ID de Prueba:	1.3.6.1.4.1.25623.1.0.843511
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu Update for linux USN-3631-1
Resumen:	The remote host is missing an update for the 'linux'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'linux' package(s) announced via the referenced advisory. Vulnerability Insight: It was discovered that a buffer overread vulnerability existed in the keyring subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2017-13305) It was discovered that the DM04/QQBOX USB driver in the Linux kernel did not properly handle device attachment and warm-start. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16538) Luo Quan and Wei Yang discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system deadlock). (CVE-2018-1000004) Wang Qize discovered that an information disclosure vulnerability existed in the SMBus driver for ACPI Embedded Controllers in the Linux kernel. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2018-5750) discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel that could lead to a use-after-free or an out-of-bounds buffer access. A local attacker with access to /dev/snd/seq could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-7566) Affected Software/OS: linux on Ubuntu 16.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-5750 Debian Security Information: DSA-4120 (Google Search) https://www.debian.org/security/2018/dsa-4120 Debian Security Information: DSA-4187 (Google Search) https://www.debian.org/security/2018/dsa-4187 https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html RedHat Security Advisories: RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676 RedHat Security Advisories: RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062 RedHat Security Advisories: RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948 http://www.securitytracker.com/id/1040319 https://usn.ubuntu.com/3631-1/ https://usn.ubuntu.com/3631-2/ https://usn.ubuntu.com/3697-1/ https://usn.ubuntu.com/3697-2/ https://usn.ubuntu.com/3698-1/ https://usn.ubuntu.com/3698-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-7566 BugTraq ID: 103605 http://www.securityfocus.com/bid/103605 https://bugzilla.redhat.com/show_bug.cgi?id=1550142 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d15d662e89fc667b90cd294b0eb45694e33144da https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 Debian Security Information: DSA-4188 (Google Search) https://www.debian.org/security/2018/dsa-4188 https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html http://mailman.alsa-project.org/pipermail/alsa-devel/2018-February/132026.html RedHat Security Advisories: RHSA-2018:2384 https://access.redhat.com/errata/RHSA-2018:2384 RedHat Security Advisories: RHSA-2018:2390 https://access.redhat.com/errata/RHSA-2018:2390 RedHat Security Advisories: RHSA-2018:2395 https://access.redhat.com/errata/RHSA-2018:2395 RedHat Security Advisories: RHSA-2019:1483 https://access.redhat.com/errata/RHSA-2019:1483 RedHat Security Advisories: RHSA-2019:1487 https://access.redhat.com/errata/RHSA-2019:1487 SuSE Security Announcement: SUSE-SU-2018:0834 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.html https://usn.ubuntu.com/3798-1/ https://usn.ubuntu.com/3798-2/
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.