Detections
Analytics
Scientific Linux Security Update : util-linux on SL7.x x86_64 (20170412)
medium Nessus Plugin ID 99354
Language:
Synopsis
The remote Scientific Linux host is missing one or more security updates.Description
Security Fix(es) :- A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
(CVE-2017-2616)
Bug Fix(es) :
- The 'findmnt --target <path>' command prints all file systems where the mount point directory is <path>.
Previously, when used in the chroot environment, 'findmnt --target <path>' incorrectly displayed all mount points. The command has been fixed so that it now checks the mount point path and returns information only for the relevant mount point.
Solution
Update the affected packages.See Also
Plugin Details
Severity: Medium
ID: 99354
File Name: sl_20170412_util_linux_on_SL7_x.nasl
Version: 3.5
Type: local
Agent: unix
Published: 4/13/2017
Updated: 1/14/2021
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 4.7
Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C
CVSS v3
Risk Factor: Medium
Base Score: 4.7
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Information
CPE: p-cpe:/a:fermilab:scientific_linux:libblkid, p-cpe:/a:fermilab:scientific_linux:libblkid-devel, p-cpe:/a:fermilab:scientific_linux:libmount, p-cpe:/a:fermilab:scientific_linux:libmount-devel, p-cpe:/a:fermilab:scientific_linux:libuuid, p-cpe:/a:fermilab:scientific_linux:libuuid-devel, p-cpe:/a:fermilab:scientific_linux:util-linux, p-cpe:/a:fermilab:scientific_linux:util-linux-debuginfo, p-cpe:/a:fermilab:scientific_linux:uuidd, x-cpe:/o:fermilab:scientific_linux
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Patch Publication Date: 4/12/2017
Vulnerability Publication Date: 7/27/2018
Reference Information
CVE: CVE-2017-2616