Scientific Linux Security Update : kernel on SL7.x x86_64

High Nessus Plugin ID 100458


The remote Scientific Linux host is missing one or more security updates.


Security Fix(es) :

- It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. (CVE-2017-7308, Important)

- Mounting a crafted EXT4 image read-only leads to an attacker controlled memory corruption and SLAB-Out-of-Bounds reads. (CVE-2016-10208, Moderate)

- A flaw was found in the Linux kernel's implementation of seq_file where a local attacker could manipulate memory in the put() function pointer. This could lead to memory corruption and possible privileged escalation.
(CVE-2016-7910, Moderate)

- A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shash_async_export() by attempting to force the in-kernel hashing algorithms into decrypting an empty data set. (CVE-2016-8646, Moderate)

- It was reported that with Linux kernel, earlier than version v4.10-rc8, an application may trigger a BUG_ON in sctp_wait_for_sndbuf if the socket tx buffer is full, a thread is waiting on it to queue more data, and meanwhile another thread peels off the association being used by the first thread. (CVE-2017-5986, Moderate)


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 100458

File Name: sl_20170525_kernel_on_SL7_x.nasl

Version: $Revision: 3.4 $

Type: local

Agent: unix

Published: 2017/05/26

Modified: 2017/07/11

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C


Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2017/05/25

Exploitable With

Core Impact

Reference Information

CVE: CVE-2016-10208, CVE-2016-7910, CVE-2016-8646, CVE-2017-5986, CVE-2017-7308