This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
A use-after-free flaw was found in the madvise() system call
implementation in the Linux kernel. A local, unprivileged user could
use this flaw to cause a denial of service or, potentially, escalate
their privileges. (CVE-2012-3511)
It was found that when running a 32-bit binary that uses a large
number of shared libraries, one of the libraries would always be
loaded at a predictable address in memory. An attacker could use this
flaw to bypass the Address Space Layout Randomization (ASLR) security
ext4: AIO vs fallocate stale data exposure (CVE-2012-4508)
net: divide by zero in tcp algorithm illinois (CVE-2012-4565)
A use-after-free flaw was found in the Linux kernel's memory
management subsystem in the way quota handling for huge pages was
performed. A local, unprivileged user could use this flaw to cause a
denial of service or, potentially, escalate their privileges.
Buffer overflow flaws were found in the udf_load_logicalvol() function
in the Universal Disk Format (UDF) file system implementation in the
Linux kernel. An attacker with physical access to a system could use
these flaws to cause a denial of service or escalate their privileges.
uts: stack memory leak in UNAME26 (CVE-2012-0957)
See also :
Run 'yum update kernel' to update your system.
Risk factor :
High / CVSS Base Score : 7.6