|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2005-016: kernel Vulnerability Assessment Details
|
RHSA-2005-016: kernel |
||
Check for the version of the kernel packages Detailed Explanation for this Vulnerability Assessment Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 2.1 are now available. The Linux kernel handles the basic functions of the operating system. This advisory includes fixes for the following security issues: iSEC Security Research discovered a VMA handling flaw in the uselib(2) system call of the Linux kernel. A local user could make use of this flaw to gain elevated (root) rights. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1235 to this issue. iSEC Security Research discovered a flaw in the page fault handler code that could lead to local users gaining elevated (root) rights on multiprocessor machines. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0001 to this issue. iSEC Security Research and Georgi Guninski independently discovered a flaw in the scm_send function in the auxiliary message layer. A local user could create a carefully crafted auxiliary message which could cause a denial of service (system hang). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1016 to this issue. Kirill Korotaev found a flaw in load_elf_binary affecting kernels prior to 2.4.26. A local user could create a carefully crafted binary in such a way that it would cause a denial of service (system crash). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1234 to this issue. These packages also fix issues in the io_edgeport driver (CVE-2004-1017), a memory leak in ip_options_get (CVE-2004-1335), and missing VM_IO flags in some drivers (CVE-2004-1057). A recent Internet Draft by Fernando Gont recommended that ICMP Source Quench messages be ignored by hosts. A patch to ignore these messages is included. All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. Solution : http://rhn.redhat.com/errata/RHSA-2005-016.html Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security |
||
Cables, Connectors |
Dell PowerEdge R720 Server - 2x8c CPU,256Gb RAM, 128Gb SSD/3x900Gb SAS, Proxmox
$340.00
DELL PowerEdge R730 Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45
$274.00
Dell PowerEdge R720XD Xeon E5-2680 V2 2.8GHz 20 Cores 256GB RAM 12x4TB
$510.00
Dell PowerEdge R730XD 28 Core Server 2X Xeon E5-2680 V4 H730 128GB RAM No HDD
$389.99
Dell PowerEdge R730, 2 sinks, SystemBoard, 8 trays,H330,Idrac 8 exp, 2x750w Psu
$135.00
Dell Poweredge R730xd 2.5in 2x E5-2690 v3 2.6ghz 24-Cores 64gb H730 2x 750w
$189.99
DELL PowerEdge R730 16SFF Server 2x E5-2690v4 =28 Cores No RAM/ HDD H730 4xRJ45
$232.97
Dell PowerEdge R710 2.5" 2U Server 2x X5670 2.93GHZ 12-Core 128gb 2x 1TB SAS
$114.99
DELL PowerEdge R730 Server 2x E5-2680v4 2.4GHz =28 Cores 32GB H730 4xRJ45
$284.00
Dell PowerEdge R720 Server 2x Xeon E5-2640 @ 2.5GHz 128GB RAM NO HDD/OS
$159.99
|
||
No Discussions have been posted on this vulnerability. |