ID de Prueba:	1.3.6.1.4.1.25623.1.0.842493
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu Update for linux-lts-utopic USN-2777-1
Resumen:	The remote host is missing an update for the 'linux-lts-utopic'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'linux-lts-utopic' package(s) announced via the referenced advisory. Vulnerability Insight: It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service (system crash) or possibly execute code with administrative privileges. (CVE-2015-5156) Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. (CVE-2015-5697) Marc-André Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). (CVE-2015-6252) It was discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel did not verify sockets were properly bound before attempting to send a message, which could cause a NULL pointer dereference. An attacker could use this to cause a denial of service (system crash). (CVE-2015-6937) Ben Hutchings discovered that the Advanced Union Filesystem (aufs) for the Linux kernel did not correctly handle references of memory mapped files from an aufs mount. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2015-7312) Affected Software/OS: linux-lts-utopic on Ubuntu 14.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 6.1 CVSS Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5156 BugTraq ID: 76230 http://www.securityfocus.com/bid/76230 Debian Security Information: DSA-3364 (Google Search) http://www.debian.org/security/2015/dsa-3364 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171454.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169378.html RedHat Security Advisories: RHSA-2015:1978 http://rhn.redhat.com/errata/RHSA-2015-1978.html RedHat Security Advisories: RHSA-2016:0855 http://rhn.redhat.com/errata/RHSA-2016-0855.html http://www.securitytracker.com/id/1034045 SuSE Security Announcement: SUSE-SU-2015:1727 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html SuSE Security Announcement: SUSE-SU-2015:2292 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html http://www.ubuntu.com/usn/USN-2773-1 http://www.ubuntu.com/usn/USN-2774-1 http://www.ubuntu.com/usn/USN-2777-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-5697 BugTraq ID: 76066 http://www.securityfocus.com/bid/76066 Debian Security Information: DSA-3329 (Google Search) http://www.debian.org/security/2015/dsa-3329 http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163661.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163711.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164193.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164137.html http://www.openwall.com/lists/oss-security/2015/07/28/2 http://www.securitytracker.com/id/1033211 http://www.ubuntu.com/usn/USN-2731-1 http://www.ubuntu.com/usn/USN-2732-1 http://www.ubuntu.com/usn/USN-2748-1 http://www.ubuntu.com/usn/USN-2749-1 http://www.ubuntu.com/usn/USN-2751-1 http://www.ubuntu.com/usn/USN-2752-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-6252 BugTraq ID: 76400 http://www.securityfocus.com/bid/76400 http://www.openwall.com/lists/oss-security/2015/08/18/3 http://www.securitytracker.com/id/1033666 SuSE Security Announcement: SUSE-SU-2015:2108 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html SuSE Security Announcement: SUSE-SU-2016:0354 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html SuSE Security Announcement: SUSE-SU-2016:2074 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html http://www.ubuntu.com/usn/USN-2759-1 http://www.ubuntu.com/usn/USN-2760-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-6937 BugTraq ID: 76767 http://www.securityfocus.com/bid/76767 http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167358.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168447.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168539.html http://www.openwall.com/lists/oss-security/2015/09/14/3 http://www.securitytracker.com/id/1034453 SuSE Security Announcement: SUSE-SU-2015:2339 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html SuSE Security Announcement: SUSE-SU-2015:2350 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html SuSE Security Announcement: SUSE-SU-2016:0335 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html SuSE Security Announcement: SUSE-SU-2016:0337 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html SuSE Security Announcement: SUSE-SU-2016:0380 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html SuSE Security Announcement: SUSE-SU-2016:0381 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html SuSE Security Announcement: SUSE-SU-2016:0383 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html SuSE Security Announcement: SUSE-SU-2016:0384 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html SuSE Security Announcement: SUSE-SU-2016:0386 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html SuSE Security Announcement: SUSE-SU-2016:0387 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html SuSE Security Announcement: SUSE-SU-2016:0434 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html SuSE Security Announcement: openSUSE-SU-2015:2232 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html Common Vulnerability Exposure (CVE) ID: CVE-2015-7312 http://sourceforge.net/p/aufs/mailman/message/34449209/ http://www.openwall.com/lists/oss-security/2015/09/22/10
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.