 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.2.2020.1368 |
| Categoría: | Huawei EulerOS Local Security Checks |
| Título: | Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1368) |
| Resumen: | The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2020-1368 advisory. |
| Descripción: | Summary: The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2020-1368 advisory. Vulnerability Insight: In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.(CVE-2019-19447) A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested(=1) virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervisor into accessing sensitive bits of the L1 hypervisor. An L2 guest could use this flaw to potentially access information of the L1 hypervisor.(CVE-2020-2732) In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring.(CVE-2019-19807) In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).(CVE-2019-19768) Affected Software/OS: 'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.6.0. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2020-2732 Debian Security Information: DSA-4667 (Google Search) https://www.debian.org/security/2020/dsa-4667 Debian Security Information: DSA-4698 (Google Search) https://www.debian.org/security/2020/dsa-4698 https://bugzilla.redhat.com/show_bug.cgi?id=1805135 https://git.kernel.org/linus/07721feee46b4b248402133228235318199b05ec https://git.kernel.org/linus/35a571346a94fb93b5b3b6a599675ef3384bc75c https://git.kernel.org/linus/e71237d3ff1abf9f3388337cfebf53b96df2020d https://linux.oracle.com/errata/ELSA-2020-5540.html https://linux.oracle.com/errata/ELSA-2020-5542.html https://linux.oracle.com/errata/ELSA-2020-5543.html https://www.openwall.com/lists/oss-security/2020/02/25/3 https://www.spinics.net/lists/kvm/msg208259.html https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html |
| Copyright | Copyright (C) 2020 Greenbone Networks GmbH |
| Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |