ID de Prueba:	1.3.6.1.4.1.25623.1.0.843001
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu Update for linux-raspi2 USN-3161-3
Resumen:	The remote host is missing an update for the 'linux-raspi2'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'linux-raspi2' package(s) announced via the referenced advisory. Vulnerability Insight: Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2015-8964) It was discovered that the Video For Linux Two (v4l2) implementation in the Linux kernel did not properly handle multiple planes when processing a VIDIOC_DQBUF ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-4568) CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6213) Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-7042) Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. (CVE-2016-7097) Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service (system crash) or possibly gain privileges. (CVE-2016-7425) It was discovered that the KVM implementation for x86/x86_64 in the Linux kernel could dereference a null pointer. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the KVM host. (CVE-2016-8630) Eyal Itkin discovered that the IP over IEEE 1394 (FireWire) implementation in the Linux kernel contained a buffer overflow when handling fragmented packets. A remote attacker could use this to possibly execute arbitrary code with administrative privileges. (CVE-2016-8633) Marco Grassi discovered that the TCP implementation in the Linux kernel mishandles socket buffer (skb) truncation. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-8645) Daxing Guo discovered a stack-based buffer overflow in the Broadcom IEEE802.11n FullMAC driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain privileges. (CVE-2016-8658) It was discovered that an information leak existed in __get_user_asm_ex() in the Linux kernel. A local attacker could use this to expose sensitive information. ( ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: linux-raspi2 on Ubuntu 16.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8964 BugTraq ID: 94138 http://www.securityfocus.com/bid/94138 Common Vulnerability Exposure (CVE) ID: CVE-2016-4568 http://www.openwall.com/lists/oss-security/2016/05/07/4 Common Vulnerability Exposure (CVE) ID: CVE-2016-6213 BugTraq ID: 91754 http://www.securityfocus.com/bid/91754 http://www.openwall.com/lists/oss-security/2016/07/13/8 RedHat Security Advisories: RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842 RedHat Security Advisories: RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077 Common Vulnerability Exposure (CVE) ID: CVE-2016-7042 BugTraq ID: 93544 http://www.securityfocus.com/bid/93544 http://www.openwall.com/lists/oss-security/2016/10/13/5 RedHat Security Advisories: RHSA-2017:0817 http://rhn.redhat.com/errata/RHSA-2017-0817.html RedHat Security Advisories: RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2017:2669 Common Vulnerability Exposure (CVE) ID: CVE-2016-7097 BugTraq ID: 92659 http://www.securityfocus.com/bid/92659 http://www.spinics.net/lists/linux-fsdevel/msg98328.html http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2 http://www.openwall.com/lists/oss-security/2016/08/26/3 http://www.securitytracker.com/id/1038201 http://www.ubuntu.com/usn/USN-3146-1 http://www.ubuntu.com/usn/USN-3146-2 http://www.ubuntu.com/usn/USN-3147-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-7425 BugTraq ID: 93037 http://www.securityfocus.com/bid/93037 http://marc.info/?l=linux-scsi&m=147394796228991&w=2 http://marc.info/?l=linux-scsi&m=147394713328707&w=2 http://www.openwall.com/lists/oss-security/2016/09/17/2 http://www.ubuntu.com/usn/USN-3144-1 http://www.ubuntu.com/usn/USN-3144-2 http://www.ubuntu.com/usn/USN-3145-1 http://www.ubuntu.com/usn/USN-3145-2 Common Vulnerability Exposure (CVE) ID: CVE-2016-8630 BugTraq ID: 94459 http://www.securityfocus.com/bid/94459 http://www.openwall.com/lists/oss-security/2016/11/22/3 RedHat Security Advisories: RHSA-2017:0386 http://rhn.redhat.com/errata/RHSA-2017-0386.html RedHat Security Advisories: RHSA-2017:0387 http://rhn.redhat.com/errata/RHSA-2017-0387.html Common Vulnerability Exposure (CVE) ID: CVE-2016-8633 BugTraq ID: 94149 http://www.securityfocus.com/bid/94149 https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/ http://www.openwall.com/lists/oss-security/2016/11/06/1 RedHat Security Advisories: RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676 RedHat Security Advisories: RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062 RedHat Security Advisories: RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1170 RedHat Security Advisories: RHSA-2019:1190 https://access.redhat.com/errata/RHSA-2019:1190 Common Vulnerability Exposure (CVE) ID: CVE-2016-8645 BugTraq ID: 94264 http://www.securityfocus.com/bid/94264 http://www.openwall.com/lists/oss-security/2016/11/11/3 http://www.openwall.com/lists/oss-security/2016/11/30/3 http://www.securitytracker.com/id/1037285 Common Vulnerability Exposure (CVE) ID: CVE-2016-8658 BugTraq ID: 93541 http://www.securityfocus.com/bid/93541 http://www.openwall.com/lists/oss-security/2016/10/13/1 Common Vulnerability Exposure (CVE) ID: CVE-2016-9178 BugTraq ID: 94144 http://www.securityfocus.com/bid/94144 http://www.openwall.com/lists/oss-security/2016/11/04/4 Common Vulnerability Exposure (CVE) ID: CVE-2016-9555 BugTraq ID: 94479 http://www.securityfocus.com/bid/94479 http://www.openwall.com/lists/oss-security/2016/11/22/18 RedHat Security Advisories: RHSA-2017:0086 http://rhn.redhat.com/errata/RHSA-2017-0086.html RedHat Security Advisories: RHSA-2017:0091 http://rhn.redhat.com/errata/RHSA-2017-0091.html RedHat Security Advisories: RHSA-2017:0113 http://rhn.redhat.com/errata/RHSA-2017-0113.html RedHat Security Advisories: RHSA-2017:0307 http://rhn.redhat.com/errata/RHSA-2017-0307.html http://www.securitytracker.com/id/1037339 SuSE Security Announcement: SUSE-SU-2016:3096 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00044.html SuSE Security Announcement: SUSE-SU-2016:3113 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00054.html SuSE Security Announcement: SUSE-SU-2016:3116 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00055.html SuSE Security Announcement: SUSE-SU-2016:3117 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00056.html SuSE Security Announcement: SUSE-SU-2016:3169 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00067.html SuSE Security Announcement: SUSE-SU-2016:3183 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00070.html SuSE Security Announcement: SUSE-SU-2016:3197 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00073.html SuSE Security Announcement: SUSE-SU-2016:3205 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00076.html SuSE Security Announcement: SUSE-SU-2016:3206 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00077.html SuSE Security Announcement: SUSE-SU-2016:3247 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00087.html
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.