ID de Prueba:	1.3.6.1.4.1.25623.1.0.882957
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for kernel CESA-2018:2846 centos6
Resumen:	Check the version of kernel
Descripción:	Summary: Check the version of kernel Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. (CVE-2018-5391) * kernel: Integer overflow in Linux's create_elf_tables function (CVE-2018-14634) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5391 and Qualys Research Labs for reporting CVE-2018-14634. Bug Fix(es): These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. Affected Software/OS: kernel on CentOS 6 Solution: Please install the updated packages. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-5391 BugTraq ID: 105108 http://www.securityfocus.com/bid/105108 CERT/CC vulnerability note: VU#641765 https://www.kb.cert.org/vuls/id/641765 Debian Security Information: DSA-4272 (Google Search) https://www.debian.org/security/2018/dsa-4272 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 RedHat Security Advisories: RHSA-2018:2785 https://access.redhat.com/errata/RHSA-2018:2785 RedHat Security Advisories: RHSA-2018:2791 https://access.redhat.com/errata/RHSA-2018:2791 RedHat Security Advisories: RHSA-2018:2846 https://access.redhat.com/errata/RHSA-2018:2846 RedHat Security Advisories: RHSA-2018:2924 https://access.redhat.com/errata/RHSA-2018:2924 RedHat Security Advisories: RHSA-2018:2925 https://access.redhat.com/errata/RHSA-2018:2925 RedHat Security Advisories: RHSA-2018:2933 https://access.redhat.com/errata/RHSA-2018:2933 RedHat Security Advisories: RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948 RedHat Security Advisories: RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3083 RedHat Security Advisories: RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2018:3096 RedHat Security Advisories: RHSA-2018:3459 https://access.redhat.com/errata/RHSA-2018:3459 RedHat Security Advisories: RHSA-2018:3540 https://access.redhat.com/errata/RHSA-2018:3540 RedHat Security Advisories: RHSA-2018:3586 https://access.redhat.com/errata/RHSA-2018:3586 RedHat Security Advisories: RHSA-2018:3590 https://access.redhat.com/errata/RHSA-2018:3590 http://www.securitytracker.com/id/1041476 http://www.securitytracker.com/id/1041637 https://usn.ubuntu.com/3740-1/ https://usn.ubuntu.com/3740-2/ https://usn.ubuntu.com/3741-1/ https://usn.ubuntu.com/3741-2/ https://usn.ubuntu.com/3742-1/ https://usn.ubuntu.com/3742-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-14634 105407 http://www.securityfocus.com/bid/105407 45516 https://www.exploit-db.com/exploits/45516/ RHSA-2018:2748 https://access.redhat.com/errata/RHSA-2018:2748 RHSA-2018:2763 https://access.redhat.com/errata/RHSA-2018:2763 RHSA-2018:2846 RHSA-2018:2924 RHSA-2018:2925 RHSA-2018:2933 RHSA-2018:3540 RHSA-2018:3586 RHSA-2018:3590 RHSA-2018:3591 https://access.redhat.com/errata/RHSA-2018:3591 RHSA-2018:3643 https://access.redhat.com/errata/RHSA-2018:3643 USN-3775-1 https://usn.ubuntu.com/3775-1/ USN-3775-2 https://usn.ubuntu.com/3775-2/ USN-3779-1 https://usn.ubuntu.com/3779-1/ [oss-security] 20180925 Integer overflow in Linux's create_elf_tables() (CVE-2018-14634) https://www.openwall.com/lists/oss-security/2018/09/25/4 [oss-security] 20210720 CVE-2021-33910: Denial of service (stack exhaustion) in systemd (PID 1) http://www.openwall.com/lists/oss-security/2021/07/20/2 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634 https://security.netapp.com/advisory/ntap-20190204-0002/ https://security.paloaltonetworks.com/CVE-2018-14634 https://support.f5.com/csp/article/K20934447?utm_source=f5support&amp%3Butm_medium=RSS
Copyright	Copyright (C) 2018 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.