Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CentOS: Security Advisory for kernel (CESA-2020:2430)

Information

Severity

Severity

Medium

Family

Family

CentOS Local Security Checks

CVSSv2 Base

CVSSv2 Base

4.9

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

2 years ago

Modified

Modified

2 years ago

Summary

The remote host is missing an update for the 'kernel' package(s) announced via the CESA-2020:2430 advisory.

Insight

Insight

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: NULL pointer dereference due to KEYCTL_READ on negative key (CVE-2017-12192) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel: hw: provide reporting and microcode mitigation toggle for CVE-2020-0543 / Special Register Buffer Data Sampling (SRBDS) (BZ#1827185) * Bonding not failing over in mode=1 under 2.6.32-754.28.1 (...27.1 works OK) (BZ#1828604) 1493435 - CVE-2017-12192 kernel: NULL pointer dereference due to KEYCTL_READ on negative key 1828604 - Bonding not failing over in mode=1 under 2.6.32-754.28.1 (...27.1 works OK) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-754.30.2.el6.src.rpm i386: kernel-2.6.32-754.30.2.el6.i686.rpm kernel-debug-2.6.32-754.30.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.30.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.30.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.30.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.30.2.el6.i686.rpm kernel-devel-2.6.32-754.30.2.el6.i686.rpm kernel-headers-2.6.32-754.30.2.el6.i686.rpm perf-2.6.32-754.30.2.el6.i686.rpm perf-debuginfo-2.6.32-754.30.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.30.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.30.2.el6.noarch.rpm kernel-doc-2.6.32-754.30.2.el6.noarch.rpm kernel-firmware-2.6.32-754.30.2.el6.noarch.rpm x86_64: kernel-2.6.32-754.30.2.el6.x86_64.rpm kernel-debug-2.6.32-754.30.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.30.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.30.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.30.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.30.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.30.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.30.2.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.30.2.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.30.2.el6.x86_64.rpm kernel-devel-2.6.32-754.30.2.el6.x86_64.rpm kernel-headers-2.6.32-754.30.2.el6.x86_64.rpm perf-2.6.32-754.30.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.30.2.el6.i ... Description truncated. Please see the references for more information.

Affected Software

Affected Software

'kernel' package(s) on CentOS 6.

Detection Method

Detection Method

Checks if a vulnerable package version is present on the target host.

Solution

Solution

Please install the updated package(s).

Common Vulnerabilities and Exposures (CVE)