ID de Prueba:	1.3.6.1.4.1.25623.1.0.120068
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2012-118)
Resumen:	The remote host is missing an update for the 'kernel' package(s) announced via the ALAS-2012-118 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ALAS-2012-118 advisory. Vulnerability Insight: The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket. Affected Software/OS: 'kernel' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3430 50633 http://secunia.com/advisories/50633 50732 http://secunia.com/advisories/50732 50811 http://secunia.com/advisories/50811 RHSA-2012:1323 http://rhn.redhat.com/errata/RHSA-2012-1323.html SUSE-SU-2012:1679 https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html USN-1567-1 http://www.ubuntu.com/usn/USN-1567-1 USN-1568-1 http://www.ubuntu.com/usn/USN-1568-1 USN-1572-1 http://www.ubuntu.com/usn/USN-1572-1 USN-1575-1 http://www.ubuntu.com/usn/USN-1575-1 USN-1577-1 http://www.ubuntu.com/usn/USN-1577-1 USN-1578-1 http://www.ubuntu.com/usn/USN-1578-1 USN-1579-1 http://www.ubuntu.com/usn/USN-1579-1 USN-1580-1 http://www.ubuntu.com/usn/USN-1580-1 [oss-security] 20120726 Re: CVE Request -- kernel: recv{from,msg}() on an rds socket can leak kernel memory http://www.openwall.com/lists/oss-security/2012/07/26/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=06b6a1cf6e776426766298d055bb3991957d90a7 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44 https://bugzilla.redhat.com/show_bug.cgi?id=820039 https://github.com/torvalds/linux/commit/06b6a1cf6e776426766298d055bb3991957d90a7
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.