Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.870491 |
Category: | Red Hat Local Security Checks |
Title: | RedHat Update for kernel RHSA-2011:1321-01 |
Summary: | The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory. |
Description: | Summary: The remote host is missing an update for the 'kernel' package(s) announced via the referenced advisory. Vulnerability Insight: The kernel packages contain the Linux kernel. Security fix: * A flaw in skb_gro_header_slow() in the Linux kernel could lead to GRO (Generic Receive Offload) fields being left in an inconsistent state. An attacker on the local network could use this flaw to trigger a denial of service. (CVE-2011-2723, Moderate) Red Hat would like to thank Brent Meshier for reporting this issue. Bug fixes: * When reading a file from a subdirectory in /proc/bus/pci/ while hot-unplugging the device related to that file, the system will crash. Now, the kernel correctly handles the simultaneous removal of a device and access to the representation of that device in the proc file system. (BZ#713454) * RHSA-2011:0017 introduced a regression: Non-disk SCSI devices (except for tape drives) such as enclosure or CD-ROM devices were hidden when attached to a SAS based RAID controller that uses the megaraid_sas driver. With this update, such devices are accessible, as expected. (BZ#726487) * The fix for CVE-2010-3432 provided in RHSA-2011:0004 introduced a regression: Information in sctp_packet_config(), which was called before appending data chunks to a packet, was not reset, causing considerably poor SCTP (Stream Control Transmission Protocol) performance. With this update, the packet information is reset after transmission. (BZ#727591) * Certain systems do not correctly set the ACPI FADT APIC mode bit. They set the bit to 'cluster' mode instead of 'physical' mode which caused these systems to boot without the TSC (Time Stamp Counter). With this update, the ACPI FADT check has been removed due to its unreliability. (BZ#728162) * Performance when invalidating and rereading cached data as a glock moves around the cluster with GFS2 is improved. (BZ#729082) * Performance issues occurred when multiple nodes attempted to call mmap() on the same inode at the same time on a GFS2 file system, as it was using an exclusive glock. With this update, a shared lock is used when 'noatime' is set on the mount, allowing mmap() operations to occur in parallel, fixing this bug. Note that this issue only refers to mmap() system calls, and not to subsequent page faults. (BZ#729090) * Some of the functions in the GFS2 file system were not reserving enough space for the resource group header in a transaction and for resource groups bit blocks that get added when a memory allocation is performed. That resulted in failed write and allocation operations. With this update, GFS2 makes s ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: kernel on Red Hat Enterprise Linux (v. 5 server) Solution: Please Install the Updated Packages. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-2723 BugTraq ID: 48929 http://www.securityfocus.com/bid/48929 HPdes Security Advisory: HPSBGN02970 http://marc.info/?l=bugtraq&m=139447903326211&w=2 http://openwall.com/lists/oss-security/2011/07/28/13 http://openwall.com/lists/oss-security/2011/07/29/1 http://www.redhat.com/support/errata/RHSA-2011-1321.html http://securitytracker.com/id?1025876 Common Vulnerability Exposure (CVE) ID: CVE-2010-3432 BugTraq ID: 43480 http://www.securityfocus.com/bid/43480 Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search) http://www.securityfocus.com/archive/1/520102/100/0/threaded Debian Security Information: DSA-2126 (Google Search) http://www.debian.org/security/2010/dsa-2126 http://marc.info/?l=linux-netdev&m=128453869227715&w=3 http://marc.info/?l=oss-security&m=128534569803598&w=2 http://marc.info/?l=oss-security&m=128537701808336&w=2 http://www.redhat.com/support/errata/RHSA-2010-0842.html http://www.redhat.com/support/errata/RHSA-2010-0936.html http://www.redhat.com/support/errata/RHSA-2010-0958.html http://www.redhat.com/support/errata/RHSA-2011-0004.html http://secunia.com/advisories/42400 http://secunia.com/advisories/42778 http://secunia.com/advisories/42789 http://secunia.com/advisories/46397 SuSE Security Announcement: SUSE-SA:2011:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html SuSE Security Announcement: SUSE-SA:2011:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://www.ubuntu.com/usn/USN-1000-1 http://www.vupen.com/english/advisories/2010/3113 http://www.vupen.com/english/advisories/2011/0012 http://www.vupen.com/english/advisories/2011/0024 http://www.vupen.com/english/advisories/2011/0298 |
Copyright | Copyright (c) 2011 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |