This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
A use-after-free flaw was found in the Linux kernel's memory
management subsystem in the way quota handling for huge pages was
performed. A local, unprivileged user could use this flaw to cause a
denial of service or, potentially, escalate their privileges.
(CVE-2012-2133 , Moderate)
A use-after-free flaw was found in the madvise() system call
implementation in the Linux kernel. A local, unprivileged user could
use this flaw to cause a denial of service or, potentially, escalate
their privileges. (CVE-2012-3511 , Moderate)
It was found that when running a 32-bit binary that uses a large
number of shared libraries, one of the libraries would always be
loaded at a predictable address in memory. An attacker could use this
flaw to bypass the Address Space Layout Randomization (ASLR) security
feature. (CVE-2012-1568 , Low)
Buffer overflow flaws were found in the udf_load_logicalvol() function
in the Universal Disk Format (UDF) file system implementation in the
Linux kernel. An attacker with physical access to a system could use
these flaws to cause a denial of service or escalate their privileges.
(CVE-2012-3400 , Low)
See also :
Run 'yum update kernel' to update your system. You will need to reboot
your system in order for the new kernel to be running.
Risk factor :
High / CVSS Base Score : 7.6
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 69632 ()
CVE ID: CVE-2012-0957CVE-2012-1568CVE-2012-2133CVE-2012-3400CVE-2012-3511CVE-2012-4508CVE-2012-4565
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.