Amazon Linux AMI : kernel / nvidia (ALAS-2013-148)

High Nessus Plugin ID 69707

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 3.6

Synopsis

The remote Amazon Linux AMI host is missing a security update.

Description

A malicious Network File System version 4 (NFSv4) server could return a crafted reply to a GETACL request, causing a denial of service on the client. (CVE-2012-2375 , Moderate)

A divide-by-zero flaw was found in the TCP Illinois congestion control algorithm implementation in the Linux kernel. If the TCP Illinois congestion control algorithm were in use (the sysctl net.ipv4.tcp_congestion_control variable set to 'illinois'), a local, unprivileged user could trigger this flaw and cause a denial of service. (CVE-2012-4565 , Moderate)

A NULL pointer dereference flaw was found in the way a new node's hot added memory was propagated to other nodes' zonelists. By utilizing this newly added memory from one of the remaining nodes, a local, unprivileged user could use this flaw to cause a denial of service.
(CVE-2012-5517 , Moderate)

It was found that a prevoius kernel release did not correctly fix the CVE-2009-4307 issue, a divide-by-zero flaw in the ext4 file system code. A local, unprivileged user with the ability to mount an ext4 file system could use this flaw to cause a denial of service.
(CVE-2012-2100 , Low)

A flaw was found in the way the Linux kernel's IPv6 implementation handled overlapping, fragmented IPv6 packets. A remote attacker could potentially use this flaw to bypass protection mechanisms (such as a firewall or intrusion detection system (IDS)) when sending network packets to a target system. (CVE-2012-4444 , Low)

Solution

Run 'yum update kernel nvidia' to update your system. You will need to reboot your system in order for the new kernel to be running.

See Also

https://alas.aws.amazon.com/ALAS-2013-148.html

Plugin Details

Severity: High

ID: 69707

File Name: ala_ALAS-2013-148.nasl

Version: 1.5

Type: local

Agent: unix

Published: 2013/09/04

Updated: 2018/04/18

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 3.6

CVSS v2.0

Base Score: 7.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:kernel-doc, p-cpe:/a:amazon:linux:kernel-headers, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:nvidia, p-cpe:/a:amazon:linux:nvidia-kmod-3.2.36-1.46.amzn1, cpe:/o:amazon:linux

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Patch Publication Date: 2013/01/14

Reference Information

CVE: CVE-2012-2100, CVE-2012-2375, CVE-2012-4444, CVE-2012-4565, CVE-2012-5517

ALAS: 2013-148

RHSA: 2012:1580