This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
The skb_gro_header_slow function in include/linux/netdevice.h in the
Linux kernel before 126.96.36.199, when Generic Receive Offload (GRO) is
enabled, resets certain fields in incorrect situations, which allows
remote attackers to cause a denial of service (system crash) via
crafted network traffic.
Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in
the eCryptfs subsystem in the Linux kernel before 3.1 allows local
users to bypass intended file permissions via a mount.ecryptfs_private
mount with a mismatched uid.
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before
3.1 use a modified MD4 algorithm to generate sequence numbers and
Fragment Identification values, which makes it easier for remote
attackers to cause a denial of service (disrupted networking) or
hijack network sessions by predicting these values and sending crafted
Integer signedness error in the CIFSFindNext function in
fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS
servers to cause a denial of service (memory corruption) or possibly
have unspecified other impact via a large length value in a response
to a read request for a directory.
The Performance Events subsystem in the Linux kernel before 3.1 does
not properly handle event overflows associated with
PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a
denial of service (system hang) via a crafted application.
See also :
Run 'yum update kernel' to update your system. You will need to reboot
your system in order for the new kernel to be running.
Risk factor :
Critical / CVSS Base Score : 10.0
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 69575 ()
CVE ID: CVE-2011-1833CVE-2011-2723CVE-2011-2918CVE-2011-3188CVE-2011-3191
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.