Plugins Database As of 12-10-2019

RedHat Update for kernel RHSA-2017:3315-01

Red Hat Local Security Checks
Impact by CVSS Score
  • ID: 1.3.6.1.4.1.25623.1.0.812318

CVSS Base Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N

Detection Type:
Linux Distribution Package

Summary:
The remote host is missing an update for the 'kernel' Linux Distribution Package(s) announced via the referenced advisory.

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
The kernel Linux Distribution Packages contain the Linux kernel, the core of any Linux operating system. These updated kernel Linux Distribution Packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article. Security Fix(es): * It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers, resulting in an uninitialized memory disclosure to user space. A local user could use this flaw to read information belonging to other users. (CVE-2017-1000380, Moderate) Red Hat would like to thank Alexander Potapenko (Google) for reporting this issue.

Affected Versions:
kernel on Red Hat Enterprise Linux Server (v. 7)

Recommendations:
Please Install the Updated Packages.

Solution Type:
Vendor Patch

Search
Severity
Low
CVSS Score
2.1
Published
2017-12-01 11:17:14
Modified
2019-03-12 09:34:48
CVE
CVE-2017-1000380

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.