Amazon Linux AMI : kernel Privilege Escalation Vulnerability (ALAS-2012-34)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Amazon Linux AMI host is missing a security update.

Description :

In KVM (Kernel-based Virtual Machine) environments using raw format
virtio disks backed by a partition or LVM volume, a privileged guest
user could bypass intended restrictions and issue read and write
requests (and other SCSI commands) on the host, and possibly access
the data of other guests that reside on the same underlying block
device. Partition-based and LVM-based storage pools are not used by
default.

See also :

http://www.nessus.org/u?ac276d60

Solution :

Run 'yum upgrade kernel' to upgrade your system. You will need to
reboot your system for the new kernel to be loaded.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)

Family: Amazon Linux Local Security Checks

Nessus Plugin ID: 69641 ()

Bugtraq ID:

CVE ID: CVE-2011-4127