Ubuntu Local Security Checks : Ubuntu Update for linux-lts-trusty USN-2587-1

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.842191

Categoría: Ubuntu Local Security Checks

Título: Ubuntu Update for linux-lts-trusty USN-2587-1

Resumen: The remote host is missing an update for the 'linux-lts-trusty'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'linux-lts-trusty'
package(s) announced via the referenced advisory.

Vulnerability Insight:
A stack overflow was discovered in the the
microcode loader for the intel x86 platform. A local attacker could exploit this
flaw to cause a denial of service (kernel crash) or to potentially execute code
with kernel privileges. (CVE-2015-2666)

It was discovered that the Linux kernel's IPv6 networking stack has a flaw
that allows using route advertisement (RA) messages to set the 'hop_limit'
to values that are too low. An unprivileged attacker on a local network
could exploit this flaw to cause a denial of service (IPv6 messages
dropped). (CVE-2015-2922)

Affected Software/OS:
linux-lts-trusty on Ubuntu 12.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-2666
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153329.html
http://www.openwall.com/lists/oss-security/2015/03/20/18
RedHat Security Advisories: RHSA-2015:1534
http://rhn.redhat.com/errata/RHSA-2015-1534.html
http://www.securitytracker.com/id/1032414
Common Vulnerability Exposure (CVE) ID: CVE-2015-2922
BugTraq ID: 74315
http://www.securityfocus.com/bid/74315
Debian Security Information: DSA-3237 (Google Search)
http://www.debian.org/security/2015/dsa-3237
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html
http://www.openwall.com/lists/oss-security/2015/04/04/2
RedHat Security Advisories: RHSA-2015:1221
http://rhn.redhat.com/errata/RHSA-2015-1221.html
RedHat Security Advisories: RHSA-2015:1564
http://rhn.redhat.com/errata/RHSA-2015-1564.html
http://www.securitytracker.com/id/1032417
SuSE Security Announcement: SUSE-SU-2015:1224 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html

Copyright Copyright (C) 2015 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.842191
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu Update for linux-lts-trusty USN-2587-1
Resumen:	The remote host is missing an update for the 'linux-lts-trusty'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'linux-lts-trusty' package(s) announced via the referenced advisory. Vulnerability Insight: A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service (kernel crash) or to potentially execute code with kernel privileges. (CVE-2015-2666) It was discovered that the Linux kernel's IPv6 networking stack has a flaw that allows using route advertisement (RA) messages to set the 'hop_limit' to values that are too low. An unprivileged attacker on a local network could exploit this flaw to cause a denial of service (IPv6 messages dropped). (CVE-2015-2922) Affected Software/OS: linux-lts-trusty on Ubuntu 12.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2666 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153329.html http://www.openwall.com/lists/oss-security/2015/03/20/18 RedHat Security Advisories: RHSA-2015:1534 http://rhn.redhat.com/errata/RHSA-2015-1534.html http://www.securitytracker.com/id/1032414 Common Vulnerability Exposure (CVE) ID: CVE-2015-2922 BugTraq ID: 74315 http://www.securityfocus.com/bid/74315 Debian Security Information: DSA-3237 (Google Search) http://www.debian.org/security/2015/dsa-3237 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html http://www.openwall.com/lists/oss-security/2015/04/04/2 RedHat Security Advisories: RHSA-2015:1221 http://rhn.redhat.com/errata/RHSA-2015-1221.html RedHat Security Advisories: RHSA-2015:1564 http://rhn.redhat.com/errata/RHSA-2015-1564.html http://www.securitytracker.com/id/1032417 SuSE Security Announcement: SUSE-SU-2015:1224 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html
Copyright	Copyright (C) 2015 Greenbone Networks GmbH