Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CentOS Update for kernel CESA-2019:3836 centos6

Information

Severity

Severity

Medium

Family

Family

CentOS Local Security Checks

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

2 years ago

Modified

Modified

2 years ago

Summary

The remote host is missing an update for the 'kernel' package(s) announced via the CESA-2019:3836 advisory.

Insight

Insight

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900) * hw: Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [Intel 6.10 Bug] With mWait/C-states disabled, HT on, ibrs enabled, performance impact observed on user space benchmark (BZ#1560787) * kernel-2.6.32-573.60.2.el6 hangs/resets during boot in efi_enter_virtual_mode() on Xeon v2 E7-2870 (BZ#1645724) * Slab leak: skbuff_head_cache slab object still allocated after mcast processes are stopped and 'fragments dropped after timeout' errors are shown (BZ#1752536) 1646768 - CVE-2018-12207 hw: Machine Check Error on Page Size Change (IPU) 1698757 - CVE-2019-3900 Kernel: vhost_net: infinite loop while receiving packets leads to DoS 1724393 - CVE-2019-0154 hw: Intel GPU Denial Of Service while accessing MMIO in lower power state 1753062 - CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-754.24.2.el6.src.rpm i386: kernel-2.6.32-754.24.2.el6.i686.rpm kernel-debug-2.6.32-754.24.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.24.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.24.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.24.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.24.2.el6.i686.rpm kernel-devel-2.6.32-754.24.2.el6.i686.rpm kernel-headers-2.6.32-754.24.2.el6.i686.rpm perf-2.6.32-754.24.2.el6.i686.rpm perf-debuginfo-2.6.32-754.24.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.24.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.24.2.el6.noarch.rpm kernel-doc-2.6.32-754.24.2.el6.noarch.rpm kernel-firmware-2.6.32-754.24.2.el6.noarch.rpm x86_64: kernel-2.6.32-754.24.2.el6.x86_64.rpm kernel-debug-2.6.32-754.24.2.el6.x86_64.rpm kernel-debug-deb ... Description truncated. Please see the references for more information.

Affected Software

Affected Software

'kernel' package(s) on CentOS 6.

Detection Method

Detection Method

Checks if a vulnerable package version is present on the target host.

Solution

Solution

Please install the updated package(s).

Common Vulnerabilities and Exposures (CVE)