Test Kennung:	1.3.6.1.4.1.25623.1.0.890849
Kategorie:	Debian Local Security Checks
Titel:	Debian LTS: Security Advisory for linux (DLA-849-1)
Zusammenfassung:	Several vulnerabilities have been discovered in the Linux kernel that;may lead to a privilege escalation, denial of service or have other;impacts.;;CVE-2016-9588;;Jim Mattson discovered that the KVM implementation for Intel x86;processors does not properly handle #BP and #OF exceptions in an;L2 (nested) virtual machine. A local attacker in an L2 guest VM;can take advantage of this flaw to cause a denial of service for;the L1 guest VM.;;CVE-2017-2636;;Alexander Popov discovered a race condition flaw in the n_hdlc;line discipline that can lead to a double free. A local;unprivileged user can take advantage of this flaw for privilege;escalation. On systems that do not already have the n_hdlc module;loaded, this can be mitigated by disabling it:;echo >> /etc/modprobe.d/disable-n_hdlc.conf install n_hdlc false;;CVE-2017-5669;;Gareth Evans reported that privileged users can map memory at;address 0 through the shmat() system call. This could make it;easier to exploit other kernel security vulnerabilities via a;set-UID program.;;CVE-2017-5986;;Alexander Popov reported a race condition in the SCTP;implementation that can be used by local users to cause a;denial-of-service (crash). The initial fix for this was incorrect;and introduced further security issues (CVE-2017-6353). This;update includes a later fix that avoids those. On systems that do;not already have the sctp module loaded, this can be mitigated by;disabling it:;echo >> /etc/modprobe.d/disable-sctp.conf install sctp false;;CVE-2017-6214;;Dmitry Vyukov reported a bug in the TCP implementation's handling;of urgent data in the splice() system call. This can be used by a;remote attacker for denial-of-service (hang) against applications;that read from TCP sockets with splice().;;CVE-2017-6345;;Andrey Konovalov reported that the LLC type 2 implementation;incorrectly assigns socket buffer ownership. This might be usable;by a local user to cause a denial-of-service (memory corruption or;crash) or privilege escalation. On systems that do not already have;the llc2 module loaded, this can be mitigated by disabling it:;echo >> /etc/modprobe.d/disable-llc2.conf install llc2 false;;CVE-2017-6346;;Dmitry Vyukov reported a race condition in the raw packet (af_packet);fanout feature. Local users with the CAP_NET_RAW capability (in any;user namespace) can use this for denial-of-service and possibly for;privilege escalation.;;CVE-2017-6348;;Dmitry Vyukov reported that the general queue implementation in;the IrDA subsystem does not properly manage multiple locks,;possibly allowing local users to cause a denial-of-service;(deadlock) via crafted operations on IrDA devices.;;For Debian 7 'Wheezy', these problems have been fixed in version;3.2.86-1.
Beschreibung:	Summary: Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. CVE-2016-9588 Jim Mattson discovered that the KVM implementation for Intel x86 processors does not properly handle #BP and #OF exceptions in an L2 (nested) virtual machine. A local attacker in an L2 guest VM can take advantage of this flaw to cause a denial of service for the L1 guest VM. CVE-2017-2636 Alexander Popov discovered a race condition flaw in the n_hdlc line discipline that can lead to a double free. A local unprivileged user can take advantage of this flaw for privilege escalation. On systems that do not already have the n_hdlc module loaded, this can be mitigated by disabling it: echo >> /etc/modprobe.d/disable-n_hdlc.conf install n_hdlc false CVE-2017-5669 Gareth Evans reported that privileged users can map memory at address 0 through the shmat() system call. This could make it easier to exploit other kernel security vulnerabilities via a set-UID program. CVE-2017-5986 Alexander Popov reported a race condition in the SCTP implementation that can be used by local users to cause a denial-of-service (crash). The initial fix for this was incorrect and introduced further security issues (CVE-2017-6353). This update includes a later fix that avoids those. On systems that do not already have the sctp module loaded, this can be mitigated by disabling it: echo >> /etc/modprobe.d/disable-sctp.conf install sctp false CVE-2017-6214 Dmitry Vyukov reported a bug in the TCP implementation's handling of urgent data in the splice() system call. This can be used by a remote attacker for denial-of-service (hang) against applications that read from TCP sockets with splice(). CVE-2017-6345 Andrey Konovalov reported that the LLC type 2 implementation incorrectly assigns socket buffer ownership. This might be usable by a local user to