ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2016.0415
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2016-0415)
Resumen:	The remote host is missing an update for the 'kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons' package(s) announced via the MGASA-2016-0415 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons' package(s) announced via the MGASA-2016-0415 advisory. Vulnerability Insight: This update is based on upstream 4.4.36 and fixes at least the following security issues: The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c (CVE-2016-8645). The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent (CVE-2016-8650). A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKET_V3 ring buffer. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system (CVE-2016-8655). Linux kernel built with the Kernel-based Virtual Machine(CONFIG_KVM) support is vulnerable to an information leakage issue. It could occur on x86 platform, while emulating instructions in 32bit mode. A user/process could use this flaw to leak host kernel memory bytes (CVE-2016-9756). A bug in SO_{SNDRCV}BUFFORCE setsockopt() implementation allows CAP_NET_ADMIN users to set negative sk_sndbuf or sk_rcvbuf values. A user could use this flaw to cause various memory corruptions, crashes and OOM (CVE-2016-9793). For other fixes in this update, see the referenced changelogs. Affected Software/OS: 'kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-8645 1037285 http://www.securitytracker.com/id/1037285 94264 http://www.securityfocus.com/bid/94264 RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842 RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077 RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2017:2669 [oss-security] 20161111 CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c http://www.openwall.com/lists/oss-security/2016/11/11/3 [oss-security] 20161130 Re: CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c http://www.openwall.com/lists/oss-security/2016/11/30/3 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac6e780070e30e4c35bd395acfe9191e6268bdd3 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.10 https://bugzilla.redhat.com/show_bug.cgi?id=1393904 https://github.com/torvalds/linux/commit/ac6e780070e30e4c35bd395acfe9191e6268bdd3 Common Vulnerability Exposure (CVE) ID: CVE-2016-8650 1037968 http://www.securitytracker.com/id/1037968 20161115 OS-S 2016-21 - Local DoS: Linux Kernel Nullpointer Dereference via keyctl http://seclists.org/fulldisclosure/2016/Nov/76 94532 http://www.securityfocus.com/bid/94532 RHSA-2017:0931 https://access.redhat.com/errata/RHSA-2017:0931 RHSA-2017:0932 https://access.redhat.com/errata/RHSA-2017:0932 RHSA-2017:0933 https://access.redhat.com/errata/RHSA-2017:0933 RHSA-2018:1854 https://access.redhat.com/errata/RHSA-2018:1854 [oss-security] 20161125 Linux kernel: CVE-2016-8650 : Local denial of service with in key subsystem http://www.openwall.com/lists/oss-security/2016/11/24/8 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073 https://bugzilla.redhat.com/show_bug.cgi?id=1395187 https://github.com/torvalds/linux/commit/f5527fffff3f002b0a6b376163613b82f69de073 https://source.android.com/security/bulletin/2017-03-01.html Common Vulnerability Exposure (CVE) ID: CVE-2016-8655 1037403 http://www.securitytracker.com/id/1037403 40871 https://www.exploit-db.com/exploits/40871/ 44696 https://www.exploit-db.com/exploits/44696/ 94692 http://www.securityfocus.com/bid/94692 RHSA-2017:0386 http://rhn.redhat.com/errata/RHSA-2017-0386.html RHSA-2017:0387 http://rhn.redhat.com/errata/RHSA-2017-0387.html RHSA-2017:0402 http://rhn.redhat.com/errata/RHSA-2017-0402.html SUSE-SU-2016:3096 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00044.html SUSE-SU-2016:3113 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00054.html SUSE-SU-2016:3116 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00055.html SUSE-SU-2016:3117 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00056.html SUSE-SU-2016:3169 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00067.html SUSE-SU-2016:3183 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00070.html SUSE-SU-2016:3197 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00073.html SUSE-SU-2016:3205 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00076.html SUSE-SU-2016:3206 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00077.html SUSE-SU-2016:3247 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00087.html USN-3149-1 http://www.ubuntu.com/usn/USN-3149-1 USN-3149-2 http://www.ubuntu.com/usn/USN-3149-2 USN-3150-1 http://www.ubuntu.com/usn/USN-3150-1 USN-3150-2 http://www.ubuntu.com/usn/USN-3150-2 USN-3151-1 http://www.ubuntu.com/usn/USN-3151-1 USN-3151-2 http://www.ubuntu.com/usn/USN-3151-2 USN-3151-3 http://www.ubuntu.com/usn/USN-3151-3 USN-3151-4 http://www.ubuntu.com/usn/USN-3151-4 USN-3152-1 http://www.ubuntu.com/usn/USN-3152-1 USN-3152-2 http://www.ubuntu.com/usn/USN-3152-2 [oss-security] 20161206 CVE-2016-8655 Linux af_packet.c race condition (local root) http://www.openwall.com/lists/oss-security/2016/12/06/1 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c http://packetstormsecurity.com/files/140063/Linux-Kernel-4.4.0-AF_PACKET-Race-Condition-Privilege-Escalation.html https://bugzilla.redhat.com/show_bug.cgi?id=1400019 https://github.com/torvalds/linux/commit/84ac7260236a49c79eede91617700174c2c19b0c Common Vulnerability Exposure (CVE) ID: CVE-2016-9756 94615 http://www.securityfocus.com/bid/94615 [oss-security] 20161201 CVE request: Kernel: kvm: stack memory information leakage http://www.openwall.com/lists/oss-security/2016/12/01/1 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2117d5398c81554fbf803f5fd1dc55eb78216c0c http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.12 https://bugzilla.redhat.com/show_bug.cgi?id=1400468 https://github.com/torvalds/linux/commit/2117d5398c81554fbf803f5fd1dc55eb78216c0c openSUSE-SU-2017:0002 http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9793 BugTraq ID: 94655 http://www.securityfocus.com/bid/94655 https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793 http://www.openwall.com/lists/oss-security/2016/12/03/1 RedHat Security Advisories: RHSA-2017:0931 RedHat Security Advisories: RHSA-2017:0932 RedHat Security Advisories: RHSA-2017:0933
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.