Vulnerabilities > CVE-2017-2634

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
linux
redhat
nessus

Summary

It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the system.

Vulnerable Configurations

Part Description Count
OS
Linux
851
OS
Redhat
5

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0347.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 5.6 Long Life. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id97465
    published2017-03-01
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97465
    titleRHEL 5 : kernel (RHSA-2017:0347)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2017:0347. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(97465);
      script_version("3.11");
      script_cvs_date("Date: 2019/10/24 15:35:42");
    
      script_cve_id("CVE-2017-2634", "CVE-2017-6074");
      script_xref(name:"RHSA", value:"2017:0347");
    
      script_name(english:"RHEL 5 : kernel (RHSA-2017:0347)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for kernel is now available for Red Hat Enterprise Linux 5.6
    Long Life.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The kernel packages contain the Linux kernel, the core of any Linux
    operating system.
    
    Security Fix(es) :
    
    * A use-after-free flaw was found in the way the Linux kernel's
    Datagram Congestion Control Protocol (DCCP) implementation freed SKB
    (socket buffer) resources for a DCCP_PKT_REQUEST packet when the
    IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged
    user could use this flaw to alter the kernel memory, allowing them to
    escalate their privileges on the system. (CVE-2017-6074, Important)
    
    * It was found that the Linux kernel's Datagram Congestion Control
    Protocol (DCCP) implementation used the IPv4-only
    inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP
    connections, which could result in memory corruptions. A remote
    attacker could use this flaw to crash the system. (CVE-2017-2634,
    Moderate)
    
    Important: This update disables the DCCP kernel module at load time by
    using the kernel module blacklist method. The module is disabled in an
    attempt to reduce further exposure to additional issues. (BZ#1426311)
    
    Red Hat would like to thank Andrey Konovalov (Google) for reporting
    CVE-2017-6074. The CVE-2017-2634 issue was discovered by Wade Mealing
    (Red Hat Product Security)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/vulnerabilities/2706661"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2017:0347"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2017-6074"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2017-2634"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.6");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/02/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/03/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = eregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^5\.6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.6", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2017:0347";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"kernel-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-PAE-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-PAE-debuginfo-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-PAE-devel-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-debug-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"kernel-debug-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-debug-debuginfo-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"kernel-debug-debuginfo-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-debug-devel-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"kernel-debug-devel-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-debuginfo-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"kernel-debuginfo-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-debuginfo-common-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"kernel-debuginfo-common-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-devel-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"kernel-devel-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", reference:"kernel-doc-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i386", reference:"kernel-headers-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"kernel-headers-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-xen-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"kernel-xen-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-xen-debuginfo-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"kernel-xen-debuginfo-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"i686", reference:"kernel-xen-devel-2.6.18-238.58.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"6", cpu:"x86_64", reference:"kernel-xen-devel-2.6.18-238.58.1.el5")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc");
      }
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20170224_KERNEL_ON_SL5_X.NASL
    descriptionSecurity Fix(es) : - A use-after-free flaw was found in the way the Linux kernel
    last seen2020-03-18
    modified2017-02-27
    plugin id97415
    published2017-02-27
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97415
    titleScientific Linux Security Update : kernel on SL5.x i386/x86_64 (20170224)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(97415);
      script_version("3.9");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2017-2634", "CVE-2017-6074");
    
      script_name(english:"Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20170224)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security Fix(es) :
    
      - A use-after-free flaw was found in the way the Linux
        kernel's Datagram Congestion Control Protocol (DCCP)
        implementation freed SKB (socket buffer) resources for a
        DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option
        is set on the socket. A local, unprivileged user could
        use this flaw to alter the kernel memory, allowing them
        to escalate their privileges on the system.
        (CVE-2017-6074, Important)
    
      - It was found that the Linux kernel's Datagram Congestion
        Control Protocol (DCCP) implementation used the
        IPv4-only inet_sk_rebuild_header() function for both
        IPv4 and IPv6 DCCP connections, which could result in
        memory corruptions. A remote attacker could use this
        flaw to crash the system. (CVE-2017-2634, Moderate)
    
    Important: This update disables the DCCP kernel module at load time by
    using the kernel module blacklist method. The module is disabled in an
    attempt to reduce further exposure to additional issues."
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1702&L=scientific-linux-errata&F=&S=&P=5638
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3366f3c8"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-PAE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-xen");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-xen-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-xen-devel");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/02/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/02/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/02/27");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 5.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL5", reference:"kernel-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-PAE-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-PAE-debuginfo-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-PAE-devel-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-debug-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-debug-debuginfo-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-debug-devel-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-debuginfo-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-debuginfo-common-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-devel-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-doc-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-headers-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-xen-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-xen-debuginfo-2.6.18-419.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-xen-devel-2.6.18-419.el5")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0346.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id97464
    published2017-03-01
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97464
    titleRHEL 5 : kernel (RHSA-2017:0346)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2017:0346. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(97464);
      script_version("3.11");
      script_cvs_date("Date: 2019/10/24 15:35:42");
    
      script_cve_id("CVE-2017-2634", "CVE-2017-6074");
      script_xref(name:"RHSA", value:"2017:0346");
    
      script_name(english:"RHEL 5 : kernel (RHSA-2017:0346)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for kernel is now available for Red Hat Enterprise Linux 5.9
    Long Life.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The kernel packages contain the Linux kernel, the core of any Linux
    operating system.
    
