ID de Prueba:	1.3.6.1.4.1.25623.1.0.843549
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu Update for linux USN-3674-1
Resumen:	The remote host is missing an update for the 'linux'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'linux' package(s) announced via the referenced advisory. Vulnerability Insight: It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-1068) It was discovered that a NULL pointer dereference existed in the RDS (Reliable Datagram Sockets) protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-7492) Eyal Itkin discovered that the USB displaylink video adapter driver in the Linux kernel did not properly validate mmap offsets sent from userspace. A local attacker could use this to expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2018-8781) Xingyuan Lin discovered that an out-of-bounds read existed in the USB Video Class (UVC) driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-0627) Affected Software/OS: linux on Ubuntu 14.04 LTS Solution: Please install the updated packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1068 BugTraq ID: 103459 http://www.securityfocus.com/bid/103459 Debian Security Information: DSA-4187 (Google Search) https://www.debian.org/security/2018/dsa-4187 Debian Security Information: DSA-4188 (Google Search) https://www.debian.org/security/2018/dsa-4188 https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https://marc.info/?l=linux-netdev&m=152023808817590&w=2 https://marc.info/?l=linux-netdev&m=152025888924151&w=2 RedHat Security Advisories: RHSA-2018:1318 https://access.redhat.com/errata/RHSA-2018:1318 RedHat Security Advisories: RHSA-2018:1355 https://access.redhat.com/errata/RHSA-2018:1355 RedHat Security Advisories: RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948 RedHat Security Advisories: RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1170 RedHat Security Advisories: RHSA-2019:1190 https://access.redhat.com/errata/RHSA-2019:1190 RedHat Security Advisories: RHSA-2019:4159 https://access.redhat.com/errata/RHSA-2019:4159 https://usn.ubuntu.com/3654-1/ https://usn.ubuntu.com/3654-2/ https://usn.ubuntu.com/3656-1/ https://usn.ubuntu.com/3674-1/ https://usn.ubuntu.com/3674-2/ https://usn.ubuntu.com/3677-1/ https://usn.ubuntu.com/3677-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-7492 BugTraq ID: 103185 http://www.securityfocus.com/bid/103185 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3069c6d33f6ae63a1668737bc78aaaa51bff7ca https://bugzilla.redhat.com/show_bug.cgi?id=1527393 https://github.com/torvalds/linux/commit/f3069c6d33f6ae63a1668737bc78aaaa51bff7ca https://patchwork.kernel.org/patch/10096441/ https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.7 https://xorl.wordpress.com/2017/12/18/linux-kernel-rdma-null-pointer-dereference/ https://usn.ubuntu.com/3619-1/ https://usn.ubuntu.com/3619-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8781 https://patchwork.freedesktop.org/patch/211845/ https://research.checkpoint.com/mmap-vulnerabilities-linux-kernel/ RedHat Security Advisories: RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3083 RedHat Security Advisories: RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2018:3096 Common Vulnerability Exposure (CVE) ID: CVE-2017-0627 BugTraq ID: 98205 http://www.securityfocus.com/bid/98205
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.