Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.842388
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu Update for linux USN-2688-1
Zusammenfassung:The remote host is missing an update for the 'linux'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'linux'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Andy Lutomirski discovered a flaw in the
Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged
local user could exploit this flaw to cause a denial of service (system crash)
or potentially escalate their privileges. (CVE-2015-3290)

Colin King discovered a flaw in the add_key function of the Linux kernel's
keyring subsystem. A local user could exploit this flaw to cause a denial
of service (memory exhaustion). (CVE-2015-1333)

Andy Lutomirski discovered a flaw that allows user to cause the Linux
kernel to ignore some NMIs (non-maskable interrupts). A local unprivileged
user could exploit this flaw to potentially cause the system to miss
important NMIs resulting in unspecified effects. (CVE-2015-3291)

Andy Lutomirski and Petr Matousek discovered that an NMI (non-maskable
interrupt) that interrupts userspace and encounters an IRET fault is
incorrectly handled by the Linux kernel. An unprivileged local user could
exploit this flaw to cause a denial of service (kernel OOPs), corruption,
or potentially escalate privileges on the system. (CVE-2015-5157)

Affected Software/OS:
linux on Ubuntu 14.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-3290
BugTraq ID: 76004
http://www.securityfocus.com/bid/76004
Debian Security Information: DSA-3313 (Google Search)
http://www.debian.org/security/2015/dsa-3313
https://www.exploit-db.com/exploits/37722/
http://www.openwall.com/lists/oss-security/2015/07/22/7
http://www.openwall.com/lists/oss-security/2015/08/04/8
SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html
http://www.ubuntu.com/usn/USN-2687-1
http://www.ubuntu.com/usn/USN-2688-1
http://www.ubuntu.com/usn/USN-2689-1
http://www.ubuntu.com/usn/USN-2690-1
http://www.ubuntu.com/usn/USN-2691-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-1333
BugTraq ID: 76050
http://www.securityfocus.com/bid/76050
Debian Security Information: DSA-3329 (Google Search)
http://www.debian.org/security/2015/dsa-3329
http://www.openwall.com/lists/oss-security/2015/07/27/7
RedHat Security Advisories: RHSA-2015:1778
http://rhn.redhat.com/errata/RHSA-2015-1778.html
RedHat Security Advisories: RHSA-2015:1787
http://rhn.redhat.com/errata/RHSA-2015-1787.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-3291
BugTraq ID: 76003
http://www.securityfocus.com/bid/76003
Common Vulnerability Exposure (CVE) ID: CVE-2015-5157
BugTraq ID: 76005
http://www.securityfocus.com/bid/76005
RedHat Security Advisories: RHSA-2016:0185
http://rhn.redhat.com/errata/RHSA-2016-0185.html
RedHat Security Advisories: RHSA-2016:0212
http://rhn.redhat.com/errata/RHSA-2016-0212.html
RedHat Security Advisories: RHSA-2016:0224
http://rhn.redhat.com/errata/RHSA-2016-0224.html
RedHat Security Advisories: RHSA-2016:0715
http://rhn.redhat.com/errata/RHSA-2016-0715.html
SuSE Security Announcement: SUSE-SU-2015:1727 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html
SuSE Security Announcement: SUSE-SU-2015:2108 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html
SuSE Security Announcement: SUSE-SU-2015:2339 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html
SuSE Security Announcement: SUSE-SU-2015:2350 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html
SuSE Security Announcement: SUSE-SU-2016:0354 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.