issues relating to IDE DMA transfers which prevent installation on
machines with SiS chipsets using the SiS 962/963 IDE controller
- Null pointer dereferencing in the SG driver
- Kernel panic in the SG module caused by successive loading/unloading
of SCSI LLD kernel modules (i.e., successive calls to insmod/rmmod)
- Race condition in the usb-ehci module
- Deadlock condition in the memory manager with certain application-level
invocations of mutex_lock
- Quirks in the snd-intel8x0 module on some HP machines
- Kernel oops on USB CD devices
- A problem causing processes to be killed with Out of Memory errors

The following have been added/updated:
- 3c59x driver
- aic7xxx driver
- aic79xx driver
- ndisdriver (0.12) driver
- Support for 82597EX_LR by ixgb
- megaraid (v2.20.4.1) driver
- ext3 and xfs filesystem bug fixes and updates

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2004-34

Risk factor : High

CVSS Score:
7.2

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-1070
BugTraq ID: 11646
http://www.securityfocus.com/bid/11646
Debian Security Information: DSA-1067 (Google Search)
http://www.debian.org/security/2006/dsa-1067
Debian Security Information: DSA-1069 (Google Search)
http://www.debian.org/security/2006/dsa-1069
Debian Security Information: DSA-1070 (Google Search)
http://www.debian.org/security/2006/dsa-1070
Debian Security Information: DSA-1082 (Google Search)
http://www.debian.org/security/2006/dsa-1082
https://bugzilla.fedora.us/show_bug.cgi?id=2336
http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9450
http://www.redhat.com/support/errata/RHSA-2004-504.html
http://www.redhat.com/support/errata/RHSA-2004-505.html
http://www.redhat.com/support/errata/RHSA-2004-549.html
http://secunia.com/advisories/19607
http://secunia.com/advisories/20162
http://secunia.com/advisories/20163
http://secunia.com/advisories/20202
http://secunia.com/advisories/20338
SGI Security Advisory: 20060402-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U
XForce ISS Database: linux-elf-setuid-gain-privileges(18025)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18025
Common Vulnerability Exposure (CVE) ID: CVE-2004-1071
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9917
http://www.redhat.com/support/errata/RHSA-2004-537.html
Common Vulnerability Exposure (CVE) ID: CVE-2004-1072
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11195
http://www.redhat.com/support/errata/RHSA-2005-275.html
Common Vulnerability Exposure (CVE) ID: CVE-2004-1073
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11503
http://www.redhat.com/support/errata/RHSA-2005-293.html
http://www.redhat.com/support/errata/RHSA-2006-0190.html
http://www.redhat.com/support/errata/RHSA-2006-0191.html
http://secunia.com/advisories/18684
Common Vulnerability Exposure (CVE) ID: CVE-2004-1074
BugTraq ID: 11754
http://www.securityfocus.com/bid/11754
Bugtraq: 20041216 [USN-39-1] Linux amd64 kernel vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=110322596918807&w=2
Conectiva Linux advisory: CLA-2005:930
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
http://marc.info/?l=linux-kernel&m=110021173607372&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9751
http://www.trustix.org/errata/2005/0001/
XForce ISS Database: linux-aout-binary-dos(18290)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18290

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52907
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2004-34 (kernel)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to kernel announced via advisory TLSA-2004-34. The kernel package contains the Linux kernel -- the core of the Linux operating system. The following have been addressed: - Numerous issues in the Linux ELF binary loader - Issues relating to IDE DMA transfers which prevent installation on machines with SiS chipsets using the SiS 962/963 IDE controller - Null pointer dereferencing in the SG driver - Kernel panic in the SG module caused by successive loading/unloading of SCSI LLD kernel modules (i.e., successive calls to insmod/rmmod) - Race condition in the usb-ehci module - Deadlock condition in the memory manager with certain application-level invocations of mutex_lock - Quirks in the snd-intel8x0 module on some HP machines - Kernel oops on USB CD devices - A problem causing processes to be killed with Out of Memory errors The following have been added/updated: - 3c59x driver - aic7xxx driver - aic79xx driver - ndisdriver (0.12) driver - Support for 82597EX_LR by ixgb - megaraid (v2.20.4.1) driver - ext3 and xfs filesystem bug fixes and updates Solution: Please use the turbopkg (zabom) tool to apply the update. https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2004-34 Risk factor : High CVSS Score: 7.2
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1070 BugTraq ID: 11646 http://www.securityfocus.com/bid/11646 Debian Security Information: DSA-1067 (Google Search) http://www.debian.org/security/2006/dsa-1067 Debian Security Information: DSA-1069 (Google Search) http://www.debian.org/security/2006/dsa-1069 Debian Security Information: DSA-1070 (Google Search) http://www.debian.org/security/2006/dsa-1070 Debian Security Information: DSA-1082 (Google Search) http://www.debian.org/security/2006/dsa-1082 https://bugzilla.fedora.us/show_bug.cgi?id=2336 http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9450 http://www.redhat.com/support/errata/RHSA-2004-504.html http://www.redhat.com/support/errata/RHSA-2004-505.html http://www.redhat.com/support/errata/RHSA-2004-549.html http://secunia.com/advisories/19607 http://secunia.com/advisories/20162 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 SGI Security Advisory: 20060402-01-U ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U XForce ISS Database: linux-elf-setuid-gain-privileges(18025) https://exchange.xforce.ibmcloud.com/vulnerabilities/18025 Common Vulnerability Exposure (CVE) ID: CVE-2004-1071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9917 http://www.redhat.com/support/errata/RHSA-2004-537.html Common Vulnerability Exposure (CVE) ID: CVE-2004-1072 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11195 http://www.redhat.com/support/errata/RHSA-2005-275.html Common Vulnerability Exposure (CVE) ID: CVE-2004-1073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11503 http://www.redhat.com/support/errata/RHSA-2005-293.html http://www.redhat.com/support/errata/RHSA-2006-0190.html http://www.redhat.com/support/errata/RHSA-2006-0191.html http://secunia.com/advisories/18684 Common Vulnerability Exposure (CVE) ID: CVE-2004-1074 BugTraq ID: 11754 http://www.securityfocus.com/bid/11754 Bugtraq: 20041216 [USN-39-1] Linux amd64 kernel vulnerability (Google Search) http://marc.info/?l=bugtraq&m=110322596918807&w=2 Conectiva Linux advisory: CLA-2005:930 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930 http://marc.info/?l=linux-kernel&m=110021173607372&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9751 http://www.trustix.org/errata/2005/0001/ XForce ISS Database: linux-aout-binary-dos(18290) https://exchange.xforce.ibmcloud.com/vulnerabilities/18290
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com