    Security Fix(es) :
    
    * A use-after-free flaw was found in the way the Linux kernel's
    Datagram Congestion Control Protocol (DCCP) implementation freed SKB
    (socket buffer) resources for a DCCP_PKT_REQUEST packet when the
    IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged
    user could use this flaw to alter the kernel memory, allowing them to
    escalate their privileges on the system. (CVE-2017-6074, Important)
    
    * It was found that the Linux kernel's Datagram Congestion Control
    Protocol (DCCP) implementation used the IPv4-only
    inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP
    connections, which could result in memory corruptions. A remote
    attacker could use this flaw to crash the system. (CVE-2017-2634,
    Moderate)
    
    Important: This update disables the DCCP kernel module at load time by
    using the kernel module blacklist method. The module is disabled in an
    attempt to reduce further exposure to additional issues. (BZ#1426309)
    
    Red Hat would like to thank Andrey Konovalov (Google) for reporting
    CVE-2017-6074. The CVE-2017-2634 issue was discovered by Wade Mealing
    (Red Hat Product Security)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/vulnerabilities/2706661"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2017:0346"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2017-6074"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2017-2634"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.9");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/02/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/03/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = eregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^5\.9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.9", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2017:0346";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"x86_64", reference:"kernel-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-PAE-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-PAE-debuginfo-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-PAE-devel-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-debug-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"x86_64", reference:"kernel-debug-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-debug-debuginfo-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"x86_64", reference:"kernel-debug-debuginfo-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-debug-devel-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"x86_64", reference:"kernel-debug-devel-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-debuginfo-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"x86_64", reference:"kernel-debuginfo-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-debuginfo-common-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"x86_64", reference:"kernel-debuginfo-common-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-devel-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"x86_64", reference:"kernel-devel-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", reference:"kernel-doc-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i386", reference:"kernel-headers-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"x86_64", reference:"kernel-headers-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-xen-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"x86_64", reference:"kernel-xen-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-xen-debuginfo-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"x86_64", reference:"kernel-xen-debuginfo-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"i686", reference:"kernel-xen-devel-2.6.18-348.33.1.el5")) flag++;
      if (rpm_check(release:"RHEL5", sp:"9", cpu:"x86_64", reference:"kernel-xen-devel-2.6.18-348.33.1.el5")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc");
      }
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2017-0323.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id97413
    published2017-02-27
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97413
    titleRHEL 5 : kernel (RHSA-2017:0323)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2017:0323. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(97413);
      script_version("3.10");
      script_cvs_date("Date: 2019/10/24 15:35:42");
    
      script_cve_id("CVE-2017-2634", "CVE-2017-6074");
      script_xref(name:"RHSA", value:"2017:0323");
    
      script_name(english:"RHEL 5 : kernel (RHSA-2017:0323)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for kernel is now available for Red Hat Enterprise Linux 5.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The kernel packages contain the Linux kernel, the core of any Linux
    operating system.
    
    Security Fix(es) :
    
    * A use-after-free flaw was found in the way the Linux kernel's
    Datagram Congestion Control Protocol (DCCP) implementation freed SKB
    (socket buffer) resources for a DCCP_PKT_REQUEST packet when the
    IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged
    user could use this flaw to alter the kernel memory, allowing them to
    escalate their privileges on the system. (CVE-2017-6074, Important)
    
    * It was found that the Linux kernel's Datagram Congestion Control
    Protocol (DCCP) implementation used the IPv4-only
    inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP
    connections, which could result in memory corruptions. A remote
    attacker could use this flaw to crash the system. (CVE-2017-2634,
    Moderate)
    
    Important: This update disables the DCCP kernel module at load time by
    using the kernel module blacklist method. The module is disabled in an
    attempt to reduce further exposure to additional issues. Please see
    Red Hat Bugzilla (BZ#1425177) for additional information.
    
