Amazon Linux AMI : kernel Multiple Vulnerabilities (ALAS-2013-233)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Amazon Linux AMI host is missing a security update.

Description :

net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not
properly determine the need for UDP Fragmentation Offload (UFO)
processing of small packets after the UFO queueing of a large packet,
which allows remote attackers to cause a denial of service (memory
corruption and system crash) or possibly have unspecified other impact
via network traffic that triggers a large response packet.
(CVE-2013-4387)

An information leak flaw was found in the way Linux kernel's device
mapper subsystem, under certain conditions, interpreted data written
to snapshot block devices. An attacker could use this flaw to read
data from disk blocks in free space, which are normally inaccessible.
(CVE-2013-4299)

The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6
implementation in the Linux kernel through 3.10.3 makes an incorrect
function call for pending data, which allows local users to cause a
denial of service (BUG and system crash) via a crafted application
that uses the UDP_CORK option in a setsockopt system call.
(CVE-2013-4162)

An information leak flaw in the Linux kernel could allow a local,
unprivileged user to leak kernel memory to user-space. (CVE-2013-2141)

It was found that a deadlock could occur in the Out of Memory (OOM)
killer. A process could trigger this deadlock by consuming a large
amount of memory, and then causing request_module() to be called. A
local, unprivileged user could use this flaw to cause a denial of
service (excessive memory consumption). (CVE-2012-4398)

See also :

http://www.nessus.org/u?7be8c366

Solution :

Run 'yum update kernel' to update your system.

Risk factor :

Medium / CVSS Base Score : 6.1
(CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C)

Family: Amazon Linux Local Security Checks

Nessus Plugin ID: 70569 ()

Bugtraq ID:

CVE ID: CVE-2012-4398
CVE-2013-2141
CVE-2013-4162
CVE-2013-4299
CVE-2013-4387