Detections
Analytics
RHEL 7 : kernel (Unpatched Vulnerability)
critical Nessus Plugin ID 199280
Synopsis
The remote Red Hat 7 host is affected by multiple vulnerabilities that will not be patched.Description
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.- kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c (CVE-2019-15505)
- kernel: buffer-overflow hardening in WiFi beacon validation code. (CVE-2019-16746)
- block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes. (CVE-2012-4542)
Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.
Solution
The vendor has acknowledged the vulnerabilities but no solution has been provided. Refer to the vendor for remediation guidance.See Also
http://www.nessus.org/u?0145416c
http://www.nessus.org/u?03185644
http://www.nessus.org/u?04468850
http://www.nessus.org/u?04b544a4
http://www.nessus.org/u?0635317e
http://www.nessus.org/u?08a4b452
http://www.nessus.org/u?0b2d5721
http://www.nessus.org/u?11724cdc
http://www.nessus.org/u?14b000ee
http://www.nessus.org/u?1617b4d5
http://www.nessus.org/u?17c80836
http://www.nessus.org/u?1ba41bc2
http://www.nessus.org/u?1c54c46d
http://www.nessus.org/u?1caff3f0
http://www.nessus.org/u?1cb7797c
http://www.nessus.org/u?1e1f6a55
http://www.nessus.org/u?1e25af15
http://www.nessus.org/u?1fccac0c
http://www.nessus.org/u?2111a49b
http://www.nessus.org/u?216e6402
http://www.nessus.org/u?22d5f857
http://www.nessus.org/u?24cfb407
http://www.nessus.org/u?2550e872
http://www.nessus.org/u?275ba44d
http://www.nessus.org/u?29af2776
http://www.nessus.org/u?29e208f3
http://www.nessus.org/u?2a182e87
http://www.nessus.org/u?2eab9984
http://www.nessus.org/u?30dd9c29
http://www.nessus.org/u?31ee0538
http://www.nessus.org/u?3398a24f
http://www.nessus.org/u?33990bb3
http://www.nessus.org/u?355bb246
http://www.nessus.org/u?36ee3691
http://www.nessus.org/u?39ba099b
http://www.nessus.org/u?39e0aba6
http://www.nessus.org/u?3ad50fb8
http://www.nessus.org/u?3b240105
http://www.nessus.org/u?3bc8f7d9
http://www.nessus.org/u?3dffe967
http://www.nessus.org/u?3e57ec05
http://www.nessus.org/u?3e5930a1
http://www.nessus.org/u?3ec2331e
http://www.nessus.org/u?40f921e0
http://www.nessus.org/u?411de45b
http://www.nessus.org/u?44dbecf5
http://www.nessus.org/u?45aabac8
http://www.nessus.org/u?477f4d47
http://www.nessus.org/u?499ce03c
http://www.nessus.org/u?4a0f6c31
http://www.nessus.org/u?4c50533b
http://www.nessus.org/u?4c652b5a
http://www.nessus.org/u?4d36833a
http://www.nessus.org/u?4e761c6d
http://www.nessus.org/u?4e9ae789
http://www.nessus.org/u?4f50618e
http://www.nessus.org/u?51d34d0a
http://www.nessus.org/u?57e45a8e
http://www.nessus.org/u?59b1bc0f
http://www.nessus.org/u?59d302cb
http://www.nessus.org/u?59e39d19
http://www.nessus.org/u?5a5b424c
http://www.nessus.org/u?5c96fcb2
http://www.nessus.org/u?5d1ac41b
http://www.nessus.org/u?5ded3ea3
http://www.nessus.org/u?5e914d44
http://www.nessus.org/u?5e925483
http://www.nessus.org/u?5ec915ee
http://www.nessus.org/u?625e50d1
http://www.nessus.org/u?6598fa0e
http://www.nessus.org/u?659c45e7
http://www.nessus.org/u?65e0ba91
http://www.nessus.org/u?67b455c5
http://www.nessus.org/u?692b7466
http://www.nessus.org/u?69c7824c
http://www.nessus.org/u?6dfe33c6
http://www.nessus.org/u?6e17f130
http://www.nessus.org/u?6ea139f8
http://www.nessus.org/u?6ecb27c2
http://www.nessus.org/u?7050fb9c
http://www.nessus.org/u?70af501f
http://www.nessus.org/u?71cdda4f
http://www.nessus.org/u?7655d69a
http://www.nessus.org/u?776c4cad
http://www.nessus.org/u?77befe9e
http://www.nessus.org/u?79bd591b
http://www.nessus.org/u?79ef26af
http://www.nessus.org/u?7a0624fe
http://www.nessus.org/u?7a1add31
http://www.nessus.org/u?7ca6176e
http://www.nessus.org/u?7da27f5b
http://www.nessus.org/u?849d9ca8
http://www.nessus.org/u?854ce34b
http://www.nessus.org/u?86f27398
http://www.nessus.org/u?87c3128f
http://www.nessus.org/u?88acc973
http://www.nessus.org/u?890411d4
http://www.nessus.org/u?8ae784b2
http://www.nessus.org/u?8db2a9eb
http://www.nessus.org/u?8e741d97
http://www.nessus.org/u?91b6843f
http://www.nessus.org/u?936e173d
http://www.nessus.org/u?96b79c7d
http://www.nessus.org/u?96dfec3d
http://www.nessus.org/u?985a991e
http://www.nessus.org/u?9bf06295
http://www.nessus.org/u?9d24e27f
http://www.nessus.org/u?9d484e64
http://www.nessus.org/u?9e474e9b
http://www.nessus.org/u?9f04b2f0
http://www.nessus.org/u?9f590703
http://www.nessus.org/u?a088c495
http://www.nessus.org/u?a30fcf81
http://www.nessus.org/u?a48b6a8a
http://www.nessus.org/u?a4f5a337
http://www.nessus.org/u?a51d6070
http://www.nessus.org/u?a5a38cc4
http://www.nessus.org/u?a6b08a0e
http://www.nessus.org/u?a86a92b7
http://www.nessus.org/u?abacfb04
http://www.nessus.org/u?ae36bc20
http://www.nessus.org/u?b155f605
http://www.nessus.org/u?b22afcaa
http://www.nessus.org/u?b40ffa99
http://www.nessus.org/u?b6dd162d
http://www.nessus.org/u?b708a10d
http://www.nessus.org/u?b7335b9d
http://www.nessus.org/u?ba14ac55
http://www.nessus.org/u?bafa85db
http://www.nessus.org/u?bb33501d
http://www.nessus.org/u?bbafbc39
http://www.nessus.org/u?bc0acfc9
http://www.nessus.org/u?bd08d693
http://www.nessus.org/u?be3209da
http://www.nessus.org/u?bf6fc885
http://www.nessus.org/u?c1d38f7d
http://www.nessus.org/u?c28d1f70
http://www.nessus.org/u?c2cfbc62
http://www.nessus.org/u?c6efdf3a
http://www.nessus.org/u?c732cfaa
http://www.nessus.org/u?c87e9747
http://www.nessus.org/u?ca7ae6d2
http://www.nessus.org/u?cbe00f72
http://www.nessus.org/u?ccfc5315
http://www.nessus.org/u?d05687f5
http://www.nessus.org/u?d0fa1ff6
http://www.nessus.org/u?d1745da3
http://www.nessus.org/u?d2971f1b
http://www.nessus.org/u?d8317c82
http://www.nessus.org/u?d8791dbc
http://www.nessus.org/u?ddf2169e
http://www.nessus.org/u?df023bb4
http://www.nessus.org/u?dfeba5da
http://www.nessus.org/u?e011344f
http://www.nessus.org/u?e08bfa94
http://www.nessus.org/u?e0c8cfa2
http://www.nessus.org/u?e0e80f71
http://www.nessus.org/u?e3aaff81
http://www.nessus.org/u?e44e0d7a
http://www.nessus.org/u?e5827ba7
http://www.nessus.org/u?e8162413
http://www.nessus.org/u?ea2e6f13
