Test ID:	1.3.6.1.4.1.25623.1.0.883300
Category:	CentOS Local Security Checks
Title:	CentOS: Security Advisory for bpftool (CESA-2020:5023)
Summary:	The remote host is missing an update for the 'bpftool'; package(s) announced via the CESA-2020:5023 advisory.
Description:	Summary: The remote host is missing an update for the 'bpftool' package(s) announced via the CESA-2020:5023 advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: buffer over write in vgacon_scroll (CVE-2020-14331) * kernel: net-sysfs: *_queue_add_kobject refcount issue (CVE-2019-20811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [OSP13, mlx5] SRIOV VF still sending traffic when PF is down (BZ#1733181) * gpf panic in virtio_check_driver_offered_fxature+6 when running sg_inq on a dm map for a lost virtio_blk (BZ#1811893) * GPF panic in qlt_free_session_done+626 (BZ#1826127) * [ Brazos ] 'Core(s) per socket' and 'Socket' values are interchanged in lscpu output. (kernel) (BZ#1826306) * megaraid Aero: call trace observed during reboots (BZ#1828312) * Crash in mptscsih_io_done() due to buffer overrun in sense_buf_pool (BZ#1829803) * The qedf driver fails to re-establish the online F/C port state when the downstream F/C port is toggled unless a LIP is forced (BZ#1836443) * tcp_fragment() limit causes packet drop under normal TCP load (BZ#1847765) * ip link command shows state as UNKNOWN for MACVLAN interface (BZ#1848950) * Lenovo TS 7Z60 Cooper Lake: PCI BAR firmware bug (BZ#1849223) * [RHEL-7/mlx4] ipoib_flush ipoib_ib_dev_flush_light [ib_ipoib] (BZ#1858707) * Uprobes crashes processes under GDB - SIGTRAP and SIGSEGV (BZ#1861396) * kernel-3.10.0-1127.19.1.el7.x86_64 crashes after an SSH connection attempt when running as a Xen PV guest on AMD Epyc Rome (BZ#1882468) * Null ptr deref after nf_reinject->nf_queue_entry_release_refs hits Attempt to release error doing inet_sock_destruct() (BZ#1885682) Users of kernel are advised to upgrade to these updated packages, which fix these bugs. Affected Software/OS: 'bpftool' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-20811 Debian Security Information: DSA-4698 (Google Search) https://www.debian.org/security/2020/dsa-4698 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3e23f719f5c4a38ffb3d30c8d7632a4ed8ccd9e https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://usn.ubuntu.com/4527-1/ Common Vulnerability Exposure (CVE) ID: CVE-2020-14331 [debian-lts-announce] 20200928 [SECURITY] [DLA 2385-1] linux-4.19 security update https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html [debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html [debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html https://bugzilla.redhat.com/show_bug.cgi?id=1858679 https://lists.openwall.net/linux-kernel/2020/07/29/234 https://www.openwall.com/lists/oss-security/2020/07/28/2
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.