English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.882493
Categoría:CentOS Local Security Checks
Título:CentOS Update for kernel CESA-2016:1033 centos7
Resumen:Check the version of kernel
Descripción:Summary:
Check the version of kernel

Vulnerability Insight:
The kernel packages contain the
Linux kernel, the core of any Linux operating system.

Security Fix(es):

* A flaw was found in the way the Linux kernel's ASN.1 DER decoder
processed certain certificate files with tags of indefinite length. A
local, unprivileged user could use a specially crafted X.509 certificate
DER file to crash the system or, potentially, escalate their privileges on
the system. (CVE-2016-0758, Important)

Red Hat would like to thank Philip Pettersson of Samsung for reporting this
issue.

Bug Fix(es):

* Under certain conditions, the migration threads could race with the CPU
hotplug, which could cause a deadlock. A set of patches has been provided
to fix this bug, and the deadlock no longer occurs in the system.
(BZ#1299338)

* A bug in the code that cleans up revoked delegations could previously
cause a soft lockup in the NFS server. This patch fixes the underlying
source code, so the lockup no longer occurs. (BZ#1311582)

* The second attempt to reload Common Application Programming Interface
(CAPI) devices on the little-endian variant of IBM Power Systems previously
failed. The provided set of patches fixes this bug, and reloading works as
intended. (BZ#1312396)

* Due to inconsistencies in page size of IOMMU, the NVMe device, and the
kernel, the BUG_ON signal previously occurred in the nvme_setup_prps()
function, leading to the system crash while setting up the DMA transfer.
The provided patch sets the default NVMe page size to 4k, thus preventing
the system crash. (BZ#1312399)

* Previously, on a system using the Infiniband mlx5 driver used for the SRP
stack, a hard lockup previously occurred after the kernel exceeded time
with lock held with interrupts blocked. As a consequence, the system
panicked. This update fixes this bug, and the system no longer panics in
this situation. (BZ#1313814)

* On the little-endian variant of IBM Power Systems, the kernel previously
crashed in the bitmap_weight() function while running the memory affinity
script. The provided patch fortifies the topology setup and prevents
sd- child from being set to NULL when it is already NULL. As a result, the
memory affinity script runs successfully. (BZ#1316158)

* When a KVM guest wrote random values to the special-purpose registers
(SPR) Instruction Authority Mask Register (IAMR), the guest and the
corresponding QEMU process previously hung. This update adds the code which
sets SPRs to a suitable neutral value on guest exit, thus fixing this bug.
(BZ#1316636)

* Under heavy iSCSI traffic load, the system previously panicked due to a
race in the locking code leading to a list corruption. This update ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
kernel on CentOS 7

Solution:
Please install the updated packages.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-0758
90626
http://www.securityfocus.com/bid/90626
HPSBHF3548
https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158555
RHSA-2016:1033
http://rhn.redhat.com/errata/RHSA-2016-1033.html
RHSA-2016:1051
http://rhn.redhat.com/errata/RHSA-2016-1051.html
RHSA-2016:1055
http://rhn.redhat.com/errata/RHSA-2016-1055.html
SUSE-SU-2016:1672
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html
SUSE-SU-2016:1690
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html
SUSE-SU-2016:1937
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html
SUSE-SU-2016:1961
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html
SUSE-SU-2016:1985
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html
SUSE-SU-2016:1994
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html
SUSE-SU-2016:1995
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html
SUSE-SU-2016:2000
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html
SUSE-SU-2016:2001
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html
SUSE-SU-2016:2002
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html
SUSE-SU-2016:2003
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html
SUSE-SU-2016:2005
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html
SUSE-SU-2016:2006
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html
SUSE-SU-2016:2007
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html
SUSE-SU-2016:2009
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html
SUSE-SU-2016:2010
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html
SUSE-SU-2016:2011
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html
SUSE-SU-2016:2014
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html
SUSE-SU-2016:2105
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html
USN-2979-4
http://www.ubuntu.com/usn/USN-2979-4
[oss-security] 20160513 CVE-2016-0758 - Linux kernel - Flaw in ASN.1 DER decoder for x509 certificate DER files.
http://www.openwall.com/lists/oss-security/2016/05/12/9
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa
http://source.android.com/security/bulletin/2016-10-01.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
https://bugzilla.redhat.com/show_bug.cgi?id=1300257
https://github.com/torvalds/linux/commit/23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa
openSUSE-SU-2016:1641
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html
openSUSE-SU-2016:2184
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html
CopyrightCopyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.