| VID |
14203 |
| Severity |
30 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
The remote system does not apply RHSA-2015-1221 which is kernel security update. The system which does not apply the update is affected by the following vulnerabilities :
- A NULL pointer dereference flaw was found in the way the Linux kernel's virtual console implementation handled reference counting when accessing pseudo-terminal device files (/dev/pts/*). A local, unprivileged attacker could use this flaw to crash the system. (CVE-2011-5321)
- It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to escalate their privileges on the system. (CVE-2015-3636)
- An integer overflow flaw was found in the way the Linux kernel randomized the stack for processes on certain 64-bit architecture systems, such as x86-64, causing the stack entropy to be reduced by four. (CVE-2015-1593)
- A flaw was found in the way the Linux kernel's 32-bit emulation implementation handled forking or closing of a task with an 'int80' entry. A local user could potentially use this flaw to escalate their privileges on the system. (CVE-2015-2830)
- It was found that the Linux kernel's TCP/IP protocol suite implementation for IPv6 allowed the Hop Limit value to be set to a smaller value than the default one. An attacker on a local network could use this flaw to prevent systems on that network from sending or receiving network packets. (CVE-2015-2922)
Note: This check solely relied on the Firefox RPM version of the remote system to assess this vulnerability, so this might be a false positive.
* References:
https://rhn.redhat.com/errata/RHSA-2015-1221.html
https://www.redhat.com/security/data/cve/CVE-2011-5321.html
https://www.redhat.com/security/data/cve/CVE-2015-1593.html
https://www.redhat.com/security/data/cve/CVE-2015-2830.html
https://www.redhat.com/security/data/cve/CVE-2015-2922.html
https://www.redhat.com/security/data/cve/CVE-2015-3636.html
https://access.redhat.com/articles/1506133
* Platforms Affected:
Red Hat Enterprise Linux Server (v. 6) |
| Recommendation |
Update the affected packages.
Launch the graphical update tool through
Applications -> System Tools -> Software Update
For a command line interface, use the following command to update the operating system:
# yum update
To install kernel package, use the following command:
# yum install kernel |
| Related URL |
CVE-2011-5321,CVE-2015-1593,CVE-2015-2830,CVE-2015-2922,CVE-2015-3636 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
