ID de Prueba:	1.3.6.1.4.1.25623.1.0.841414
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu Update for linux USN-1813-1
Resumen:	The remote host is missing an update for the 'linux'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'linux' package(s) announced via the referenced advisory. Vulnerability Insight: Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. (CVE-2012-6548) Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. (CVE-2012-6549) An integer overflow was discovered in the Direct Rendering Manager (DRM) subsystem for the i915 video driver in the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash) or potentially escalate privileges. (CVE-2013-0913) Andrew Honig discovered a flaw in guest OS time updates in the Linux kernel's KVM (Kernel-based Virtual Machine). A privileged guest user could exploit this flaw to cause a denial of service (crash host system) or potential escalate privilege to the host kernel level. (CVE-2013-1796) Andrew Honig discovered a use after free error in guest OS time updates in the Linux kernel's KVM (Kernel-based Virtual Machine). A privileged guest user could exploit this flaw to escalate privilege to the host kernel level. (CVE-2013-1797) Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service (crash the host). (CVE-2013-1798) A format-string bug was discovered in the Linux kernel's ext3 filesystem driver. A local user could exploit this flaw to possibly escalate privileges on the system. (CVE-2013-1848) A buffer overflow was discovered in the Linux Kernel's USB subsystem for devices reporting the cdc-wdm class. A specially crafted USB device when plugged-in could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2013-1860) An information leak in the Linux kernel's dcb netlink interface was discovered. A local user could obtain sensitive information by examining kernel stack memory. (CVE-2013-2634) A kernel stack information leak was discovered in the RTNETLINK component of the Linux kernel. A local user could read sensitive information from the kernel stack. (CVE-2013-2635) Affected Software/OS: linux on Ubuntu 12.10 Solution: Please Install the Updated Packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-6548 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://www.openwall.com/lists/oss-security/2013/03/05/13 RedHat Security Advisories: RHSA-2013:1051 http://rhn.redhat.com/errata/RHSA-2013-1051.html SuSE Security Announcement: openSUSE-SU-2013:1187 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html http://www.ubuntu.com/usn/USN-1805-1 http://www.ubuntu.com/usn/USN-1808-1 http://www.ubuntu.com/usn/USN-1809-1 http://www.ubuntu.com/usn/USN-1811-1 http://www.ubuntu.com/usn/USN-1812-1 http://www.ubuntu.com/usn/USN-1813-1 http://www.ubuntu.com/usn/USN-1814-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-6549 http://www.ubuntu.com/usn/USN-1829-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-0913 https://lkml.org/lkml/2013/3/11/501 http://openwall.com/lists/oss-security/2013/03/11/6 http://openwall.com/lists/oss-security/2013/03/13/9 http://openwall.com/lists/oss-security/2013/03/14/22 RedHat Security Advisories: RHSA-2013:0744 http://rhn.redhat.com/errata/RHSA-2013-0744.html SuSE Security Announcement: openSUSE-SU-2013:0847 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html SuSE Security Announcement: openSUSE-SU-2013:0925 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2013-1796 BugTraq ID: 58607 http://www.securityfocus.com/bid/58607 http://www.openwall.com/lists/oss-security/2013/03/20/9 RedHat Security Advisories: RHSA-2013:0727 http://rhn.redhat.com/errata/RHSA-2013-0727.html RedHat Security Advisories: RHSA-2013:0746 http://rhn.redhat.com/errata/RHSA-2013-0746.html RedHat Security Advisories: RHSA-2013:0928 http://rhn.redhat.com/errata/RHSA-2013-0928.html RedHat Security Advisories: RHSA-2013:1026 http://rhn.redhat.com/errata/RHSA-2013-1026.html Common Vulnerability Exposure (CVE) ID: CVE-2013-1797 Common Vulnerability Exposure (CVE) ID: CVE-2013-1798 http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html Common Vulnerability Exposure (CVE) ID: CVE-2013-1848 http://www.openwall.com/lists/oss-security/2013/03/20/8 Common Vulnerability Exposure (CVE) ID: CVE-2013-1860 BugTraq ID: 58510 http://www.securityfocus.com/bid/58510 http://www.openwall.com/lists/oss-security/2013/03/15/3 RedHat Security Advisories: RHSA-2014:0328 http://rhn.redhat.com/errata/RHSA-2014-0328.html RedHat Security Advisories: RHSA-2014:0339 http://rhn.redhat.com/errata/RHSA-2014-0339.html Common Vulnerability Exposure (CVE) ID: CVE-2013-2634 http://www.openwall.com/lists/oss-security/2013/03/20/1 SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html Common Vulnerability Exposure (CVE) ID: CVE-2013-2635
Copyright	Copyright (c) 2013 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.