Scan for free your assets for this vulnerability
It is easy and free to get started with Mageni and it can be installed in Windows, macOS and Linux.
Processing. Please wait...
No credit card necessary
Amazon Linux: Security Advisory (ALAS-2013-252)
The remote host is missing an update announced via the referenced Security Advisory.
The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c.The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.
Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.
Know your vulnerabilities for free. Start using Mageni today.
Mageni can help you to find, assess and manage your vulnerabilities.Get Started for Free