Huawei EulerOS Local Security Checks : Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1245)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.2.2017.1245

Kategorie: Huawei EulerOS Local Security Checks

Titel: Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1245)

Zusammenfassung: The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2017-1245 advisory.

Beschreibung: Summary:
The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2017-1245 advisory.

Vulnerability Insight:
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.(CVE-2017-14489)

The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.(CVE-2017-14140)

The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems.(CVE-2017-1000370)

Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.(CVE-2017-10661)

The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.(CVE-2017-13695)

The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.(CVE-2017-13694)

The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.(CVE-2017-13693)

The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.(CVE-2017-14106)

The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 3.3-rc1 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.(CVE-2017-1000251
)

The prepare_vmcs02 function in ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'kernel' package(s) on Huawei EulerOS V2.0SP1.

Solution:
Please install the updated package(s).

CVSS Score:
7.7

CVSS Vector:
AV:A/AC:L/Au:S/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-1000251
Common Vulnerability Exposure (CVE) ID: CVE-2017-1000370
Common Vulnerability Exposure (CVE) ID: CVE-2017-10661
Common Vulnerability Exposure (CVE) ID: CVE-2017-12154
Common Vulnerability Exposure (CVE) ID: CVE-2017-13693
Common Vulnerability Exposure (CVE) ID: CVE-2017-13694
Common Vulnerability Exposure (CVE) ID: CVE-2017-13695
Common Vulnerability Exposure (CVE) ID: CVE-2017-14106
Common Vulnerability Exposure (CVE) ID: CVE-2017-14140
Common Vulnerability Exposure (CVE) ID: CVE-2017-14489

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.2.2017.1245
Kategorie:	Huawei EulerOS Local Security Checks
Titel:	Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1245)
Zusammenfassung:	The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2017-1245 advisory.
Beschreibung:	Summary: The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2017-1245 advisory. Vulnerability Insight: The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.(CVE-2017-14489) The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.(CVE-2017-14140) The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems.(CVE-2017-1000370) Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.(CVE-2017-10661) The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.(CVE-2017-13695) The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.(CVE-2017-13694) The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.(CVE-2017-13693) The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.(CVE-2017-14106) The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 3.3-rc1 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.(CVE-2017-1000251 ) The prepare_vmcs02 function in ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kernel' package(s) on Huawei EulerOS V2.0SP1. Solution: Please install the updated package(s). CVSS Score: 7.7 CVSS Vector: AV:A/AC:L/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-1000251 Common Vulnerability Exposure (CVE) ID: CVE-2017-1000370 Common Vulnerability Exposure (CVE) ID: CVE-2017-10661 Common Vulnerability Exposure (CVE) ID: CVE-2017-12154 Common Vulnerability Exposure (CVE) ID: CVE-2017-13693 Common Vulnerability Exposure (CVE) ID: CVE-2017-13694 Common Vulnerability Exposure (CVE) ID: CVE-2017-13695 Common Vulnerability Exposure (CVE) ID: CVE-2017-14106 Common Vulnerability Exposure (CVE) ID: CVE-2017-14140 Common Vulnerability Exposure (CVE) ID: CVE-2017-14489
Copyright	Copyright (C) 2020 Greenbone Networks GmbH