Amazon Linux AMI : kernel (ALAS-2015-491)

Medium Nessus Plugin ID 81827

Synopsis

The remote Amazon Linux AMI host is missing a security update.

Description

It was reported that stack address is not properly randomized on some 64 bit architectures due to an integer overflow. The stack entropy of the processes is reduced by four.

Solution

Run 'yum clean all' followed by 'yum update kernel' to update your system. You will need to reboot your system in order for the new kernel to be running.

See Also

https://alas.aws.amazon.com/ALAS-2015-491.html

Plugin Details

Severity: Medium

ID: 81827

File Name: ala_ALAS-2015-491.nasl

Version: 1.2

Type: local

Agent: unix

Published: 2015/03/17

Updated: 2018/04/18

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:kernel-doc, p-cpe:/a:amazon:linux:kernel-headers, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:perf-debuginfo, cpe:/o:amazon:linux

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Patch Publication Date: 2015/03/13

Reference Information

CVE: CVE-2015-1593

ALAS: 2015-491