GLSA-201412-11 : AMD64 x86 emulation base libraries: Multiple vulnerabilities (Heartbleed)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-201412-11
(AMD64 x86 emulation base libraries: Multiple vulnerabilities)

Multiple vulnerabilities have been discovered in AMD64 x86 emulation
base libraries. Please review the CVE identifiers referenced below for
details.

Impact :

A context-dependent attacker may be able to execute arbitrary code,
cause a Denial of Service condition, or obtain sensitive information.

Workaround :

There is no known workaround at this time.

See also :

https://security.gentoo.org/glsa/201412-11

Solution :

All users of the AMD64 x86 emulation base libraries should upgrade to
the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
'>=app-emulation/emul-linux-x86-baselibs-20140406-r1'
NOTE: One or more of the issues described in this advisory have been
fixed in previous updates. They are included in this advisory for the
sake of completeness. It is likely that your system is already no longer
affected by them.

Risk factor :

High / CVSS Base Score : 9.4
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N)
CVSS Temporal Score : 7.4
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true