CentOS Local Security Checks : CentOS Update for libblkid CESA-2017:0907 centos7

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.882691

Categoría: CentOS Local Security Checks

Título: CentOS Update for libblkid CESA-2017:0907 centos7

Resumen: Check the version of libblkid

Descripción: Summary:
Check the version of libblkid

Vulnerability Insight:
The util-linux packages contain a large
variety of low-level system utilities that are necessary for a Linux system to
function. Among others, these include the fdisk configuration tool and the
login program.

Security Fix(es):

* A race condition was found in the way su handled the management of child
processes. A local authenticated attacker could use this flaw to kill other
processes with root privileges under specific conditions. (CVE-2017-2616)

Red Hat would like to thank Tobias Stockmann for reporting this issue.

Bug Fix(es):

* The 'findmnt --target path ' command prints all file systems where the
mount point directory is path. Previously, when used in the chroot
environment, 'findmnt --target path ' incorrectly displayed all mount
points. The command has been fixed so that it now checks the mount point
path and returns information only for the relevant mount point.
(BZ#1414481)

Affected Software/OS:
libblkid on CentOS 7

Solution:
Please Install the Updated Packages.

CVSS Score:
4.7

CVSS Vector:
AV:L/AC:M/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-2616
BugTraq ID: 96404
http://www.securityfocus.com/bid/96404
Debian Security Information: DSA-3793 (Google Search)
https://www.debian.org/security/2017/dsa-3793
https://security.gentoo.org/glsa/201706-02
RedHat Security Advisories: RHSA-2017:0654
http://rhn.redhat.com/errata/RHSA-2017-0654.html
RedHat Security Advisories: RHSA-2017:0907
https://access.redhat.com/errata/RHSA-2017:0907
http://www.securitytracker.com/id/1038271

Copyright Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.882691
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for libblkid CESA-2017:0907 centos7
Resumen:	Check the version of libblkid
Descripción:	Summary: Check the version of libblkid Vulnerability Insight: The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es): * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stockmann for reporting this issue. Bug Fix(es): * The 'findmnt --target path ' command prints all file systems where the mount point directory is path. Previously, when used in the chroot environment, 'findmnt --target path ' incorrectly displayed all mount points. The command has been fixed so that it now checks the mount point path and returns information only for the relevant mount point. (BZ#1414481) Affected Software/OS: libblkid on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 4.7 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-2616 BugTraq ID: 96404 http://www.securityfocus.com/bid/96404 Debian Security Information: DSA-3793 (Google Search) https://www.debian.org/security/2017/dsa-3793 https://security.gentoo.org/glsa/201706-02 RedHat Security Advisories: RHSA-2017:0654 http://rhn.redhat.com/errata/RHSA-2017-0654.html RedHat Security Advisories: RHSA-2017:0907 https://access.redhat.com/errata/RHSA-2017:0907 http://www.securitytracker.com/id/1038271
Copyright	Copyright (C) 2017 Greenbone AG