Scientific Linux Security Update : NetworkManager and libnl3 on SL7.x x86_64

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

The libnl3 packages contain a convenience library that simplifies
using the Linux kernel's Netlink sockets interface for network
manipulation.

The following packages have been upgraded to a later upstream version:
NetworkManager (1.8.0), network-manager-applet (1.8.0).

Security Fix(es) in the libnl3 component :

- An integer overflow leading to a heap-buffer overflow
was found in the libnl library. An attacker could use
this flaw to cause an application compiled with libnl to
crash or possibly execute arbitrary code in the context
of the user running such an application. (CVE-2017-0553)

See also :

http://www.nessus.org/u?5a0ed2a1

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 102635 ()

Bugtraq ID:

CVE ID: CVE-2017-0553

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now