http://www.nessus.org/u?eaa1b2bd
http://www.nessus.org/u?eb021389
http://www.nessus.org/u?eb11809f
http://www.nessus.org/u?ec0de7fe
http://www.nessus.org/u?ec66bee4
http://www.nessus.org/u?ed72e0a3
http://www.nessus.org/u?edfe969d
http://www.nessus.org/u?ee8c457e
http://www.nessus.org/u?f0c50627
http://www.nessus.org/u?f0eb006a
http://www.nessus.org/u?f112e750
http://www.nessus.org/u?f1884eb6
http://www.nessus.org/u?f2169cd1
http://www.nessus.org/u?f6427dfc
http://www.nessus.org/u?fa28f22b
Plugin Details
Severity: Critical
ID: 199280
File Name: redhat_unpatched_kernel-rhel7.nasl
Version: 1.19
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 6/3/2024
Updated: 10/22/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.2
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2019-15505
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CVSS Score Source: CVE-2019-16746
Vulnerability Information
CPE: cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:acpica-tools, p-cpe:/a:redhat:enterprise_linux:linux-firmware, p-cpe:/a:redhat:enterprise_linux:kernel-rt, p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:redhat:enterprise_linux:kernel-alt
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Vulnerability Publication Date: 11/10/2012
Reference Information
CVE: CVE-2012-4542, CVE-2013-7446, CVE-2014-8181, CVE-2014-9731, CVE-2015-1142857, CVE-2015-1350, CVE-2015-1420, CVE-2015-2877, CVE-2015-3291, CVE-2015-4167, CVE-2015-4177, CVE-2015-4692, CVE-2015-5257, CVE-2015-5275, CVE-2015-5707, CVE-2015-6252, CVE-2015-7513, CVE-2015-7515, CVE-2015-7550, CVE-2015-7566, CVE-2015-7799, CVE-2015-7833, CVE-2015-8569, CVE-2015-8575, CVE-2015-8785, CVE-2015-8816, CVE-2015-8953, CVE-2015-8964, CVE-2016-0723, CVE-2016-0821, CVE-2016-0823, CVE-2016-2085, CVE-2016-2184, CVE-2016-2185, CVE-2016-2186, CVE-2016-2187, CVE-2016-2188, CVE-2016-2543, CVE-2016-2544, CVE-2016-2545, CVE-2016-2546, CVE-2016-2549, CVE-2016-2782, CVE-2016-3136, CVE-2016-3137, CVE-2016-3138, CVE-2016-3139, CVE-2016-3140, CVE-2016-3157, CVE-2016-3689, CVE-2016-3951, CVE-2016-4482, CVE-2016-4486, CVE-2016-4580, CVE-2016-4805, CVE-2016-6130, CVE-2016-7425, CVE-2016-7911, CVE-2016-7916, CVE-2016-8405, CVE-2016-8658, CVE-2016-9178, CVE-2016-9756, CVE-2017-0605, CVE-2017-0627, CVE-2017-0630, CVE-2017-1000371, CVE-2017-10810, CVE-2017-11473, CVE-2017-12153, CVE-2017-12762, CVE-2017-13693, CVE-2017-13694, CVE-2017-13695, CVE-2017-14051, CVE-2017-14489, CVE-2017-15115, CVE-2017-16525, CVE-2017-16526, CVE-2017-16527, CVE-2017-16529, CVE-2017-16530, CVE-2017-16531, CVE-2017-16532, CVE-2017-16533, CVE-2017-16534, CVE-2017-16535, CVE-2017-16536, CVE-2017-16537, CVE-2017-16538, CVE-2017-16643, CVE-2017-16644, CVE-2017-16646, CVE-2017-16647, CVE-2017-16649, CVE-2017-16650, CVE-2017-17450, CVE-2017-17741, CVE-2017-18079, CVE-2017-5549, CVE-2017-5897, CVE-2017-5972, CVE-2017-5986, CVE-2017-7261, CVE-2017-7346, CVE-2017-8831, CVE-2017-8924, CVE-2017-8925, CVE-2017-9605, CVE-2018-10021, CVE-2018-1108, CVE-2018-14609, CVE-2018-14612, CVE-2018-14613, CVE-2018-15594, CVE-2018-16862, CVE-2018-17977, CVE-2018-18710, CVE-2018-19824, CVE-2018-19985, CVE-2018-20169, CVE-2018-20836, CVE-2018-7273, CVE-2018-8043, CVE-2018-9516, CVE-2019-11184, CVE-2019-11599, CVE-2019-11833, CVE-2019-12380, CVE-2019-12382, CVE-2019-12819, CVE-2019-13631, CVE-2019-14283, CVE-2019-14284, CVE-2019-14615, CVE-2019-15099, CVE-2019-15118, CVE-2019-15213, CVE-2019-15214, CVE-2019-15217, CVE-2019-15218, CVE-2019-15219, CVE-2019-15221, CVE-2019-15291, CVE-2019-15505, CVE-2019-15807, CVE-2019-15921, CVE-2019-15924, CVE-2019-15927, CVE-2019-16229, CVE-2019-16230, CVE-2019-16231, CVE-2019-16234, CVE-2019-16746, CVE-2019-16994, CVE-2019-17053, CVE-2019-18282, CVE-2019-18806, CVE-2019-19036, CVE-2019-19037, CVE-2019-19039, CVE-2019-19054, CVE-2019-19056, CVE-2019-19057, CVE-2019-19058, CVE-2019-19063, CVE-2019-19065, CVE-2019-19066, CVE-2019-19073, CVE-2019-19074, CVE-2019-19077, CVE-2019-19080, CVE-2019-19081, CVE-2019-19082, CVE-2019-19083, CVE-2019-19319, CVE-2019-19377, CVE-2019-19378, CVE-2019-19448, CVE-2019-19462, CVE-2019-19523, CVE-2019-19527, CVE-2019-19528, CVE-2019-19532, CVE-2019-19533, CVE-2019-19536, CVE-2019-19537, CVE-2019-19770, CVE-2019-19816, CVE-2019-19965, CVE-2019-20096, CVE-2019-2054, CVE-2019-20794, CVE-2019-20812, CVE-2019-20934, CVE-2019-3874, CVE-2019-9456, CVE-2019-9503, CVE-2020-0305, CVE-2020-10135, CVE-2020-10690, CVE-2020-10732, CVE-2020-10742, CVE-2020-10751, CVE-2020-10773, CVE-2020-10781, CVE-2020-11494, CVE-2020-11608, CVE-2020-11609, CVE-2020-11668, CVE-2020-12114, CVE-2020-12363, CVE-2020-12364, CVE-2020-12464, CVE-2020-12652, CVE-2020-12655, CVE-2020-12656, CVE-2020-12770, CVE-2020-12826, CVE-2020-14304, CVE-2020-14314, CVE-2020-14331, CVE-2020-14381, CVE-2020-14416, CVE-2020-15802, CVE-2020-16166, CVE-2020-24394, CVE-2020-24502, CVE-2020-24503, CVE-2020-24504, CVE-2020-24587, CVE-2020-25211, CVE-2020-25643, CVE-2020-25656, CVE-2020-25704, CVE-2020-25705, CVE-2020-26139, CVE-2020-26140, CVE-2020-26141, CVE-2020-26143, CVE-2020-26144, CVE-2020-27067, CVE-2020-27777, CVE-2020-27786, CVE-2020-27820, CVE-2020-27835, CVE-2020-28097, CVE-2020-28915, CVE-2020-28974, CVE-2020-29660, CVE-2020-36322, CVE-2020-36386, CVE-2020-4788, CVE-2020-8647, CVE-2020-8648, CVE-2020-8649, CVE-2020-8694, CVE-2020-8832, CVE-2021-0129, CVE-2021-0512, CVE-2021-20219, CVE-2021-20317, CVE-2021-23133, CVE-2021-26341, CVE-2021-28711, CVE-2021-28712, CVE-2021-28713, CVE-2021-28964, CVE-2021-28972, CVE-2021-29155, CVE-2021-30002, CVE-2021-31829, CVE-2021-31916, CVE-2021-33200, CVE-2021-33624, CVE-2021-34556, CVE-2021-34693, CVE-2021-3600, CVE-2021-3612, CVE-2021-3635, CVE-2021-3655, CVE-2021-3669, CVE-2021-3714, CVE-2021-38160, CVE-2021-38198, CVE-2021-38200, CVE-2021-3894, CVE-2021-3923, CVE-2021-4159, CVE-2021-45868, CVE-2022-0001, CVE-2022-0002, CVE-2022-20166, CVE-2022-24448, CVE-2022-2503, CVE-2022-2639, CVE-2022-28390, CVE-2022-30594, CVE-2022-33981, CVE-2022-4543, CVE-2023-1829, CVE-2023-20569, CVE-2023-2124