Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.ALA_ALAS-2012-100.NASL
HistorySep 04, 2013 - 12:00 a.m.

Amazon Linux AMI : kernel (ALAS-2012-100)

2013-09-0400:00:00
This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
www.tenable.com
72
JSON

A flaw was found in the way the Linux kernel’s Event Poll (epoll) subsystem handled large, nested epoll structures. A local, unprivileged user could use this flaw to cause a denial of service.

A malicious Network File System version 4 (NFSv4) server could return a crafted reply to a GETACL request, causing a denial of service on the client.

The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service (BUG_ON and kernel panic) by establishing an RDS connection with the source IP address equal to the IPoIB interface’s own IP address, as demonstrated by rds-ping.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2012-100.
#

include("compat.inc");

if (description)
{
  script_id(69590);
  script_version("1.5");
  script_cvs_date("Date: 2018/04/18 15:09:34");

  script_cve_id("CVE-2011-1083", "CVE-2011-4131", "CVE-2012-2372");
  script_xref(name:"ALAS", value:"2012-100");
  script_xref(name:"RHSA", value:"2012:0862");

  script_name(english:"Amazon Linux AMI : kernel (ALAS-2012-100)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux AMI host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A flaw was found in the way the Linux kernel's Event Poll (epoll)
subsystem handled large, nested epoll structures. A local,
unprivileged user could use this flaw to cause a denial of service.

A malicious Network File System version 4 (NFSv4) server could return
a crafted reply to a GETACL request, causing a denial of service on
the client.

The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram
Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and
earlier allows local users to cause a denial of service (BUG_ON and
kernel panic) by establishing an RDS connection with the source IP
address equal to the IPoIB interface's own IP address, as demonstrated
by rds-ping."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/ALAS-2012-100.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Run 'yum update kernel' to update your system. You will need to reboot
your system in order for the new kernel to be running."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/07/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/04");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"kernel-3.2.22-35.60.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-debuginfo-3.2.22-35.60.amzn1")) flag++;
if (rpm_check(release:"ALA", cpu:"i686", reference:"kernel-debuginfo-common-i686-3.2.22-35.60.amzn1")) flag++;
if (rpm_check(release:"ALA", cpu:"x86_64", reference:"kernel-debuginfo-common-x86_64-3.2.22-35.60.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-devel-3.2.22-35.60.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-doc-3.2.22-35.60.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-headers-3.2.22-35.60.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-tools-3.2.22-35.60.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-tools-debuginfo-3.2.22-35.60.amzn1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc");
}
VendorProductVersionCPE
amazonlinuxkernelp-cpe:/a:amazon:linux:kernel
amazonlinuxkernel-debuginfop-cpe:/a:amazon:linux:kernel-debuginfo
amazonlinuxkernel-debuginfo-common-i686p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686
amazonlinuxkernel-debuginfo-common-x86_64p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64
amazonlinuxkernel-develp-cpe:/a:amazon:linux:kernel-devel
amazonlinuxkernel-docp-cpe:/a:amazon:linux:kernel-doc
amazonlinuxkernel-headersp-cpe:/a:amazon:linux:kernel-headers
amazonlinuxkernel-toolsp-cpe:/a:amazon:linux:kernel-tools
amazonlinuxkernel-tools-debuginfop-cpe:/a:amazon:linux:kernel-tools-debuginfo
amazonlinuxcpe:/o:amazon:linux

Related

amazon 2
openvas 80
veracode 3
nessus 46
redhat 6
centos 2
fedora 19
cve 5
prion 5
ubuntucve 5
debiancve 4
oraclelinux 6
ubuntu 10
seebug 1
securityvulns 2
suse 3
amazon
amazon
Medium: kernel
2012-07-05 16:19:00
Medium: kernel
2011-11-19 01:22:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2012-100)
2015-09-08 00:00:00
RedHat Update for Red Hat Enterprise Linux 6 kernel RHSA-2012:0862-04
2012-06-22 00:00:00
CentOS Update for kernel CESA-2012:0862 centos6
2012-07-30 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:41:57
Denial Of Service (DoS)
2019-01-15 08:50:47
Denial Of Service (DoS)
2019-01-15 08:58:30
nessus
nessus
CentOS 6 : kernel (CESA-2012:0862)
2012-07-11 00:00:00
Oracle Linux 6 : Oracle / Linux / 6 / kernel (ELSA-2012-0862)
2013-07-12 00:00:00
RHEL 6 : kernel (RHSA-2012:0862)
2012-06-20 00:00:00
redhat
redhat
(RHSA-2012:0862) Moderate: Red Hat Enterprise Linux 6 kernel security, bug fix and enhancement update
2012-06-20 00:00:00
(RHSA-2012:0150) Moderate: Red Hat Enterprise Linux 5.8 kernel update
2012-02-21 00:00:00
(RHSA-2012:1541) Moderate: kernel security and bug fix update
2012-12-04 00:00:00
centos
centos
kernel, perf, python security update
2012-07-10 17:23:49
kernel security update
2012-07-10 16:58:44
fedora
fedora
[SECURITY] Fedora 17 Update: kernel-3.4.0-1.fc17
2012-06-07 02:34:03
[SECURITY] Fedora 17 Update: kernel-3.5.2-3.fc17
2012-08-22 21:02:48
[SECURITY] Fedora 17 Update: kernel-3.6.3-1.fc17
2012-10-28 00:51:48
cve
cve
CVE-2011-4131
2012-05-17 11:00:00
CVE-2011-1083
2011-04-04 12:27:00
CVE-2012-2372
2013-01-22 23:55:00
prion
prion
Privilege escalation
2011-04-04 12:27:00
Design/Logic Flaw
2012-05-17 11:00:00
Design/Logic Flaw
2013-01-22 23:55:00
ubuntucve
ubuntucve
CVE-2011-1083
2011-04-04 00:00:00
CVE-2011-4131
2012-05-17 00:00:00
CVE-2012-2375
2012-06-13 00:00:00
debiancve
debiancve
CVE-2011-4131
2012-05-17 11:00:00
CVE-2012-2372
2013-01-22 23:55:00
CVE-2012-2375
2012-06-13 10:24:00
oraclelinux
oraclelinux
1
2012-03-01 00:00:00
Oracle Linux 6 kernel security, bug fix and enhancement update
2012-06-27 00:00:00
Unbreakable Enterprise kernel Security update
2012-07-16 00:00:00
ubuntu
ubuntu
Linux kernel (OMAP4) vulnerabilities
2012-08-10 00:00:00
Linux kernel (Natty backport) vulnerabilities
2012-08-14 00:00:00
Linux kernel vulnerabilities
2012-08-10 00:00:00
seebug
seebug
Linux Kernel epoll Subsystem β€œeventpoll.cβ€ε€šδΈͺζœ¬εœ°ζ‹’η»ζœεŠ‘ζΌζ΄ž
2012-02-22 00:00:00
securityvulns
securityvulns
[USN-1531-1] Linux kernel vulnerabilities
2012-08-13 00:00:00
Linux kernel multiple DoS conditions
2011-06-02 00:00:00
suse
suse
kernel update for SLE11 SP2 (important)
2012-04-26 20:08:43
Security update for Linux kernel (important)
2012-04-23 22:08:26
Security update for Linux kernel (important)
2012-06-26 02:08:23
JSON
Related for ALA_ALAS-2012-100.NASL
amazon2openvas80veracode3nessus46redhat6centos2fedora19cve5prion5ubuntucve5debiancve4oraclelinux6ubuntu10seebug1securityvulns2suse3