Detections
Analytics
Scientific Linux Security Update : kernel on SL7.x x86_64 (20201001)
high Nessus Plugin ID 141727
Language:
Synopsis
The remote Scientific Linux host is missing one or more security updates.Description
Security Fix(es) :- kernel: use-after-free in sound/core/timer.c (CVE-2019-19807)
- kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c (CVE-2017-18551)
- kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free (CVE-2018-20836)
- kernel: out of bounds write in i2c driver leads to local escalation of privilege (CVE-2019-9454)
- kernel: use after free due to race condition in the video driver leads to local privilege escalation (CVE-2019-9458)
Solution
Update the affected packages.See Also
Plugin Details
Severity: High
ID: 141727
File Name: sl_20201001_kernel_on_SL7_x.nasl
Version: 1.3
Type: local
Agent: unix
Published: 10/21/2020
Updated: 2/14/2024
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2018-20836
CVSS v3
Risk Factor: High
Base Score: 8.1
Temporal Score: 7.3
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2020-14305
Vulnerability Information
CPE: p-cpe:/a:fermilab:scientific_linux:bpftool, p-cpe:/a:fermilab:scientific_linux:bpftool-debuginfo, p-cpe:/a:fermilab:scientific_linux:kernel, p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists, p-cpe:/a:fermilab:scientific_linux:kernel-debug, p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo, p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel, p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo, p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64, p-cpe:/a:fermilab:scientific_linux:kernel-devel, p-cpe:/a:fermilab:scientific_linux:kernel-doc, p-cpe:/a:fermilab:scientific_linux:kernel-headers, p-cpe:/a:fermilab:scientific_linux:kernel-tools, p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo, p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs, p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel, p-cpe:/a:fermilab:scientific_linux:perf, p-cpe:/a:fermilab:scientific_linux:perf-debuginfo, p-cpe:/a:fermilab:scientific_linux:python-perf, p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo, x-cpe:/o:fermilab:scientific_linux
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 10/1/2020
Vulnerability Publication Date: 5/7/2019
Reference Information
CVE: CVE-2017-18551, CVE-2018-20836, CVE-2019-12614, CVE-2019-15217, CVE-2019-15807, CVE-2019-15917, CVE-2019-16231, CVE-2019-16233, CVE-2019-16994, CVE-2019-17053, CVE-2019-18808, CVE-2019-19046, CVE-2019-19055, CVE-2019-19058, CVE-2019-19059, CVE-2019-19062, CVE-2019-19063, CVE-2019-19332, CVE-2019-19447, CVE-2019-19523, CVE-2019-19524, CVE-2019-19530, CVE-2019-19534, CVE-2019-19537, CVE-2019-19767, CVE-2019-19807, CVE-2019-20054, CVE-2019-20095, CVE-2019-20636, CVE-2019-9454, CVE-2019-9458, CVE-2020-10690, CVE-2020-10732, CVE-2020-10742, CVE-2020-10751, CVE-2020-10942, CVE-2020-11565, CVE-2020-12770, CVE-2020-12826, CVE-2020-14305, CVE-2020-1749, CVE-2020-2732, CVE-2020-8647, CVE-2020-8649, CVE-2020-9383