Test ID:	1.3.6.1.4.1.25623.1.0.883149
Category:	CentOS Local Security Checks
Title:	CentOS Update for kernel CESA-2019:4256 centos6
Summary:	The remote host is missing an update for the 'kernel'; package(s) announced via the CESA-2019:4256 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the CESA-2019:4256 advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * KEYS: prevent creating a different user's keyrings RHEL-6.10 (BZ#1537371) * BUG: unable to handle kernel NULL pointer dereference at (null) (BZ#1733760) * long I/O stalls with bnx2fc from not masking off scope bits of retry delay value (BZ#1749512) Affected Software/OS: 'kernel' package(s) on CentOS 6. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-14821 20190925 [SECURITY] [DSA 4531-1] linux security update https://seclists.org/bugtraq/2019/Sep/41 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01) https://seclists.org/bugtraq/2019/Nov/11 DSA-4531 https://www.debian.org/security/2019/dsa-4531 FEDORA-2019-15e141c6a7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZQQQANZWQMPILZV7OTS3RGGRLLE2Q7/ FEDORA-2019-a570a92d5a https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/ RHSA-2019:3309 https://access.redhat.com/errata/RHSA-2019:3309 RHSA-2019:3517 https://access.redhat.com/errata/RHSA-2019:3517 RHSA-2019:3978 https://access.redhat.com/errata/RHSA-2019:3978 RHSA-2019:3979 https://access.redhat.com/errata/RHSA-2019:3979 RHSA-2019:4154 https://access.redhat.com/errata/RHSA-2019:4154 RHSA-2019:4256 https://access.redhat.com/errata/RHSA-2019:4256 RHSA-2020:0027 https://access.redhat.com/errata/RHSA-2020:0027 RHSA-2020:0204 https://access.redhat.com/errata/RHSA-2020:0204 USN-4157-1 https://usn.ubuntu.com/4157-1/ USN-4157-2 https://usn.ubuntu.com/4157-2/ USN-4162-1 https://usn.ubuntu.com/4162-1/ USN-4162-2 https://usn.ubuntu.com/4162-2/ USN-4163-1 https://usn.ubuntu.com/4163-1/ USN-4163-2 https://usn.ubuntu.com/4163-2/ [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html [oss-security] 20190920 CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer http://www.openwall.com/lists/oss-security/2019/09/20/1 http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14821 https://security.netapp.com/advisory/ntap-20191004-0001/ https://www.oracle.com/security-alerts/cpuapr2020.html openSUSE-SU-2019:2307 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html openSUSE-SU-2019:2308 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html
Copyright	Copyright (C) 2020 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.