    Red Hat would like to thank Andrey Konovalov (Google) for reporting
    CVE-2017-6074. The CVE-2017-2634 issue was discovered by Wade Mealing
    (Red Hat Product Security)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2017:0323"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2017-6074"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2017-2634"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/02/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/02/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = eregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2017:0323";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-PAE-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-PAE-debuginfo-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-PAE-devel-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debug-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debug-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debug-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debug-debuginfo-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debug-debuginfo-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debug-debuginfo-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debug-devel-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debug-devel-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debug-devel-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debuginfo-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debuginfo-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debuginfo-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debuginfo-common-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debuginfo-common-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debuginfo-common-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-devel-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-devel-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-devel-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", reference:"kernel-doc-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"kernel-headers-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-headers-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-headers-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-kdump-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-kdump-debuginfo-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-kdump-devel-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-xen-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-xen-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-xen-debuginfo-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-xen-debuginfo-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-xen-devel-2.6.18-419.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-xen-devel-2.6.18-419.el5")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc");
      }
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2017-0323.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id97391
    published2017-02-27
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97391
    titleCentOS 5 : kernel (CESA-2017:0323)
  • NASL familyVirtuozzo Local Security Checks
    NASL idVIRTUOZZO_VZLSA-2017-0323.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id101429
    published2017-07-13
    reporterThis script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101429
    titleVirtuozzo 7 : kernel / kernel-PAE / kernel-PAE-devel / etc (VZLSA-2017-0323)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2017-0323.NASL
    descriptionFrom Red Hat Security Advisory 2017:0323 : An update for kernel is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A use-after-free flaw was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id97405
    published2017-02-27
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97405
    titleOracle Linux 5 : kernel (ELSA-2017-0323)

Redhat

advisories
  • rhsa
    idRHSA-2017:0323
  • rhsa
    idRHSA-2017:0346
  • rhsa
    idRHSA-2017:0347
rpms
  • kernel-0:2.6.18-419.el5
  • kernel-PAE-0:2.6.18-419.el5
  • kernel-PAE-debuginfo-0:2.6.18-419.el5
  • kernel-PAE-devel-0:2.6.18-419.el5
  • kernel-debug-0:2.6.18-419.el5
  • kernel-debug-debuginfo-0:2.6.18-419.el5
  • kernel-debug-devel-0:2.6.18-419.el5
  • kernel-debuginfo-0:2.6.18-419.el5
  • kernel-debuginfo-common-0:2.6.18-419.el5
  • kernel-devel-0:2.6.18-419.el5
  • kernel-doc-0:2.6.18-419.el5
  • kernel-headers-0:2.6.18-419.el5
  • kernel-kdump-0:2.6.18-419.el5
  • kernel-kdump-debuginfo-0:2.6.18-419.el5
  • kernel-kdump-devel-0:2.6.18-419.el5
  • kernel-xen-0:2.6.18-419.el5
  • kernel-xen-debuginfo-0:2.6.18-419.el5
  • kernel-xen-devel-0:2.6.18-419.el5
  • kernel-0:2.6.18-348.33.1.el5
  • kernel-PAE-0:2.6.18-348.33.1.el5
  • kernel-PAE-debuginfo-0:2.6.18-348.33.1.el5
  • kernel-PAE-devel-0:2.6.18-348.33.1.el5
  • kernel-debug-0:2.6.18-348.33.1.el5
  • kernel-debug-debuginfo-0:2.6.18-348.33.1.el5
  • kernel-debug-devel-0:2.6.18-348.33.1.el5
  • kernel-debuginfo-0:2.6.18-348.33.1.el5
  • kernel-debuginfo-common-0:2.6.18-348.33.1.el5
  • kernel-devel-0:2.6.18-348.33.1.el5
  • kernel-doc-0:2.6.18-348.33.1.el5
  • kernel-headers-0:2.6.18-348.33.1.el5
  • kernel-xen-0:2.6.18-348.33.1.el5
  • kernel-xen-debuginfo-0:2.6.18-348.33.1.el5
  • kernel-xen-devel-0:2.6.18-348.33.1.el5
  • kernel-0:2.6.18-238.58.1.el5
  • kernel-PAE-0:2.6.18-238.58.1.el5
  • kernel-PAE-debuginfo-0:2.6.18-238.58.1.el5
  • kernel-PAE-devel-0:2.6.18-238.58.1.el5
  • kernel-debug-0:2.6.18-238.58.1.el5
  • kernel-debug-debuginfo-0:2.6.18-238.58.1.el5
  • kernel-debug-devel-0:2.6.18-238.58.1.el5
  • kernel-debuginfo-0:2.6.18-238.58.1.el5
  • kernel-debuginfo-common-0:2.6.18-238.58.1.el5
  • kernel-devel-0:2.6.18-238.58.1.el5
  • kernel-doc-0:2.6.18-238.58.1.el5
  • kernel-headers-0:2.6.18-238.58.1.el5
  • kernel-xen-0:2.6.18-238.58.1.el5
  • kernel-xen-debuginfo-0:2.6.18-238.58.1.el5
  • kernel-xen-devel-0:2.6.18-238.58.1.el5