CentOS 7 — Vulnerability Update

Home/Security Update/CentOS 7 — Vulnerability Update

CentOS 7 — Vulnerability Update

The remote CentOS Linux host is missing one or more security updates.

Description:

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5023 advisory.

However, below are the vulnerabilities with CVE ID:

CVE-2019-20811 — kernel: net-sysfs: *_queue_add_kobject refcount issue

CVE-2020-14331 — kernel: kernel: buffer over write in vgacon_scroll

Severity:

The vulnerability descried as High severity.

Follow Us on: Twitter, InstagramLinkedIn to get latest security news!

Plugin ID:

Nessus Plugin ID 143049

Vulnerability Information

CPE: 

  • cpe:/o:centos:centos:7, 
  • p-cpe:/a:centos:centos:bpftool, 
  • p-cpe:/a:centos:centos:kernel, 
  • p-cpe:/a:centos:centos:kernel-abi-whitelists, 
  • p-cpe:/a:centos:centos:kernel-debug, 
  • p-cpe:/a:centos:centos:kernel-debug-devel, 
  • p-cpe:/a:centos:centos:kernel-devel, 
  • p-cpe:/a:centos:centos:kernel-headers, 
  • p-cpe:/a:centos:centos:kernel-tools, 
  • p-cpe:/a:centos:centos:kernel-tools-libs, 
  • p-cpe:/a:centos:centos:kernel-tools-libs-devel, 
  • p-cpe:/a:centos:centos:perf, 
  • p-cpe:/a:centos:centos:python-perf

Required KB Items: 

Host/local_checks_enabled, Host/CentOS/release, Host/CentOS/rpm-list, Host/cpu

Exploit Ease: 

Therefore there are No known exploits are available

Solution:

Update the affected packages.

See Also:

http://www.nessus.org/u?e1e27c33

https://cwe.mitre.org/data/definitions/460.html

https://cwe.mitre.org/data/definitions/787.html

Post Views: 634
By | 2020-12-01T20:49:52+05:30 November 29th, 2020|Security Update|

About the Author:

FirstHackersNews- Identifies Security

Related Posts

Leave A Comment

Subscribe to our newsletter to receive security tips everday!