ID de Prueba:	1.3.6.1.4.1.25623.1.0.120387
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2013-166)
Resumen:	The remote host is missing an update for the 'kernel' package(s) announced via the ALAS-2013-166 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ALAS-2013-166 advisory. Vulnerability Insight: It was found that a deadlock could occur in the Out of Memory (OOM) killer. A process could trigger this deadlock by consuming a large amount of memory, and then causing request_module() to be called. A local, unprivileged user could use this flaw to cause a denial of service (excessive memory consumption). (CVE-2012-4398) A flaw was found in the way the KVM (Kernel-based Virtual Machine) subsystem handled guests attempting to run with the X86_CR4_OSXSAVE CPU feature flag set. On hosts without the XSAVE CPU feature, a local, unprivileged user could use this flaw to crash the host system. (The 'grep --color xsave /proc/cpuinfo' command can be used to verify if your system has the XSAVE CPU feature.) (CVE-2012-4461) A memory disclosure flaw was found in the way the load_script() function in the binfmt_script binary format handler handled excessive recursions. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space by executing specially-crafted scripts. (CVE-2012-4530) A race condition was found in the way the Linux kernel's ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal instead of being stopped. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-0871) Affected Software/OS: 'kernel' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-4398 55077 http://secunia.com/advisories/55077 55361 http://www.securityfocus.com/bid/55361 RHSA-2013:0223 http://rhn.redhat.com/errata/RHSA-2013-0223.html RHSA-2013:1348 http://rhn.redhat.com/errata/RHSA-2013-1348.html SUSE-SU-2015:0481 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html [linux-kernel] 20120207 [PATCH 5/5] kmod: make __request_module() killable http://lkml.indiana.edu/hypermail/linux/kernel/1202.0/03340.html [oss-security] 20120902 CVE Request -- kernel: request_module() OOM local DoS http://www.openwall.com/lists/oss-security/2012/09/02/3 http://www.kernel.org/pub/linux/kernel/v3.x/linux-3.4.tar.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=853474 openSUSE-SU-2015:0566 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html Common Vulnerability Exposure (CVE) ID: CVE-2012-4461 51160 http://secunia.com/advisories/51160 56414 http://www.securityfocus.com/bid/56414 RHSA-2013:0882 http://rhn.redhat.com/errata/RHSA-2013-0882.html SUSE-SU-2012:1679 https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html [oss-security] 20121106 CVE-2012-4461 -- kernel: kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set http://www.openwall.com/lists/oss-security/2012/11/06/14 http://article.gmane.org/gmane.comp.emulators.kvm.devel/100742 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git%3Ba=commit%3Bh=6d1068b3a98519247d8ba4ec85cd40ac136dbdf9 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.9 https://bugzilla.redhat.com/show_bug.cgi?id=862900 openSUSE-SU-2013:0925 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2012-4530 SUSE-SU-2013:0674 http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html [oss-security] 20121019 Re: CVE Request -- kernel stack disclosure in binfmt_script load_script() http://www.openwall.com/lists/oss-security/2012/10/19/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b66c5984017533316fd1951770302649baf1aa33 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.2 https://bugzilla.redhat.com/show_bug.cgi?id=868285 https://github.com/torvalds/linux/commit/b66c5984017533316fd1951770302649baf1aa33 Common Vulnerability Exposure (CVE) ID: CVE-2013-0871 Debian Security Information: DSA-2632 (Google Search) http://www.debian.org/security/2013/dsa-2632 http://www.openwall.com/lists/oss-security/2013/02/15/16 RedHat Security Advisories: RHSA-2013:0567 http://rhn.redhat.com/errata/RHSA-2013-0567.html RedHat Security Advisories: RHSA-2013:0661 http://rhn.redhat.com/errata/RHSA-2013-0661.html RedHat Security Advisories: RHSA-2013:0662 http://rhn.redhat.com/errata/RHSA-2013-0662.html RedHat Security Advisories: RHSA-2013:0695 http://rhn.redhat.com/errata/RHSA-2013-0695.html SuSE Security Announcement: SUSE-SU-2013:0341 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00022.html SuSE Security Announcement: SUSE-SU-2013:0674 (Google Search) SuSE Security Announcement: openSUSE-SU-2013:0925 (Google Search) http://www.ubuntu.com/usn/USN-1736-1 http://www.ubuntu.com/usn/USN-1737-1 http://www.ubuntu.com/usn/USN-1738-1 http://www.ubuntu.com/usn/USN-1739-1 http://www.ubuntu.com/usn/USN-1740-1 http://www.ubuntu.com/usn/USN-1741-1 http://www.ubuntu.com/usn/USN-1742-1 http://www.ubuntu.com/usn/USN-1743-1 http://www.ubuntu.com/usn/USN-1744-1 http://www.ubuntu.com/usn/USN-1745-1
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.