ID de Prueba:	1.3.6.1.4.1.25623.1.0.883220
Categoría:	CentOS Local Security Checks
Título:	CentOS: Security Advisory for kernel (CESA-2020:1524)
Resumen:	The remote host is missing an update for the 'kernel'; package(s) announced via the CESA-2020:1524 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the CESA-2020:1524 advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666) * kernel: offset2lib allows for the stack guard page to be jumped over (CVE-2017-1000371) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'kernel' package(s) on CentOS 6. Solution: Please install the updated package(s). CVSS Score: 8.3 CVSS Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-1000371 BugTraq ID: 99131 http://www.securityfocus.com/bid/99131 Debian Security Information: DSA-3981 (Google Search) http://www.debian.org/security/2017/dsa-3981 https://www.exploit-db.com/exploits/42273/ https://www.exploit-db.com/exploits/42276/ https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt Common Vulnerability Exposure (CVE) ID: CVE-2019-17666 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRBP4O6D2SQ2NHCRHTJONGCZLWOIV5MN/ https://arstechnica.com/information-technology/2019/10/unpatched-linux-flaw-may-let-attackers-crash-or-compromise-nearby-devices/ https://lkml.org/lkml/2019/10/16/1226 https://twitter.com/nicowaisman/status/1184864519316758535 https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html RedHat Security Advisories: RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0328 RedHat Security Advisories: RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0339 RedHat Security Advisories: RHSA-2020:0543 https://access.redhat.com/errata/RHSA-2020:0543 RedHat Security Advisories: RHSA-2020:0661 https://access.redhat.com/errata/RHSA-2020:0661 RedHat Security Advisories: RHSA-2020:0740 https://access.redhat.com/errata/RHSA-2020:0740 SuSE Security Announcement: openSUSE-SU-2019:2392 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html SuSE Security Announcement: openSUSE-SU-2019:2444 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html https://usn.ubuntu.com/4183-1/ https://usn.ubuntu.com/4184-1/ https://usn.ubuntu.com/4185-1/ https://usn.ubuntu.com/4186-1/ https://usn.ubuntu.com/4186-2/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.