Test ID:	1.3.6.1.4.1.25623.1.0.871794
Category:	Red Hat Local Security Checks
Title:	RedHat Update for kernel RHSA-2017:0892-01
Summary:	The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the referenced advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) * A flaw was found in the Linux kernel's implementation of seq_file where a local attacker could manipulate memory in the put() function pointer. This could lead to memory corruption and possible privileged escalation. (CVE-2016-7910, Moderate) Red Hat would like to thank Alexander Popov for reporting CVE-2017-2636. Bug Fix(es): * Previously, Chelsio firmware included an incorrectly-formatted firmware bin file. As a consequence, the firmware could not be flashed. This update provides a firmware bin file that is formatted correctly. As a result, Chelsio firmware can now be flashed successfully. (BZ#1433865) * When multiple simultaneous processes attempted to read from the /proc/stat file, spinlock overhead was generated on Non-Uniform Memory Access (NUMA) systems. Consequently, a large amount of CPU was consumed. With this update, the underlying source code has been fixed to avoid taking spinlock when the interrupt line does not exist. As a result, the spinlock overhead is now generated less often, and multiple simultaneous processes can now read /proc/stat without consuming a large amount of CPU. (BZ#1428106) Affected Software/OS: kernel on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-7910 BugTraq ID: 94135 http://www.securityfocus.com/bid/94135 RedHat Security Advisories: RHSA-2017:0892 https://access.redhat.com/errata/RHSA-2017:0892 RedHat Security Advisories: RHSA-2017:1297 https://access.redhat.com/errata/RHSA-2017:1297 RedHat Security Advisories: RHSA-2017:1298 https://access.redhat.com/errata/RHSA-2017:1298 RedHat Security Advisories: RHSA-2017:1308 https://access.redhat.com/errata/RHSA-2017:1308 Common Vulnerability Exposure (CVE) ID: CVE-2017-2636 1037963 http://www.securitytracker.com/id/1037963 96732 http://www.securityfocus.com/bid/96732 DSA-3804 http://www.debian.org/security/2017/dsa-3804 RHSA-2017:0892 RHSA-2017:0931 https://access.redhat.com/errata/RHSA-2017:0931 RHSA-2017:0932 https://access.redhat.com/errata/RHSA-2017:0932 RHSA-2017:0933 https://access.redhat.com/errata/RHSA-2017:0933 RHSA-2017:0986 https://access.redhat.com/errata/RHSA-2017:0986 RHSA-2017:1125 https://access.redhat.com/errata/RHSA-2017:1125 RHSA-2017:1126 https://access.redhat.com/errata/RHSA-2017:1126 RHSA-2017:1232 https://access.redhat.com/errata/RHSA-2017:1232 RHSA-2017:1233 https://access.redhat.com/errata/RHSA-2017:1233 RHSA-2017:1488 https://access.redhat.com/errata/RHSA-2017:1488 [oss-security] 20170307 Linux kernel: CVE-2017-2636: local privilege escalation flaw in n_hdlc http://www.openwall.com/lists/oss-security/2017/03/07/6 https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html https://bugzilla.redhat.com/show_bug.cgi?id=1428319
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.