 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.871842 |
| Categoría: | Red Hat Local Security Checks |
| Título: | RedHat Update for kernel RHSA-2017:1723-01 |
| Resumen: | The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'kernel' package(s) announced via the referenced advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important) Red Hat would like to thank Ari Kauppi for reporting this issue. Bug Fix(es): * If several file operations were started after a mounted NFS share had got idle and its Transmission Control Protocol (TCP) connection had therefore been terminated, these operations could cause multiple TCP SYN packets coming from the NFS client instead of one. With this update, the reconnection logic has been fixed, and only one TCP SYN packet is now sent in the described situation. (BZ#1450850) * When the ixgbe driver was loaded for a backplane-connected network card, a kernel panic could occur, because the ops.setup_fc function pointer was used before the initialization. With this update, ops.setup_fc is initialized earlier. As a result, ixgbe no longer panics on load. (BZ#1457347) * When setting an Access Control List (ACL) with 190 and more Access Control Entries (ACEs) on a NFSv4 directory, a kernel crash could previously occur. This update fixes the nfs4_getfacl() function, and the kernel no longer crashes under the described circumstances. (BZ#1449096) * When upgrading to kernel with the fix for stack guard flaw, a crash could occur in Java Virtual Machine (JVM) environments, which attempted to implement their own stack guard page. With this update, the underlying source code has been fixed to consider the PROT_NONE mapping as a part of the stack, and the crash in JVM no longer occurs under the described circumstances. (BZ#1466667) * When a program receives IPv6 packets using the raw socket, the ioctl(FIONREAD) and ioctl(SIOCINQ) functions can incorrectly return zero waiting bytes. This update fixes the ip6_input_finish() function to check the raw payload size properly. As a result, the ioctl() function now returns bytes waiting in the raw socket correctly. (BZ#1450870) * Previously, listing a directory on a non-standard XFS filesystem (with non-default multi-fsb directory blocks) could lead to a soft lock up due to array index overrun in the xfs_dir2_leaf_readbuf() function. This update fixes xfs_dir2_leaf_readbuf(), and the soft lock up no longer occurs ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: kernel on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-7895 BugTraq ID: 98085 http://www.securityfocus.com/bid/98085 Debian Security Information: DSA-3886 (Google Search) http://www.debian.org/security/2017/dsa-3886 RedHat Security Advisories: RHSA-2017:1615 https://access.redhat.com/errata/RHSA-2017:1615 RedHat Security Advisories: RHSA-2017:1616 https://access.redhat.com/errata/RHSA-2017:1616 RedHat Security Advisories: RHSA-2017:1647 https://access.redhat.com/errata/RHSA-2017:1647 RedHat Security Advisories: RHSA-2017:1715 https://access.redhat.com/errata/RHSA-2017:1715 RedHat Security Advisories: RHSA-2017:1723 https://access.redhat.com/errata/RHSA-2017:1723 RedHat Security Advisories: RHSA-2017:1766 https://access.redhat.com/errata/RHSA-2017:1766 RedHat Security Advisories: RHSA-2017:1798 https://access.redhat.com/errata/RHSA-2017:1798 RedHat Security Advisories: RHSA-2017:2412 https://access.redhat.com/errata/RHSA-2017:2412 RedHat Security Advisories: RHSA-2017:2428 https://access.redhat.com/errata/RHSA-2017:2428 RedHat Security Advisories: RHSA-2017:2429 https://access.redhat.com/errata/RHSA-2017:2429 RedHat Security Advisories: RHSA-2017:2472 https://access.redhat.com/errata/RHSA-2017:2472 RedHat Security Advisories: RHSA-2017:2732 https://access.redhat.com/errata/RHSA-2017:2732 |
| Copyright | Copyright (C) 2017 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |