Scientific Linux Security Update : kernel on SL7.x x86_64 (20151103)
Medium Nessus Plugin ID 86747
SynopsisThe remote Scientific Linux host is missing one or more security updates.
Description* A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system. (CVE-2014-8559, Moderate)
* A buffer overflow flaw was found in the way the Linux kernel's virtio- net subsystem handled certain fraglists when the GRO (Generic Receive Offload) functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on the system. (CVE-2015-5156, Moderate)
The system must be rebooted for this update to take effect.
SolutionUpdate the affected packages.