Nucleus - [Critical] - 440041

[RoySubhra1988]

Source: QUALYS
Finding Description: CentOS has released security update for kernel to fix the vulnerabilities. Affected Products: centos 6

Impact: This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system. Additionally this vulnerability can also be used to cause a complete denial of service and could render the resource completely unavailable.

Target(s): Asset name: 192.168.56.201
Asset name: 192.168.56.202

Solution: To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 6 (https://lists.centos.org/pipermail/centos-announce/2018-May/022827.html) for updates and patch information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
CESA-2018:1319: centos 6 (https://lists.centos.org/pipermail/centos-announce/2018-May/022827.html)

References:
QID:440041
CVE:CVE-2017-5754, CVE-2018-8897, CVE-2017-7645, CVE-2017-8824, CVE-2017-13166, CVE-2017-18017, CVE-2017-1000410
Category:CentOS
PCI Flagged:yes
Vendor References:CESA-2018:1319 centos 6
Bugtraq IDs:102101, 102378, 97950, 102056, 104071, 102367, 99843, 106128

Nucleus Risk Score: 700
Max Severity: Critical
Exploitable: Yes
Date Discovered: 2024-06-01 10:43:00
Nucleus Notification Rules Triggered: r4
Project Name: ServiceNow App connector Test2
Please see Nucleus for more information on these vulnerabilities:https://nucleus-qa2.nucleussec.com/nucleus/public/app/index.html#vuln/6009780/NDQwMDQx/UVVBTFlT/VnVsbg--/false/NjAwOTc4MA--/c3VtbWFyeQ--/false