English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871838
Category:Red Hat Local Security Checks
Title:RedHat Update for kernel RHSA-2017:1615-01
Summary:The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The kernel packages contain the Linux
kernel, the core of any Linux operating system. Security Fix(es): * A flaw was
found in the way Linux kernel allocates heap memory to build the scattergather
list from a fragment list(skb_shinfo(skb)- frag_list) in the socket
buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter
and 'NETIF_F_FRAGLIST' feature were used together. A remote user or process
could use this flaw to potentially escalate their privilege on a system.
(CVE-2017-7477, Important) * The NFS2/3 RPC client could send long arguments to
the NFS server. These encoded arguments are stored in an array of memory pages,
and accessed using pointer variables. Arbitrarily long arguments could make
these pointers point outside the array and cause an out-of-bounds memory access.
A remote user or program could use this flaw to crash the kernel (denial of
service). (CVE-2017-7645, Important) * The NFSv2 and NFSv3 server
implementations in the Linux kernel through 4.10.13 lacked certain checks for
the end of a buffer. A remote attacker could trigger a pointer-arithmetic error
or possibly cause other unspecified impacts using crafted requests related to
fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important) * The Linux
kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was
vulnerable to an incorrect segment selector(SS) value error. The error could
occur while loading values into the SS register in long mode. A user or process
inside a guest could use this flaw to crash the guest, resulting in DoS or
potentially escalate their privileges inside the guest. (CVE-2017-2583,
Moderate) * A flaw was found in the Linux kernel's handling of packets with the
URG flag. Applications using the splice() and tcp_splice_read() functionality
could allow a remote attacker to force the kernel to enter a condition in which
it could loop indefinitely. (CVE-2017-6214, Moderate) Red Hat would like to
thank Ari Kauppi for reporting CVE-2017-7895 and Xiaohan Zhang (Huawei Inc.) for
reporting CVE-2017-2583. Bug Fix(es): * Previously, the reserved-pages counter
(HugePages_Rsvd) was bigger than the total-pages counter (HugePages_Total) in
the /proc/meminfo file, and HugePages_Rsvd underflowed. With this update, the
HugeTLB feature of the Linux kernel has been fixed, and HugePages_Rsvd underflow
no longer occurs. (BZ#1445184) * If a directory on a NFS client was modified
while being listed, the NFS client could restart the directory listing multiple
times. Consequently, the performance of listing the directory was sub-optimal.
With this up ... Description truncated, for more information please check the
Reference URL

Affected Software/OS:
kernel on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-2583
95673
http://www.securityfocus.com/bid/95673
DSA-3791
http://www.debian.org/security/2017/dsa-3791
RHSA-2017:1615
https://access.redhat.com/errata/RHSA-2017:1615
RHSA-2017:1616
https://access.redhat.com/errata/RHSA-2017:1616
USN-3754-1
https://usn.ubuntu.com/3754-1/
[oss-security] 20170119 CVE-2017-2583 Kernel: Kvm: vmx/svm potential privilege escalation inside guest
http://www.openwall.com/lists/oss-security/2017/01/19/2
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33ab91103b3415e12457e3104f0e4517ce12d0f3
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5
https://bugzilla.redhat.com/show_bug.cgi?id=1414735
https://github.com/torvalds/linux/commit/33ab91103b3415e12457e3104f0e4517ce12d0f3
Common Vulnerability Exposure (CVE) ID: CVE-2017-6214
BugTraq ID: 96421
http://www.securityfocus.com/bid/96421
Debian Security Information: DSA-3804 (Google Search)
http://www.debian.org/security/2017/dsa-3804
RedHat Security Advisories: RHSA-2017:1372
https://access.redhat.com/errata/RHSA-2017:1372
RedHat Security Advisories: RHSA-2017:1615
RedHat Security Advisories: RHSA-2017:1616
RedHat Security Advisories: RHSA-2017:1647
https://access.redhat.com/errata/RHSA-2017:1647
http://www.securitytracker.com/id/1037897
Common Vulnerability Exposure (CVE) ID: CVE-2017-7477
1038500
http://www.securitytracker.com/id/1038500
98014
http://www.securityfocus.com/bid/98014
https://bugzilla.redhat.com/show_bug.cgi?id=1445207
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5294b83086cc1c35b4efeca03644cf9d12282e5b
Common Vulnerability Exposure (CVE) ID: CVE-2017-7645
BugTraq ID: 97950
http://www.securityfocus.com/bid/97950
Debian Security Information: DSA-3886 (Google Search)
http://www.debian.org/security/2017/dsa-3886
https://marc.info/?l=linux-nfs&m=149218228327497&w=2
https://marc.info/?l=linux-nfs&m=149247516212924&w=2
RedHat Security Advisories: RHSA-2018:1319
https://access.redhat.com/errata/RHSA-2018:1319
Common Vulnerability Exposure (CVE) ID: CVE-2017-7895
BugTraq ID: 98085
http://www.securityfocus.com/bid/98085
RedHat Security Advisories: RHSA-2017:1715
https://access.redhat.com/errata/RHSA-2017:1715
RedHat Security Advisories: RHSA-2017:1723
https://access.redhat.com/errata/RHSA-2017:1723
RedHat Security Advisories: RHSA-2017:1766
https://access.redhat.com/errata/RHSA-2017:1766
RedHat Security Advisories: RHSA-2017:1798
https://access.redhat.com/errata/RHSA-2017:1798
RedHat Security Advisories: RHSA-2017:2412
https://access.redhat.com/errata/RHSA-2017:2412
RedHat Security Advisories: RHSA-2017:2428
https://access.redhat.com/errata/RHSA-2017:2428
RedHat Security Advisories: RHSA-2017:2429
https://access.redhat.com/errata/RHSA-2017:2429
RedHat Security Advisories: RHSA-2017:2472
https://access.redhat.com/errata/RHSA-2017:2472
RedHat Security Advisories: RHSA-2017:2732
https://access.redhat.com/errata/RHSA-2017:2732
CopyrightCopyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.