cause a denial-of-service (memory corruption or crash) or privilege escalation. On systems that do not already have the llc2 module loaded, this can be mitigated by disabling it: echo >> /etc/modprobe.d/disable-llc2.conf install llc2 false CVE-2017-6346 Dmitry Vyukov reported a race condition in the raw packet (af_packet) fanout feature. Local users with the CAP_NET_RAW capability (in any user namespace) can use this for denial-of-service and possibly for privilege escalation. CVE-2017-6348 Dmitry Vyukov reported that the general queue implementation in the IrDA subsystem does not properly manage multiple locks, possibly allowing local users to cause a denial-of-service (deadlock) via crafted operations on IrDA devices. For Debian 7 'Wheezy', these problems have been fixed in version 3.2.86-1. Affected Software/OS: linux on Debian Linux Solution: For Debian 7 'Wheezy', these problems have been fixed in version 3.2.86-1. For Debian 8 'Jessie', these problems have been fixed in version 3.16.39-1+deb8u2. We recommend that you upgrade your linux packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-9588 BugTraq ID: 94933 http://www.securityfocus.com/bid/94933 Debian Security Information: DSA-3804 (Google Search) http://www.debian.org/security/2017/dsa-3804 http://www.openwall.com/lists/oss-security/2016/12/15/3 RedHat Security Advisories: RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842 RedHat Security Advisories: RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077 https://usn.ubuntu.com/3822-1/ https://usn.ubuntu.com/3822-2/ Common Vulnerability Exposure (CVE) ID: CVE-2017-2636 BugTraq ID: 96732 http://www.securityfocus.com/bid/96732 https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html http://www.openwall.com/lists/oss-security/2017/03/07/6 RedHat Security Advisories: RHSA-2017:0892 https://access.redhat.com/errata/RHSA-2017:0892 RedHat Security Advisories: RHSA-2017:0931 https://access.redhat.com/errata/RHSA-2017:0931 RedHat Security Advisories: RHSA-2017:0932 https://access.redhat.com/errata/RHSA-2017:0932 RedHat Security Advisories: RHSA-2017:0933 https://access.redhat.com/errata/RHSA-2017:0933 RedHat Security Advisories: RHSA-2017:0986 https://access.redhat.com/errata/RHSA-2017:0986 RedHat Security Advisories: RHSA-2017:1125 https://access.redhat.com/errata/RHSA-2017:1125 RedHat Security Advisories: RHSA-2017:1126 https://access.redhat.com/errata/RHSA-2017:1126 RedHat Security Advisories: RHSA-2017:1232 https://access.redhat.com/errata/RHSA-2017:1232 RedHat Security Advisories: RHSA-2017:1233 https://access.redhat.com/errata/RHSA-2017:1233 RedHat Security Advisories: RHSA-2017:1488 https://access.redhat.com/errata/RHSA-2017:1488 http://www.securitytracker.com/id/1037963 Common Vulnerability Exposure (CVE) ID: CVE-2017-5669 BugTraq ID: 96754 http://www.securityfocus.com/bid/96754 https://bugzilla.kernel.org/show_bug.cgi?id=192931 https://github.com/torvalds/linux/commit/95e91b831f87ac8e1f8ed50c14d709089b4e01b8 https://github.com/torvalds/linux/commit/e1d35d4dc7f089e6c9c080d556feedf9c706f0c7 http://www.securitytracker.com/id/1037918 https://usn.ubuntu.com/3583-1/ https://usn.ubuntu.com/3583-2/ Common Vulnerability Exposure (CVE) ID: CVE-2017-5986 BugTraq ID: 96222 http://www.securityfocus.com/bid/96222 http://www.openwall.com/lists/oss-security/2017/02/14/6 RedHat Security Advisories: RHSA-2017:1308 https://access.redhat.com/errata/RHSA-2017:1308 Common Vulnerability Exposure (CVE) ID: CVE-2017-6214 BugTraq ID: 96421 http://www.securityfocus.com/bid/96421 RedHat Security Advisories: RHSA-2017:1372 https://access.redhat.com/errata/RHSA-2017:1372 RedHat Security Advisories: RHSA-2017:1615 https://access.redhat.com/errata/RHSA-2017:1615 RedHat Security Advisories: RHSA-2017:1616 https://access.redhat.com/errata/RHSA-2017:1616 RedHat Security Advisories: RHSA-2017:1647 https://access.redhat.com/errata/RHSA-2017:1647 http://www.securitytracker.com/id/1037897 Common Vulnerability Exposure (CVE) ID: CVE-2017-6345 BugTraq ID: 96510 http://www.securityfocus.com/bid/96510 http://www.openwall.com/lists/oss-security/2017/02/28/7 https://usn.ubuntu.com/3754-1/ Common Vulnerability Exposure (CVE) ID: CVE-2017-6346 BugTraq ID: 96508 http://www.securityfocus.com/bid/96508 http://www.openwall.com/lists/oss-security/2017/02/28/6 Common Vulnerability Exposure (CVE) ID: CVE-2017-6348 BugTraq ID: 96483 http://www.securityfocus.com/bid/96483 http://www.openwall.com/lists/oss-security/2017/02/28/4 Common Vulnerability Exposure (CVE) ID: CVE-2017-6353 BugTraq ID: 96473 http://www.securityfocus.com/bid/96473 http://www.openwall.com/lists/oss-security/2017/02/27/2
Copyright	Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.