Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871838
Category:Red Hat Local Security Checks
Title:RedHat Update for kernel RHSA-2017:1615-01
Summary:The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The kernel packages contain the Linux
kernel, the core of any Linux operating system. Security Fix(es): * A flaw was
found in the way Linux kernel allocates heap memory to build the scattergather
list from a fragment list(skb_shinfo(skb)- frag_list) in the socket
buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter
and 'NETIF_F_FRAGLIST' feature were used together. A remote user or process
could use this flaw to potentially escalate their privilege on a system.
(CVE-2017-7477, Important) * The NFS2/3 RPC client could send long arguments to
the NFS server. These encoded arguments are stored in an array of memory pages,
and accessed using pointer variables. Arbitrarily long arguments could make
these pointers point outside the array and cause an out-of-bounds memory access.
A remote user or program could use this flaw to crash the kernel (denial of
service). (CVE-2017-7645, Important) * The NFSv2 and NFSv3 server
implementations in the Linux kernel through 4.10.13 lacked certain checks for
the end of a buffer. A remote attacker could trigger a pointer-arithmetic error
or possibly cause other unspecified impacts using crafted requests related to
fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important) * The Linux
kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was
vulnerable to an incorrect segment selector(SS) value error. The error could
occur while loading values into the SS register in long mode. A user or process
inside a guest could use this flaw to crash the guest, resulting in DoS or
potentially escalate their privileges inside the guest. (CVE-2017-2583,
Moderate) * A flaw was found in the Linux kernel's handling of packets with the
URG flag. Applications using the splice() and tcp_splice_read() functionality
could allow a remote attacker to force the kernel to enter a condition in which
it could loop indefinitely. (CVE-2017-6214, Moderate) Red Hat would like to
thank Ari Kauppi for reporting CVE-2017-7895 and Xiaohan Zhang (Huawei Inc.) for
reporting CVE-2017-2583. Bug Fix(es): * Previously, the reserved-pages counter
(HugePages_Rsvd) was bigger than the total-pages counter (HugePages_Total) in
the /proc/meminfo file, and HugePages_Rsvd underflowed. With this update, the
HugeTLB feature of the Linux kernel has been fixed, and HugePages_Rsvd underflow
no longer occurs. (BZ#1445184) * If a directory on a NFS client was modified
while being listed, the NFS client could restart the directory listing multiple
times. Consequently, the performance of listing the directory was sub-optimal.
With this up ... Description truncated, for more information please check the
Reference URL

Affected Software/OS:
kernel on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-2583
BugTraq ID: 95673
http://www.securityfocus.com/bid/95673
Debian Security Information: DSA-3791 (Google Search)
http://www.debian.org/security/2017/dsa-3791
http://www.openwall.com/lists/oss-security/2017/01/19/2
RedHat Security Advisories: RHSA-2017:1615
https://access.redhat.com/errata/RHSA-2017:1615
RedHat Security Advisories: RHSA-2017:1616
https://access.redhat.com/errata/RHSA-2017:1616
https://usn.ubuntu.com/3754-1/
Common Vulnerability Exposure (CVE) ID: CVE-2017-6214
BugTraq ID: 96421
http://www.securityfocus.com/bid/96421
Debian Security Information: DSA-3804 (Google Search)
http://www.debian.org/security/2017/dsa-3804
RedHat Security Advisories: RHSA-2017:1372
https://access.redhat.com/errata/RHSA-2017:1372
RedHat Security Advisories: RHSA-2017:1647
https://access.redhat.com/errata/RHSA-2017:1647
http://www.securitytracker.com/id/1037897
Common Vulnerability Exposure (CVE) ID: CVE-2017-7477
BugTraq ID: 98014
http://www.securityfocus.com/bid/98014
http://www.securitytracker.com/id/1038500
Common Vulnerability Exposure (CVE) ID: CVE-2017-7645
BugTraq ID: 97950
http://www.securityfocus.com/bid/97950
Debian Security Information: DSA-3886 (Google Search)
http://www.debian.org/security/2017/dsa-3886
https://marc.info/?l=linux-nfs&m=149218228327497&w=2
https://marc.info/?l=linux-nfs&m=149247516212924&w=2
RedHat Security Advisories: RHSA-2018:1319
https://access.redhat.com/errata/RHSA-2018:1319
Common Vulnerability Exposure (CVE) ID: CVE-2017-7895
BugTraq ID: 98085
http://www.securityfocus.com/bid/98085
RedHat Security Advisories: RHSA-2017:1715
https://access.redhat.com/errata/RHSA-2017:1715
RedHat Security Advisories: RHSA-2017:1723
https://access.redhat.com/errata/RHSA-2017:1723
RedHat Security Advisories: RHSA-2017:1766
https://access.redhat.com/errata/RHSA-2017:1766
RedHat Security Advisories: RHSA-2017:1798
https://access.redhat.com/errata/RHSA-2017:1798
RedHat Security Advisories: RHSA-2017:2412
https://access.redhat.com/errata/RHSA-2017:2412
RedHat Security Advisories: RHSA-2017:2428
https://access.redhat.com/errata/RHSA-2017:2428
RedHat Security Advisories: RHSA-2017:2429
https://access.redhat.com/errata/RHSA-2017:2429
RedHat Security Advisories: RHSA-2017:2472
https://access.redhat.com/errata/RHSA-2017:2472
RedHat Security Advisories: RHSA-2017:2732
https://access.redhat.com/errata/RHSA-2017:2732
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.