ID de Prueba:	1.3.6.1.4.1.25623.1.0.843547
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu Update for linux-aws USN-3676-2
Resumen:	The remote host is missing an update for the 'linux-aws'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'linux-aws' package(s) announced via the referenced advisory. Vulnerability Insight: USN-3676-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service (system crash) when mounted. (CVE-2018-1092, CVE-2018-1093) It was discovered that the cdrom driver in the Linux kernel contained an incorrect bounds check. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-10940) It was discovered that the 802.11 software simulator implementation in the Linux kernel contained a memory leak when handling certain error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2018-8087) Affected Software/OS: linux-aws on Ubuntu 14.04 LTS Solution: Please install the updated packages. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1092 Debian Security Information: DSA-4187 (Google Search) https://www.debian.org/security/2018/dsa-4187 Debian Security Information: DSA-4188 (Google Search) https://www.debian.org/security/2018/dsa-4188 http://openwall.com/lists/oss-security/2018/03/29/1 https://bugzilla.kernel.org/show_bug.cgi?id=199179 https://bugzilla.kernel.org/show_bug.cgi?id=199275 https://bugzilla.redhat.com/show_bug.cgi?id=1560777 https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=8e4b5eae5decd9dfe5a4ee369c22028f90ab4c44 https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html RedHat Security Advisories: RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948 RedHat Security Advisories: RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3083 RedHat Security Advisories: RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2018:3096 https://usn.ubuntu.com/3676-1/ https://usn.ubuntu.com/3676-2/ https://usn.ubuntu.com/3677-1/ https://usn.ubuntu.com/3677-2/ https://usn.ubuntu.com/3678-1/ https://usn.ubuntu.com/3678-2/ https://usn.ubuntu.com/3678-3/ https://usn.ubuntu.com/3678-4/ https://usn.ubuntu.com/3754-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-1093 https://bugzilla.kernel.org/show_bug.cgi?id=199181 https://bugzilla.redhat.com/show_bug.cgi?id=1560782 https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=7dac4a1726a9c64a517d595c40e95e2d0d135f6f https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html https://usn.ubuntu.com/3752-1/ https://usn.ubuntu.com/3752-2/ https://usn.ubuntu.com/3752-3/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8087 BugTraq ID: 103397 http://www.securityfocus.com/bid/103397 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ddcff49b672239dda94d70d0fcf50317a9f4b51 https://github.com/torvalds/linux/commit/0ddcff49b672239dda94d70d0fcf50317a9f4b51 RedHat Security Advisories: RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2029 RedHat Security Advisories: RHSA-2019:2043 https://access.redhat.com/errata/RHSA-2019:2043
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.