The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1016 advisory.

  - kernel: out of bound read in DVB connexant driver.
    (CVE-2015-9289)

  - kernel: Missing permissions check for request_key()     destination allows local attackers to add keys to     keyring without Write permission (CVE-2017-17807)

  - kernel: oob memory read in hso_probe in     drivers/net/usb/hso.c (CVE-2018-19985)

  - kernel: usb: missing size check in the
    __usb_get_extra_descriptor() leading to DoS     (CVE-2018-20169)

  - kernel: denial of service via ioctl call in network tun     handling (CVE-2018-7191)

  - kernel: null-pointer dereference in     hci_uart_set_flow_control (CVE-2019-10207)

  - Kernel: net: weak IP ID generation leads to remote     device tracking (CVE-2019-10638)

  - Kernel: net: using kernel space address bits to derive     IP ID may potentially break KASLR (CVE-2019-10639)

  - kernel: ASLR bypass for setuid binaries due to late     install_exec_creds() (CVE-2019-11190)

  - kernel: sensitive information disclosure from kernel     stack memory via HIDPCONNADD command (CVE-2019-11884)

  - kernel: unchecked kstrdup of fwstr in     drm_load_edid_firmware leads to denial of service     (CVE-2019-12382)

  - kernel: use-after-free in arch/x86/lib/insn-eval.c     (CVE-2019-13233)

  - kernel: denial of service in     arch/powerpc/kernel/signal_32.c and     arch/powerpc/kernel/signal_64.c via sigreturn() system     call (CVE-2019-13648)

  - kernel: integer overflow and OOB read in     drivers/block/floppy.c (CVE-2019-14283)

  - kernel: memory leak in register_queue_kobjects() in     net/core/net-sysfs.c leads to denial of service     (CVE-2019-15916)

  - kernel: buffer-overflow hardening in WiFi beacon     validation code. (CVE-2019-16746)

  - kernel: (powerpc) incomplete Spectre-RSB mitigation     leads to information exposure (CVE-2019-18660)

  - kernel: perf_event_open() and execve() race in setuid     programs allows a data leak (CVE-2019-3901)

  - kernel: brcmfmac frame validation bypass (CVE-2019-9503)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Detections

Analytics

CentOS 7 : kernel (CESA-2020:1016)

critical Nessus Plugin ID 135316

Version 1.6

Version 1.5

Version 1.6 Mar 19, 2024, 2:37 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202403191437
Version 1.5 Mar 19, 2024, 12:36 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202403191236