8.3 High
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
0.016 Low
EPSS
Percentile
87.3%
CentOS Errata and Security Advisory CESA-2011:1386
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security fixes:
The maximum file offset handling for ext4 file systems could allow a
local, unprivileged user to cause a denial of service. (CVE-2011-2695,
Important)
IPv6 fragment identification value generation could allow a remote
attacker to disrupt a target system’s networking, preventing legitimate
users from accessing its services. (CVE-2011-2699, Important)
A malicious CIFS (Common Internet File System) server could send a
specially-crafted response to a directory read request that would result in
a denial of service or privilege escalation on a system that has a CIFS
share mounted. (CVE-2011-3191, Important)
A local attacker could use mount.ecryptfs_private to mount (and then
access) a directory they would otherwise not have access to. Note: To
correct this issue, the RHSA-2011:1241 ecryptfs-utils update must also be
installed. (CVE-2011-1833, Moderate)
A flaw in the taskstats subsystem could allow a local, unprivileged user
to cause excessive CPU time and memory use. (CVE-2011-2484, Moderate)
Mapping expansion handling could allow a local, unprivileged user to
cause a denial of service. (CVE-2011-2496, Moderate)
GRO (Generic Receive Offload) fields could be left in an inconsistent
state. An attacker on the local network could use this flaw to cause a
denial of service. GRO is enabled by default in all network drivers that
support it. (CVE-2011-2723, Moderate)
RHSA-2011:1065 introduced a regression in the Ethernet bridge
implementation. If a system had an interface in a bridge, and an attacker
on the local network could send packets to that interface, they could cause
a denial of service on that system. Xen hypervisor and KVM (Kernel-based
Virtual Machine) hosts often deploy bridge interfaces. (CVE-2011-2942,
Moderate)
A flaw in the Xen hypervisor IOMMU error handling implementation could
allow a privileged guest user, within a guest operating system that has
direct control of a PCI device, to cause performance degradation on the
host and possibly cause it to hang. (CVE-2011-3131, Moderate)
IPv4 and IPv6 protocol sequence number and fragment ID generation could
allow a man-in-the-middle attacker to inject packets and possibly hijack
connections. Protocol sequence number and fragment IDs are now more random.
(CVE-2011-3188, Moderate)
A flaw in the kernel’s clock implementation could allow a local,
unprivileged user to cause a denial of service. (CVE-2011-3209, Moderate)
Non-member VLAN (virtual LAN) packet handling for interfaces in
promiscuous mode and also using the be2net driver could allow an attacker
on the local network to cause a denial of service. (CVE-2011-3347,
Moderate)
A flaw in the auerswald USB driver could allow a local, unprivileged user
to cause a denial of service or escalate their privileges by inserting a
specially-crafted USB device. (CVE-2009-4067, Low)
A flaw in the Trusted Platform Module (TPM) implementation could allow a
local, unprivileged user to leak information to user space. (CVE-2011-1160,
Low)
A local, unprivileged user could possibly mount a CIFS share that
requires authentication without knowing the correct password if the mount
was already mounted by another local user. (CVE-2011-1585, Low)
Red Hat would like to thank Fernando Gont for reporting CVE-2011-2699;
Darren Lavender for reporting CVE-2011-3191; the Ubuntu Security Team for
reporting CVE-2011-1833; Vasiliy Kulikov of Openwall for reporting
CVE-2011-2484; Robert Swiecki for reporting CVE-2011-2496; Brent Meshier
for reporting CVE-2011-2723; Dan Kaminsky for reporting CVE-2011-3188;
Yasuaki Ishimatsu for reporting CVE-2011-3209; Somnath Kotur for reporting
CVE-2011-3347; Rafael Dominguez Vega for reporting CVE-2009-4067; and Peter
Huewe for reporting CVE-2011-1160. The Ubuntu Security Team acknowledges
Vasiliy Kulikov of Openwall and Dan Rosenberg as the original reporters of
CVE-2011-1833.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2011-October/080289.html
https://lists.centos.org/pipermail/centos-announce/2011-October/080290.html
Affected packages:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2011:1386
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i686 | kernel | < 2.6.18-274.7.1.el5 | kernel-2.6.18-274.7.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-debug | < 2.6.18-274.7.1.el5 | kernel-debug-2.6.18-274.7.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-debug-devel | < 2.6.18-274.7.1.el5 | kernel-debug-devel-2.6.18-274.7.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-devel | < 2.6.18-274.7.1.el5 | kernel-devel-2.6.18-274.7.1.el5.i686.rpm |
CentOS | 5 | noarch | kernel-doc | < 2.6.18-274.7.1.el5 | kernel-doc-2.6.18-274.7.1.el5.noarch.rpm |
CentOS | 5 | i386 | kernel-headers | < 2.6.18-274.7.1.el5 | kernel-headers-2.6.18-274.7.1.el5.i386.rpm |
CentOS | 5 | i686 | kernel-pae | < 2.6.18-274.7.1.el5 | kernel-PAE-2.6.18-274.7.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-pae-devel | < 2.6.18-274.7.1.el5 | kernel-PAE-devel-2.6.18-274.7.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-xen | < 2.6.18-274.7.1.el5 | kernel-xen-2.6.18-274.7.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-xen-devel | < 2.6.18-274.7.1.el5 | kernel-xen-devel-2.6.18-274.7.1.el5.i686.rpm |
8.3 High
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
0.016 Low
EPSS
Percentile
87.3%