EulerOS 2.0 SP2 : kernel (EulerOS-SA-2017-1319)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote EulerOS host is missing multiple security updates.

Description :

According to the versions of the kernel packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

- A flaw was found in the processing of incoming L2CAP
bluetooth commands. Uninitialized stack variables can
be sent to an attacker leaking data in kernel address
space.(CVE-2017-1000410)

- The qmi_wwan_bind function in
drivers/net/usb/qmi_wwan.c in the Linux kernel through
4.13.11 allows local users to cause a denial of service
(divide-by-zero error and system crash) or possibly
have unspecified other impact via a crafted USB
device.(CVE-2017-16650)

- The usbnet_generic_cdc_bind function in
drivers/net/usb/cdc_ether.c in the Linux kernel through
4.13.11 allows local users to cause a denial of service
(divide-by-zero error and system crash) or possibly
have unspecified other impact via a crafted USB
device.(CVE-2017-16649)

- The ims_pcu_get_cdc_union_desc function in
drivers/input/misc/ims-pcu.c in the Linux kernel
through 4.13.11 allows local users to cause a denial of
service (ims_pcu_parse_cdc_data out-of-bounds read and
system crash) or possibly have unspecified other impact
via a crafted USB device.(CVE-2017-16645)

- The hdpvr_probe function in
drivers/media/usb/hdpvr/hdpvr-core.c in the Linux
kernel through 4.13.11 allows local users to cause a
denial of service (improper error handling and system
crash) or possibly have unspecified other impact via a
crafted USB device.(CVE-2017-16644)

- The parse_hid_report_descriptor function in
drivers/input/tablet/gtco.c in the Linux kernel before
4.13.11 allows local users to cause a denial of service
(out-of-bounds read and system crash) or possibly have
unspecified other impact via a crafted USB
device.(CVE-2017-16643)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?929d71ac

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.8
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: Huawei Local Security Checks

Nessus Plugin ID: 105047 ()

Bugtraq ID:

CVE ID: CVE-2017-1000410
CVE-2017-16643
CVE-2017-16644
CVE-2017-16645
CVE-2017-16649
CVE-2017-16650

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now