Fixed vulnerabilities:
- CVE-2014-7822 (VulnLIB link) A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system.
Affected releases:
- CentOS 5
Software description:
- kernel
Solution:
- Check VulnLIB for fixes for CVEs listed above and the source.
Source:
Wednesday, 11.02.2015
CentOS Errata and Security Advisory 2015:0164
Geposted von Ali Elci
Ali Elci is an IT security specialist with more than 16 years of experience consulting for government and industry, an advocate for transparency and standardization in security reporting, and the founder of Ciproc GmbH.
VulnLIB Enterprise Auditor ist ein leistungsfähiges, innovatives Tool, welches eine umfassende, tagesaktuelle Kontrolle über fehlende Sicherheitsupdates einer kompletten IT-Infrastruktur bereitstellen kann; gleichzeitig liefert es spezifische Empfehlungen für Patches und Upgrades der Softwarehersteller.
mehr