Scientific Linux Security Update : kernel on SL5.x i386/x86_64

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

Security Fix(es) :

- A use-after-free flaw was found in the way the Linux
kernel's Datagram Congestion Control Protocol (DCCP)
implementation freed SKB (socket buffer) resources for a
DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option
is set on the socket. A local, unprivileged user could
use this flaw to alter the kernel memory, allowing them
to escalate their privileges on the system.
(CVE-2017-6074, Important)

- It was found that the Linux kernel's Datagram Congestion
Control Protocol (DCCP) implementation used the
IPv4-only inet_sk_rebuild_header() function for both
IPv4 and IPv6 DCCP connections, which could result in
memory corruptions. A remote attacker could use this
flaw to crash the system. (CVE-2017-2634, Moderate)

Important: This update disables the DCCP kernel module at load time by
using the kernel module blacklist method. The module is disabled in an
attempt to reduce further exposure to additional issues.

See also :

http://www.nessus.org/u?46fdb86b

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 97415 ()

Bugtraq ID:

CVE ID: CVE-2017-2634
CVE-2017-6074

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now