ID de Prueba:	1.3.6.1.4.1.25623.1.0.120746
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2016-757)
Resumen:	The remote host is missing an update for the 'kernel' package(s) announced via the ALAS-2016-757 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ALAS-2016-757 advisory. Vulnerability Insight: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. (Updated 2016-11-10: This advisory was upgraded to Critical.) Affected Software/OS: 'kernel' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5195 BugTraq ID: 93793 http://www.securityfocus.com/bid/93793 Bugtraq: 20161020 [CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability (Google Search) http://www.securityfocus.com/archive/1/539611/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded Bugtraq: 20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege (Google Search) http://www.securityfocus.com/archive/1/540252/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded Bugtraq: 20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege (Google Search) http://www.securityfocus.com/archive/1/540344/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded Bugtraq: 20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege (Google Search) http://www.securityfocus.com/archive/1/540736/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded CERT/CC vulnerability note: VU#243144 https://www.kb.cert.org/vuls/id/243144 Cisco Security Advisory: 20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux Cisco Security Advisory: 20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd Debian Security Information: DSA-3696 (Google Search) http://www.debian.org/security/2016/dsa-3696 https://www.exploit-db.com/exploits/40611/ https://www.exploit-db.com/exploits/40616/ https://www.exploit-db.com/exploits/40839/ https://www.exploit-db.com/exploits/40847/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/ http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html https://dirtycow.ninja https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026 http://www.openwall.com/lists/oss-security/2016/10/21/1 http://www.openwall.com/lists/oss-security/2016/10/26/7 http://www.openwall.com/lists/oss-security/2016/10/27/13 http://www.openwall.com/lists/oss-security/2016/10/30/1 http://www.openwall.com/lists/oss-security/2016/11/03/7 http://www.openwall.com/lists/oss-security/2022/03/07/1 http://www.openwall.com/lists/oss-security/2022/08/08/1 http://www.openwall.com/lists/oss-security/2022/08/08/2 http://www.openwall.com/lists/oss-security/2022/08/08/7 http://www.openwall.com/lists/oss-security/2022/08/08/8 http://www.openwall.com/lists/oss-security/2022/08/09/4 http://www.openwall.com/lists/oss-security/2022/08/15/1 RedHat Security Advisories: RHSA-2016:2098 http://rhn.redhat.com/errata/RHSA-2016-2098.html RedHat Security Advisories: RHSA-2016:2105 http://rhn.redhat.com/errata/RHSA-2016-2105.html RedHat Security Advisories: RHSA-2016:2106 http://rhn.redhat.com/errata/RHSA-2016-2106.html RedHat Security Advisories: RHSA-2016:2107 http://rhn.redhat.com/errata/RHSA-2016-2107.html RedHat Security Advisories: RHSA-2016:2110 http://rhn.redhat.com/errata/RHSA-2016-2110.html RedHat Security Advisories: RHSA-2016:2118 http://rhn.redhat.com/errata/RHSA-2016-2118.html RedHat Security Advisories: RHSA-2016:2120 http://rhn.redhat.com/errata/RHSA-2016-2120.html RedHat Security Advisories: RHSA-2016:2124 http://rhn.redhat.com/errata/RHSA-2016-2124.html RedHat Security Advisories: RHSA-2016:2126 http://rhn.redhat.com/errata/RHSA-2016-2126.html RedHat Security Advisories: RHSA-2016:2127 http://rhn.redhat.com/errata/RHSA-2016-2127.html RedHat Security Advisories: RHSA-2016:2128 http://rhn.redhat.com/errata/RHSA-2016-2128.html RedHat Security Advisories: RHSA-2016:2132 http://rhn.redhat.com/errata/RHSA-2016-2132.html RedHat Security Advisories: RHSA-2016:2133 http://rhn.redhat.com/errata/RHSA-2016-2133.html RedHat Security Advisories: RHSA-2017:0372 https://access.redhat.com/errata/RHSA-2017:0372 http://www.securitytracker.com/id/1037078 SuSE Security Announcement: SUSE-SU-2016:2585 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html SuSE Security Announcement: SUSE-SU-2016:2592 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html SuSE Security Announcement: SUSE-SU-2016:2593 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html SuSE Security Announcement: SUSE-SU-2016:2596 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html SuSE Security Announcement: SUSE-SU-2016:2614 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html SuSE Security Announcement: SUSE-SU-2016:2629 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html SuSE Security Announcement: SUSE-SU-2016:2630 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html SuSE Security Announcement: SUSE-SU-2016:2631 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html SuSE Security Announcement: SUSE-SU-2016:2632 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html SuSE Security Announcement: SUSE-SU-2016:2633 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html SuSE Security Announcement: SUSE-SU-2016:2634 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html SuSE Security Announcement: SUSE-SU-2016:2635 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html SuSE Security Announcement: SUSE-SU-2016:2636 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html SuSE Security Announcement: SUSE-SU-2016:2637 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html SuSE Security Announcement: SUSE-SU-2016:2638 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html SuSE Security Announcement: SUSE-SU-2016:2655 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html SuSE Security Announcement: SUSE-SU-2016:2657 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html SuSE Security Announcement: SUSE-SU-2016:2658 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html SuSE Security Announcement: SUSE-SU-2016:2659 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html SuSE Security Announcement: SUSE-SU-2016:2673 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html SuSE Security Announcement: SUSE-SU-2016:3069 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html SuSE Security Announcement: SUSE-SU-2016:3304 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html SuSE Security Announcement: openSUSE-SU-2016:2583 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html SuSE Security Announcement: openSUSE-SU-2016:2584 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html SuSE Security Announcement: openSUSE-SU-2016:2625 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html SuSE Security Announcement: openSUSE-SU-2016:2649 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html SuSE Security Announcement: openSUSE-SU-2020:0554 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html http://www.ubuntu.com/usn/USN-3104-1 http://www.ubuntu.com/usn/USN-3104-2 http://www.ubuntu.com/usn/USN-3105-1 http://www.ubuntu.com/usn/USN-3105-2 http://www.ubuntu.com/usn/USN-3106-1 http://www.ubuntu.com/usn/USN-3106-2 http://www.ubuntu.com/usn/USN-3106-3 http://www.ubuntu.com/usn/USN-3106-4 http://www.ubuntu.com/usn/USN-3107-1 http://www.ubuntu.com/usn/USN-3107-2
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.