The remote Amazon Linux AMI host is missing a security update.
A malicious Network File System version 4 (NFSv4) server could return
a crafted reply to a GETACL request, causing a denial of service on
the client. (CVE-2012-2375 , Moderate)
A divide-by-zero flaw was found in the TCP Illinois congestion control
algorithm implementation in the Linux kernel. If the TCP Illinois
congestion control algorithm were in use (the sysctl
net.ipv4.tcp_congestion_control variable set to 'illinois'), a local,
unprivileged user could trigger this flaw and cause a denial of
service. (CVE-2012-4565 , Moderate)
A NULL pointer dereference flaw was found in the way a new node's hot
added memory was propagated to other nodes' zonelists. By utilizing
this newly added memory from one of the remaining nodes, a local,
unprivileged user could use this flaw to cause a denial of service.
(CVE-2012-5517 , Moderate)
It was found that a prevoius kernel release did not correctly fix the
CVE-2009-4307 issue, a divide-by-zero flaw in the ext4 file system
code. A local, unprivileged user with the ability to mount an ext4
file system could use this flaw to cause a denial of service.
(CVE-2012-2100 , Low)
A flaw was found in the way the Linux kernel's IPv6 implementation
handled overlapping, fragmented IPv6 packets. A remote attacker could
potentially use this flaw to bypass protection mechanisms (such as a
firewall or intrusion detection system (IDS)) when sending network
packets to a target system. (CVE-2012-4444 , Low)
See also :
Run 'yum update kernel nvidia' to update your system. You will need to
reboot your system in order for the new kernel to be running.
Risk factor :
High / CVSS Base Score : 7.1