ID de Prueba:	1.3.6.1.4.1.25623.1.0.131198
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2016-0032)
Resumen:	The remote host is missing an update for the 'kernel-tmb' package(s) announced via the MGASA-2016-0032 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel-tmb' package(s) announced via the MGASA-2016-0032 advisory. Vulnerability Insight: Perception Point Research Team found a reference leak in keyring in join_session_keyring() that can be exploited to successfully escalate privileges from a local user to root (CVE-2016-0728). Other fixes in this kernel update: - netfilter: nf_nat_redirect: add missing NULL pointer check Affected Software/OS: 'kernel-tmb' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0728 1034701 http://www.securitytracker.com/id/1034701 39277 https://www.exploit-db.com/exploits/39277/ 81054 http://www.securityfocus.com/bid/81054 DSA-3448 http://www.debian.org/security/2016/dsa-3448 FEDORA-2016-5d43766e33 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html FEDORA-2016-b59fd603be http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html HPSBHF03436 https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05018265 RHSA-2016:0064 http://rhn.redhat.com/errata/RHSA-2016-0064.html RHSA-2016:0065 http://rhn.redhat.com/errata/RHSA-2016-0065.html RHSA-2016:0068 http://rhn.redhat.com/errata/RHSA-2016-0068.html SUSE-SU-2016:0205 http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00026.html SUSE-SU-2016:0341 http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00012.html SUSE-SU-2016:0745 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00033.html SUSE-SU-2016:0746 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00034.html SUSE-SU-2016:0747 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00035.html SUSE-SU-2016:0750 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00038.html SUSE-SU-2016:0751 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00039.html SUSE-SU-2016:0752 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00040.html SUSE-SU-2016:0753 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00041.html SUSE-SU-2016:0755 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00043.html SUSE-SU-2016:0756 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00044.html SUSE-SU-2016:0757 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00045.html USN-2870-1 http://www.ubuntu.com/usn/USN-2870-1 USN-2870-2 http://www.ubuntu.com/usn/USN-2870-2 USN-2871-1 http://www.ubuntu.com/usn/USN-2871-1 USN-2871-2 http://www.ubuntu.com/usn/USN-2871-2 USN-2872-1 http://www.ubuntu.com/usn/USN-2872-1 USN-2872-2 http://www.ubuntu.com/usn/USN-2872-2 USN-2872-3 http://www.ubuntu.com/usn/USN-2872-3 USN-2873-1 http://www.ubuntu.com/usn/USN-2873-1 [oss-security] 20160119 Linux kernel: use after free in keyring facility. http://www.openwall.com/lists/oss-security/2016/01/19/2 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23567fd052a9abb6d67fe8e7a9ccdd9800a540f2 http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/ http://source.android.com/security/bulletin/2016-03-01.html http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html https://bto.bluecoat.com/security-advisory/sa112 https://bugzilla.redhat.com/show_bug.cgi?id=1297475 https://github.com/torvalds/linux/commit/23567fd052a9abb6d67fe8e7a9ccdd9800a540f2 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380 https://security.netapp.com/advisory/ntap-20160211-0001/
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.