Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (BlueBorne)

High Nessus Plugin ID 103174

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

Security Fix(es) :

- A stack-based buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel (CONFIG_CC_STACKPROTECTOR=y, which is enabled on all architectures other than s390x and ppc64[le]), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to crash the system. Due to the nature of the stack protection feature, code execution cannot be fully ruled out, although we believe it is unlikely. On systems without the stack protection feature (ppc64[le]; the Bluetooth modules are not built on s390x), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to remotely execute arbitrary code on the system with ring 0 (kernel) privileges. (CVE-2017-1000251, Important)

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?5096aec8

Plugin Details

Severity: High

ID: 103174

File Name: sl_20170912_kernel_on_SL6_x.nasl

Version: $Revision: 3.4 $

Type: local

Agent: unix

Published: 2017/09/13

Modified: 2018/01/26

Dependencies: 12634

Risk Information

Risk Factor: High

CVSSv2

Base Score: 8.3

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSSv3

Base Score: 8.8

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2017/09/12

Reference Information

CVE: CVE-2017-1000251