EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1089)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote EulerOS host is missing multiple security updates.

Description :

According to the versions of the kernel packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

- Use-after-free vulnerability in the disk_seqf_stop
function in block/genhd.c in the Linux kernel before
4.7.1 allows local users to gain privileges by
leveraging the execution of a certain stop operation
even if the corresponding start operation had
failed.(CVE-2016-7910)

- Race condition in the get_task_ioprio function in
block/ioprio.c in the Linux kernel before 4.6.6 allows
local users to gain privileges or cause a denial of
service (use-after-free) via a crafted ioprio_get
system call.(CVE-2016-7911)

- The assoc_array_insert_into_terminal_node function in
lib/assoc_array.c in the Linux kernel before 4.5.3 does
not check whether a slot is a leaf, which allows local
users to obtain sensitive information from kernel
memory or cause a denial of service (invalid pointer
dereference and out-of-bounds read) via an application
that uses associative-array data structures, as
demonstrated by the keyutils test suite.(CVE-2016-7914)

- The IPv6 stack in the Linux kernel before 4.3.3
mishandles options data, which allows local users to
gain privileges or cause a denial of service
(use-after-free and system crash) via a crafted sendmsg
system call.(CVE-2016-3841)

- Race condition in the environ_read function in
fs/proc/base.c in the Linux kernel before 4.5.4 allows
local users to obtain sensitive information from kernel
memory by reading a /proc/*/environ file during a
process-setup time interval in which
environment-variable copying is
incomplete.(CVE-2016-7916)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?cb303361

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Huawei Local Security Checks

Nessus Plugin ID: 99846 ()

Bugtraq ID:

CVE ID: CVE-2016-3841
CVE-2016-7910
CVE-2016-7911
CVE-2016-7914
CVE-2016-7916

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now