Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

Amazon Linux: Security Advisory (ALAS-2013-258)

Severity

Medium

Family

Amazon Linux Local Security Checks

CVSSv2 Base

4.0

CVSSv2 Vector

AV:L/AC:H/Au:N/C:N/I:N/A:C

Solution Type

Vendor Patch

Created

7 years ago

Modified

1 year ago

The remote host is missing an update announced via the referenced Security Advisory.

Insight

Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.

Solution

Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.

Common Vulnerabilities and Exposures (CVE)

CVE-2013-6382

References

https://alas.aws.amazon.com/ALAS-2013-258.html

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

Amazon Linux: Security Advisory (ALAS-2013-258)

Information

Severity

Severity

Family

Family

CVSSv2 Base

CVSSv2 Base

CVSSv2 Vector

CVSSv2 Vector

Solution Type

Solution Type

Created

Created

Modified

Modified

Share

Summary

Insight

Insight

Solution

Solution

Common Vulnerabilities and Exposures (CVE)

References