16 matches found
OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0174) (BlueBorne) (Dirty COW) (Stack Clash)
The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2017-0174 for details. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory...
Linux Kernel NFSv4 nfsd PNFS denial of Service (CVE-2017-8797)
A denial of service vulnerability exists in the NFSv4 component of the Linux Kernel. The vulnerability is due to improper handling of the pNFS LAYOUTGET and GETDEVICEINFO commands. A remote attacker can exploit this vulnerability by sending maliciously crafted packets to a vulnerable system...
RHEL 6 : kernel-rt (RHSA-2017:2669)
"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2669 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2017:1842 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-103.3.8 - fs/exec.c: account for argv/envp pointers Kees Cook Orabug: 26638900 CVE-2017-1000365 CVE-2017-1000365 4.1.12-103.3.7 - i40e/i40evf: check for stopped admin queue Mitch Williams Orabug: 26654222 4.1.12-103.3.6 - xen: fix bio vec merging Roger Pau Monne Orabug: 26645497...
SUSE-SU-2017:2068-1 Security update for Linux Kernel Live Patch 2 for SLE 12 SP2
This update for the Linux Kernel 4.4.21-84 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege bsc1050751. - CVE-2017-8797: The NFSv4 server in the Linux kernel did not properly validate the layout type whe...
SUSE-SU-2017:2067-1 Security update for Linux Kernel Live Patch 1 for SLE 12 SP2
This update for the Linux Kernel 4.4.21-81 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege bsc1050751. - CVE-2017-8797: The NFSv4 server in the Linux kernel did not properly validate the layout type whe...
SUSE-SU-2017:2065-1 Security update for Linux Kernel Live Patch 4 for SLE 12 SP2
This update for the Linux Kernel 4.4.38-93 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege bsc1050751. - CVE-2017-8797: The NFSv4 server in the Linux kernel did not properly validate the layout type whe...
SUSE-SU-2017:2043-1 Security update for Linux Kernel Live Patch 3 for SLE 12 SP2
This update for the Linux Kernel 4.4.21-90 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege bsc1050751. - CVE-2017-8797: The NFSv4 server in the Linux kernel did not properly validate the layout type whe...
RedHat Update for kernel RHSA-2017:1842-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : kernel (RHSA-2017:1842)
"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:1842 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: An use-after-free flaw was found in t...
Important kernel security update: CVE-2017-8797 and other; Virtuozzo ReadyKernel patch 25.0 for Virtuozzo 7.0.4 and 7.0.4 HF3
The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to Virtuozzo kernels 3.10.0-514.16.1.vz7.30.10 Virtuozzo 7.0.4 and 3.10.0-514.16.1.vz7.30.15 Virtuozzo 7.0.4 HF3. Vulnerability id: CVE-2017-8797 The NFSv4 server in the Linux kernel compiled with...
DEBIAN-CVE-2017-8797
The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used a...
CVE-2017-8797
The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used a...
CVE-2017-8797
CVE-2017-8797 affects the Linux kernel NFSv4 server. A remote attacker can send NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operands in UDP; an uninitialized layout type is used as an array index, causing an OOPS and potentially a system DoS via knfsd soft-lockup. Affected: Linux kernel versions prior ...