 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.882840 |
| Category: | CentOS Local Security Checks |
| Title: | CentOS Update for kernel CESA-2018:0169 centos6 |
| Summary: | Check the version of kernel |
| Description: | Summary: Check the version of kernel Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges (of CAP_NET_RAW) to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt() function. (CVE-2017-7542, Moderate) * The IPv6 fragmentation implementation in the Linux kernel does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. (CVE-2017-9074, Moderate) * A use-after-free flaw was found in the Netlink functionality of the Linux kernel networking subsystem. Due to the insufficient cleanup in the mq_notify function, a local attacker could potentially use this flaw to escalate their privileges on the system. (CVE-2017-11176, Moderate) Bug Fix(es): * Previously, the default timeout and retry settings in the VMBus driver were insufficient in some cases, for example when a Hyper-V host was under a significant load. Consequently, in Windows Server 2016, Hyper-V Server 2016, and Windows Azure Platform, when running a Red Hat Enterprise Linux Guest on the Hyper-V hypervisor, the guest failed to boot or booted with certain Hyper-V devices missing. This update alters the timeout and retry settings in VMBus, and Red Hat Enterprise Linux guests now boot as expected under the described conditions. (BZ#1506145) * Previously, an incorrect external declaration in the be2iscsi driver caused a kernel panic when using the systool utility. With this update, the external declaration in be2iscsi has been fixed, and the kernel no longer panics when using systool. (BZ#1507512) * Under high usage of the NFSD file system and memory pressure, if many tasks in the Linux kernel attempted to obtain the global spinlock to clean the Duplicate Reply Cache (DRC), these tasks stayed in an active wait in the nfsd_reply_cache_shrink() function for up to 99% of time. Consequently, a high load average occurred. This update fixes the bug by separating the DRC in several parts, each with an independent spinlock. As a result, the load and CPU utilization is no longer excessive under the described circumstances. (BZ#1509876) * When attempting to attach multiple SCSI devices simultaneously, Red Hat Enterprise Linux 6.9 on IBM z Systems sometimes became unresponsive. This update fixes the zfcp ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: kernel on CentOS 6 Solution: Please Install the Updated Packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-7542 99953 http://www.securityfocus.com/bid/99953 DSA-3927 http://www.debian.org/security/2017/dsa-3927 DSA-3945 http://www.debian.org/security/2017/dsa-3945 RHSA-2017:2918 https://access.redhat.com/errata/RHSA-2017:2918 RHSA-2017:2930 https://access.redhat.com/errata/RHSA-2017:2930 RHSA-2017:2931 https://access.redhat.com/errata/RHSA-2017:2931 RHSA-2018:0169 https://access.redhat.com/errata/RHSA-2018:0169 USN-3583-1 https://usn.ubuntu.com/3583-1/ USN-3583-2 https://usn.ubuntu.com/3583-2/ http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6399f1fae4ec29fab5ec76070435555e256ca3a6 https://github.com/torvalds/linux/commit/6399f1fae4ec29fab5ec76070435555e256ca3a6 https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 Common Vulnerability Exposure (CVE) ID: CVE-2017-9074 BugTraq ID: 98577 http://www.securityfocus.com/bid/98577 Debian Security Information: DSA-3886 (Google Search) http://www.debian.org/security/2017/dsa-3886 RedHat Security Advisories: RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842 RedHat Security Advisories: RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077 RedHat Security Advisories: RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2017:2669 RedHat Security Advisories: RHSA-2018:0169 Common Vulnerability Exposure (CVE) ID: CVE-2017-11176 BugTraq ID: 99919 http://www.securityfocus.com/bid/99919 Debian Security Information: DSA-3927 (Google Search) Debian Security Information: DSA-3945 (Google Search) https://www.exploit-db.com/exploits/45553/ RedHat Security Advisories: RHSA-2017:2918 RedHat Security Advisories: RHSA-2017:2930 RedHat Security Advisories: RHSA-2017:2931 RedHat Security Advisories: RHSA-2018:3822 https://access.redhat.com/errata/RHSA-2018:3822 |
| Copyright | Copyright (C) 2018 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |