Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2016.0256
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2016-0256)
Zusammenfassung:	The remote host is missing an update for the 'util-linux' package(s) announced via the MGASA-2016-0256 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'util-linux' package(s) announced via the MGASA-2016-0256 advisory. Vulnerability Insight: The util-linux libblkid is vulnerable to a Denial of Service attack during MS-DOS partition table parsing, in the extended partition boot record (EBR). If the next EBR starts at relative offset 0, parse_dos_extended() will loop until running out of memory. An attacker could install a specially crafted MS-DOS partition table in a storage device and trick a user into using it. This library is used, among others, by systemd-udevd daemon (CVE-2016-5011). Affected Software/OS: 'util-linux' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5011 1036272 http://www.securitytracker.com/id/1036272 91683 http://www.securityfocus.com/bid/91683 RHSA-2016:2605 http://rhn.redhat.com/errata/RHSA-2016-2605.html [oss-security] 20160711 CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS http://www.openwall.com/lists/oss-security/2016/07/11/2 http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543 http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801 https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.