ID de Prueba:	1.3.6.1.4.1.25623.1.0.105374
Categoría:	F5 Local Security Checks
Título:	F5 BIG-IP - Linux kernel vulnerability CVE-2014-0131
Resumen:	The remote host is missing a security patch.
Descripción:	Summary: The remote host is missing a security patch. Vulnerability Insight: Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. (CVE-2014-0131) Vulnerability Impact: Attackers may be able to obtain sensitive information from kernel memory. Solution: See the referenced vendor advisory for a solution. CVSS Score: 2.9 CVSS Vector: AV:A/AC:M/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0131 SUSE-SU-2015:0481 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html [netdev] 20140310 [PATCH 0/5] skbuff: fix skb_segment with zero copy skbs http://www.spinics.net/lists/netdev/msg274250.html [netdev] 20140310 [PATCH 5/5] skbuff: skb_segment: orphan frags before copying http://www.spinics.net/lists/netdev/msg274316.html [oss-security] 20140310 CVE-2014-0131 -- kernel: net: use-after-free during segmentation with zerocopy http://www.openwall.com/lists/oss-security/2014/03/10/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1fd819ecb90cc9b822cd84d3056ddba315d3340f https://bugzilla.redhat.com/show_bug.cgi?id=1074589 https://github.com/torvalds/linux/commit/1fd819ecb90cc9b822cd84d3056ddba315d3340f openSUSE-SU-2015:0566 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.