Linux Distros Unpatched Vulnerability : CVE-2016-9604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dnsresolver' in RHEL-7 or...

Mageia: Security Advisory (MGASA-2017-0136)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0147)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1360-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2920-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1522)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-9604

It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dnsresolver' in RHEL-7 or '.builtintrustedkeys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public...

CVE-2016-9604

CVE-2016-9604 affects the Linux kernel prior to 4.11-rc8. A local attacker who can join the kernel session keyring can access internal keyrings (e.g., .dns_resolver, .builtin_trusted_keys) and bypass module signature verification by adding a self-generated public key to the keyring, enabling loca...

Debian: Security Advisory (DLA-922-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0174) (BlueBorne) (Dirty COW) (Stack Clash)

The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2017-0174 for details. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory...

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2920-1) (KRACK) (Stack Clash)

The SUSE Linux Enterprise 12 GA LTS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2017:1842 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-103.3.8 - fs/exec.c: account for argv/envp pointers Kees Cook Orabug: 26638900 CVE-2017-1000365 CVE-2017-1000365 4.1.12-103.3.7 - i40e/i40evf: check for stopped admin queue Mitch Williams Orabug: 26654222 4.1.12-103.3.6 - xen: fix bio vec merging Roger Pau Monne Orabug: 26645497...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3606)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3606 advisory. - l2tp: fix racy SOCKZAPPED flag check in l2tpip,6bind Guillaume Nault Orabug: 26586047 CVE-2016-10200 - xfs: fix two memory leaks in xfsattrlist.c...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2017-3607)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3607 advisory. - l2tp: fix racy SOCKZAPPED flag check in l2tpip,6bind Guillaume Nault Orabug: 26586050 CVE-2016-10200 - xfs: fix two memory leaks in xfsattrlist.c...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0143)

The remote OracleVM system is missing necessary patches to address critical security updates : - dentry name snapshots Al Viro Orabug: 26630936 CVE-2017-7533 - scsi: libiscsi: use kvzalloc for iscsipoolinit Kyle Fortin - mm: introduce kvmzalloc helpers Kyle Fortin Orabug: 26621191 - KEYS: Disallo...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3605)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3605 advisory. - dentry name snapshots Al Viro Orabug: 26630936 CVE-2017-7533 - KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings David...

Oracle Linux 7 : kernel (ELSA-2017-1842-1) (Stack Clash)

The remote Oracle Linux host is missing a security update for the kernel packages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from Oracle Linux Security Advisory ELSA-2017-1842-1. if NASLLEVEL 3000 exit0; include'deprecatednasllevel.inc';...

RHEL 7 : kernel (RHSA-2017:1842)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:1842 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: An use-after-free flaw was found in t...

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3361-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3361-1 advisory. USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement H...