Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.892714
Categoría:Debian Local Security Checks
Título:Debian LTS: Security Advisory for linux-4.19 (DLA-2714-1)
Resumen:The remote host is missing an update for the 'linux-4.19'; package(s) announced via the DLA-2714-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'linux-4.19'
package(s) announced via the DLA-2714-1 advisory.

Vulnerability Insight:
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

This update is not yet available for the armhf (ARM EABI hard-float)
architecture.

CVE-2020-36311

A flaw was discovered in the KVM subsystem for AMD CPUs, allowing an
attacker to cause a denial of service by triggering destruction of a
large SEV VM.

CVE-2021-3609

Norbert Slusarek reported a race condition vulnerability in the CAN
BCM networking protocol, allowing a local attacker to escalate
privileges.

CVE-2021-33909

The Qualys Research Labs discovered a size_t-to-int conversion
vulnerability in the Linux kernel's filesystem layer. An
unprivileged local attacker able to create, mount, and then delete a
deep directory structure whose total path length exceeds 1GB, can
take advantage of this flaw for privilege escalation.

Details can be found in the Qualys advisory at
[link moved to references]

CVE-2021-34693

Norbert Slusarek discovered an information leak in the CAN BCM
networking protocol. A local attacker can take advantage of this
flaw to obtain sensitive information from kernel stack memory.

Affected Software/OS:
'linux-4.19' package(s) on Debian Linux.

Solution:
For Debian 9 stretch, these problems have been fixed in version
4.19.194-3~
deb9u1. This additionally fixes a regression in the
previous update (#990072) that affected LXC.

We recommend that you upgrade your linux-4.19 packages.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2021-3609
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.