English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.10.2017.0088
Categoría:Mageia Linux Local Security Checks
Título:Mageia: Security Advisory (MGASA-2017-0088)
Resumen:The remote host is missing an update for the 'kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons' package(s) announced via the MGASA-2017-0088 advisory.
Descripción:Summary:
The remote host is missing an update for the 'kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons' package(s) announced via the MGASA-2017-0088 advisory.

Vulnerability Insight:
This kernel update is based on upstream 4.4.55 and fixes at least
the following security issues:

Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1
allows local users to gain privileges or cause a denial of service (double
free) by setting the HDLC line discipline (CVE-2017-2636).

Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13
allows local users to cause a denial of service (use-after-free) or possibly
have unspecified other impact via a multithreaded application that makes
PACKET_FANOUT setsockopt system calls (CVE-2017-6346).

The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux
kernel before 4.10.1 has incorrect expectations about skb data layout,
which allows local users to cause a denial of service (buffer over-read)
or possibly have unspecified other impact via crafted system calls, as
demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP
transmission (CVE-2017-6347).

The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before
4.9.13 improperly manages lock dropping, which allows local users to cause a
denial of service (deadlock) via crafted operations on IrDA devices
(CVE-2017-6348).

For other upstream fixes in this update, see the referenced changelogs.

Affected Software/OS:
'kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-2636
1037963
http://www.securitytracker.com/id/1037963
96732
http://www.securityfocus.com/bid/96732
DSA-3804
http://www.debian.org/security/2017/dsa-3804
RHSA-2017:0892
https://access.redhat.com/errata/RHSA-2017:0892
RHSA-2017:0931
https://access.redhat.com/errata/RHSA-2017:0931
RHSA-2017:0932
https://access.redhat.com/errata/RHSA-2017:0932
RHSA-2017:0933
https://access.redhat.com/errata/RHSA-2017:0933
RHSA-2017:0986
https://access.redhat.com/errata/RHSA-2017:0986
RHSA-2017:1125
https://access.redhat.com/errata/RHSA-2017:1125
RHSA-2017:1126
https://access.redhat.com/errata/RHSA-2017:1126
RHSA-2017:1232
https://access.redhat.com/errata/RHSA-2017:1232
RHSA-2017:1233
https://access.redhat.com/errata/RHSA-2017:1233
RHSA-2017:1488
https://access.redhat.com/errata/RHSA-2017:1488
[oss-security] 20170307 Linux kernel: CVE-2017-2636: local privilege escalation flaw in n_hdlc
http://www.openwall.com/lists/oss-security/2017/03/07/6
https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html
https://bugzilla.redhat.com/show_bug.cgi?id=1428319
Common Vulnerability Exposure (CVE) ID: CVE-2017-6346
BugTraq ID: 96508
http://www.securityfocus.com/bid/96508
Debian Security Information: DSA-3804 (Google Search)
http://www.openwall.com/lists/oss-security/2017/02/28/6
Common Vulnerability Exposure (CVE) ID: CVE-2017-6347
BugTraq ID: 96487
http://www.securityfocus.com/bid/96487
http://www.openwall.com/lists/oss-security/2017/02/28/5
Common Vulnerability Exposure (CVE) ID: CVE-2017-6348
BugTraq ID: 96483
http://www.securityfocus.com/bid/96483
http://www.openwall.com/lists/oss-security/2017/02/28/4
https://usn.ubuntu.com/3754-1/
CopyrightCopyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.