This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
A flaw was found in the way the Linux kernel's Event Poll (epoll)
subsystem handled large, nested epoll structures. A local,
unprivileged user could use this flaw to cause a denial of service.
A malicious Network File System version 4 (NFSv4) server could return
a crafted reply to a GETACL request, causing a denial of service on
The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram
Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and
earlier allows local users to cause a denial of service (BUG_ON and
kernel panic) by establishing an RDS connection with the source IP
address equal to the IPoIB interface's own IP address, as demonstrated
See also :
Run 'yum update kernel' to update your system. You will need to reboot
your system in order for the new kernel to be running.
Risk factor :
Medium / CVSS Base Score : 4.9
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 69590 ()
CVE ID: CVE-2011-1083CVE-2011-4131CVE-2012-2372
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.