Test ID:	1.3.6.1.4.1.25623.1.0.883095
Category:	CentOS Local Security Checks
Title:	CentOS Update for kernel CESA-2019:1873 centos7
Summary:	The remote host is missing an update for the 'kernel'; package(s) announced via the CESA-2019:1873 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the CESA-2019:1873 advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) and Enhancement(s): These updated kernel packages include also numerous bug fixes and add several enhancements. Affected Software/OS: 'kernel' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-16871 RHSA-2019:2696 https://access.redhat.com/errata/RHSA-2019:2696 RHSA-2019:2730 https://access.redhat.com/errata/RHSA-2019:2730 RHSA-2020:0740 https://access.redhat.com/errata/RHSA-2020:0740 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16871 https://security.netapp.com/advisory/ntap-20211004-0002/ https://support.f5.com/csp/article/K18657134 https://support.f5.com/csp/article/K18657134?utm_source=f5support&amp%3Butm_medium=RSS Common Vulnerability Exposure (CVE) ID: CVE-2018-16884 106253 http://www.securityfocus.com/bid/106253 RHSA-2019:1873 https://access.redhat.com/errata/RHSA-2019:1873 RHSA-2019:1891 https://access.redhat.com/errata/RHSA-2019:1891 RHSA-2019:3309 https://access.redhat.com/errata/RHSA-2019:3309 RHSA-2019:3517 https://access.redhat.com/errata/RHSA-2019:3517 RHSA-2020:0204 https://access.redhat.com/errata/RHSA-2020:0204 USN-3932-1 https://usn.ubuntu.com/3932-1/ USN-3932-2 https://usn.ubuntu.com/3932-2/ USN-3980-1 https://usn.ubuntu.com/3980-1/ USN-3980-2 https://usn.ubuntu.com/3980-2/ USN-3981-1 https://usn.ubuntu.com/3981-1/ USN-3981-2 https://usn.ubuntu.com/3981-2/ [debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html [debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html [debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16884 https://patchwork.kernel.org/cover/10733767/ https://patchwork.kernel.org/patch/10733769/ https://support.f5.com/csp/article/K21430012 https://www.oracle.com/security-alerts/cpuApr2021.html Common Vulnerability Exposure (CVE) ID: CVE-2019-11085 BugTraq ID: 108488 http://www.securityfocus.com/bid/108488 https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html RedHat Security Advisories: RHSA-2019:1873 RedHat Security Advisories: RHSA-2019:1891 RedHat Security Advisories: RHSA-2019:1959 https://access.redhat.com/errata/RHSA-2019:1959 RedHat Security Advisories: RHSA-2019:1971 https://access.redhat.com/errata/RHSA-2019:1971 RedHat Security Advisories: RHSA-2020:0543 https://access.redhat.com/errata/RHSA-2020:0543 RedHat Security Advisories: RHSA-2020:0592 https://access.redhat.com/errata/RHSA-2020:0592 RedHat Security Advisories: RHSA-2020:0609 https://access.redhat.com/errata/RHSA-2020:0609 SuSE Security Announcement: openSUSE-SU-2019:1479 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html SuSE Security Announcement: openSUSE-SU-2019:1579 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html https://usn.ubuntu.com/4068-1/ https://usn.ubuntu.com/4068-2/ https://usn.ubuntu.com/4118-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-11811 BugTraq ID: 108410 http://www.securityfocus.com/bid/108410 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.4 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=401e7e88d4ef80188ffa07095ac00456f901b8c4 https://github.com/torvalds/linux/commit/401e7e88d4ef80188ffa07095ac00456f901b8c4 RedHat Security Advisories: RHSA-2019:4057 https://access.redhat.com/errata/RHSA-2019:4057 RedHat Security Advisories: RHSA-2019:4058 https://access.redhat.com/errata/RHSA-2019:4058 RedHat Security Advisories: RHSA-2020:0036 https://access.redhat.com/errata/RHSA-2020:0036
Copyright	Copyright (C) 2019 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.