 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.71429 |
| Category: | Red Hat Local Security Checks |
| Title: | RedHat Security Advisory RHSA-2012:1064 |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing updates announced in advisory RHSA-2012:1064. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash. (CVE-2012-2744, Important) * A flaw was found in the way the Linux kernel's key management facility handled replacement session keyrings on process forks. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2745, Moderate) Red Hat would like to thank an anonymous contributor working with the Beyond Security SecuriTeam Secure Disclosure program for reporting CVE-2012-2744. Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2012-1064.html Risk factor : High |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-2744 1027235 http://www.securitytracker.com/id?1027235 49928 http://secunia.com/advisories/49928 54367 http://www.securityfocus.com/bid/54367 RHSA-2012:1064 http://rhn.redhat.com/errata/RHSA-2012-1064.html RHSA-2012:1148 http://rhn.redhat.com/errata/RHSA-2012-1148.html http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9e2dcf72023d1447f09c47d77c99b0c49659e5ce https://bugzilla.redhat.com/show_bug.cgi?id=833402 https://github.com/torvalds/linux/commit/9e2dcf72023d1447f09c47d77c99b0c49659e5ce Common Vulnerability Exposure (CVE) ID: CVE-2012-2745 1027236 http://www.securitytracker.com/id?1027236 50633 http://secunia.com/advisories/50633 50853 http://secunia.com/advisories/50853 50961 http://secunia.com/advisories/50961 54365 http://www.securityfocus.com/bid/54365 USN-1567-1 http://www.ubuntu.com/usn/USN-1567-1 USN-1597-1 http://www.ubuntu.com/usn/USN-1597-1 USN-1606-1 http://www.ubuntu.com/usn/USN-1606-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=79549c6dfda0603dba9a70a53467ce62d9335c33 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.2 https://bugzilla.redhat.com/show_bug.cgi?id=833428 https://github.com/torvalds/linux/commit/79549c6dfda0603dba9a70a53467ce62d9335c33 |
| Copyright | Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |