Test ID:	1.3.6.1.4.1.25623.1.0.883200
Category:	CentOS Local Security Checks
Title:	CentOS: Security Advisory for kernel (CESA-2020:0790)
Summary:	The remote host is missing an update for the 'kernel'; package(s) announced via the CESA-2020:0790 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the CESA-2020:0790 advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133) * kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol. (CVE-2019-17055) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * LACP bond does not function because bonding driver sees slave speed & duplex as Unknown (BZ#1772779) * ixgbevf guess causes excessive interrupts in hypervisor due to get link settings (BZ#1795404) Affected Software/OS: 'kernel' package(s) on CentOS 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-17055 Bugtraq: 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01) (Google Search) https://seclists.org/bugtraq/2019/Nov/11 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6JNEWGIK7QA24OIUUL67QZNJN52NB7T/ http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b91ee4aa2a2199ba4d4650706c272985a5a32d80 https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html RedHat Security Advisories: RHSA-2020:0790 https://access.redhat.com/errata/RHSA-2020:0790 SuSE Security Announcement: openSUSE-SU-2019:2503 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00035.html SuSE Security Announcement: openSUSE-SU-2019:2507 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00039.html https://usn.ubuntu.com/4184-1/ https://usn.ubuntu.com/4185-1/ https://usn.ubuntu.com/4185-2/ https://usn.ubuntu.com/4186-1/ https://usn.ubuntu.com/4186-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-17133 https://security.netapp.com/advisory/ntap-20191031-0005/ https://marc.info/?l=linux-wireless&m=157018270915487&w=2 https://www.oracle.com/security-alerts/cpuApr2021.html RedHat Security Advisories: RHSA-2020:0174 https://access.redhat.com/errata/RHSA-2020:0174 RedHat Security Advisories: RHSA-2020:0374 https://access.redhat.com/errata/RHSA-2020:0374 RedHat Security Advisories: RHSA-2020:0375 https://access.redhat.com/errata/RHSA-2020:0375 RedHat Security Advisories: RHSA-2020:0543 https://access.redhat.com/errata/RHSA-2020:0543 RedHat Security Advisories: RHSA-2020:0592 https://access.redhat.com/errata/RHSA-2020:0592 RedHat Security Advisories: RHSA-2020:0609 https://access.redhat.com/errata/RHSA-2020:0609 RedHat Security Advisories: RHSA-2020:0653 https://access.redhat.com/errata/RHSA-2020:0653 RedHat Security Advisories: RHSA-2020:0661 https://access.redhat.com/errata/RHSA-2020:0661 RedHat Security Advisories: RHSA-2020:0664 https://access.redhat.com/errata/RHSA-2020:0664 SuSE Security Announcement: openSUSE-SU-2019:2392 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html SuSE Security Announcement: openSUSE-SU-2019:2444 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html https://usn.ubuntu.com/4208-1/ https://usn.ubuntu.com/4210-1/ https://usn.ubuntu.com/4211-1/ https://usn.ubuntu.com/4211-2/ https://usn.ubuntu.com/4226-1/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.