ID de Prueba:	1.3.6.1.4.1.25623.1.0.120302
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2013-190)
Resumen:	The remote host is missing an update for the 'kernel' package(s) announced via the ALAS-2013-190 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ALAS-2013-190 advisory. Vulnerability Insight: The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call. Affected Software/OS: 'kernel' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2094 33589 http://www.exploit-db.com/exploits/33589 93361 http://www.osvdb.org/93361 MDVSA-2013:176 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 RHSA-2013:0830 http://rhn.redhat.com/errata/RHSA-2013-0830.html SUSE-SU-2013:0819 http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.html USN-1825-1 http://www.ubuntu.com/usn/USN-1825-1 USN-1826-1 http://www.ubuntu.com/usn/USN-1826-1 USN-1827-1 http://www.ubuntu.com/usn/USN-1827-1 USN-1828-1 http://www.ubuntu.com/usn/USN-1828-1 USN-1836-1 http://www.ubuntu.com/usn/USN-1836-1 USN-1838-1 http://www.ubuntu.com/usn/USN-1838-1 [CentOS-announce] 20130515 CentOS-6 CVE-2013-2094 Kernel Issue http://lists.centos.org/pipermail/centos-announce/2013-May/019729.html [CentOS-announce] 20130517 CESA-2013:0830 Important CentOS 6 kernel Update http://lists.centos.org/pipermail/centos-announce/2013-May/019733.html [linux-kernel] 20130412 Re: sw_perf_event_destroy() oops while fuzzing http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03976.html [linux-kernel] 20130412 sw_perf_event_destroy() oops while fuzzing http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html [linux-kernel] 20130413 Re: sw_perf_event_destroy() oops while fuzzing http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/04302.html [oss-security] 20130514 Re: CVE Request: linux kernel perf out-of-bounds access http://www.openwall.com/lists/oss-security/2013/05/14/6 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8176cced706b5e5d15887584150764894e94e02f http://news.ycombinator.com/item?id=5703758 http://packetstormsecurity.com/files/121616/semtex.c http://twitter.com/djrbliss/statuses/334301992648331267 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9 http://www.reddit.com/r/netsec/comments/1eb9iw https://bugzilla.redhat.com/show_bug.cgi?id=962792 https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02f openSUSE-SU-2013:0847 http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html openSUSE-SU-2013:0925 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html openSUSE-SU-2013:0951 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html openSUSE-SU-2013:1042 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.