This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
The do_tkill function in kernel/signal.c in the Linux kernel before
3.8.9 does not initialize a certain data structure, which allows local
users to obtain sensitive information from kernel memory via a crafted
application that makes a (1) tkill or (2) tgkill system call.
The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6
implementation in the Linux kernel through 3.10.3 makes an incorrect
function call for pending data, which allows local users to cause a
denial of service (BUG and system crash) via a crafted application
that uses the UDP_CORK option in a setsockopt system call.
net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not
properly determine the need for UDP Fragmentation Offload (UFO)
processing of small packets after the UFO queueing of a large packet,
which allows remote attackers to cause a denial of service (memory
corruption and system crash) or possibly have unspecified other impact
via network traffic that triggers a large response packet.
The __request_module function in kernel/kmod.c in the Linux kernel
before 3.4 does not set a certain killable attribute, which allows
local users to cause a denial of service (memory consumption) via a
Interpretation conflict in drivers/md/dm-snap-persistent.c in the
Linux kernel through 3.11.6 allows remote authenticated users to
obtain sensitive information or modify data via a crafted mapping to a
snapshot block device.
See also :
Run 'yum update kernel' to update your system. You will need to reboot
your system in order for the new kernel to be running.
Risk factor :
Medium / CVSS Base Score : 6.1