Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.843268
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu Update for linux-hwe USN-3377-2
Zusammenfassung:The remote host is missing an update for the 'linux-hwe'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'linux-hwe'
package(s) announced via the referenced advisory.

Vulnerability Insight:
USN-3377-1 fixed vulnerabilities in the
Linux kernel for Ubuntu 17.04. This update provides the corresponding updates
for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu
16.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify
events and vfs rename operations in the Linux kernel. An unprivileged local
attacker could use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2017-7533) It was discovered that the Linux kernel did not
properly restrict RLIMIT_STACK size. A local attacker could use this in
conjunction with another vulnerability to possibly execute arbitrary code.
(CVE-2017-1000365) 李 强 discovered that the Virtio GPU driver in the
Linux kernel did not properly free memory in some situations. A local attacker
could use this to cause a denial of service (memory consumption).
(CVE-2017-10810) 石 磊 discovered that the RxRPC Kerberos 5 ticket
handling code in the Linux kernel did not properly verify metadata. A remote
attacker could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2017-7482)

Affected Software/OS:
linux-hwe on Ubuntu 16.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-7533
BugTraq ID: 100123
http://www.securityfocus.com/bid/100123
Debian Security Information: DSA-3927 (Google Search)
http://www.debian.org/security/2017/dsa-3927
Debian Security Information: DSA-3945 (Google Search)
http://www.debian.org/security/2017/dsa-3945
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=49d31c2f389acfe83417083e1208422b4091cd9e
http://openwall.com/lists/oss-security/2017/08/03/2
https://bugzilla.redhat.com/show_bug.cgi?id=1468283
https://github.com/torvalds/linux/commit/49d31c2f389acfe83417083e1208422b4091cd9e
https://patchwork.kernel.org/patch/9755753/
https://patchwork.kernel.org/patch/9755757/
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1408967.html
http://www.openwall.com/lists/oss-security/2019/06/27/7
http://www.openwall.com/lists/oss-security/2019/06/28/1
http://www.openwall.com/lists/oss-security/2019/06/28/2
RedHat Security Advisories: RHSA-2017:2473
https://access.redhat.com/errata/RHSA-2017:2473
RedHat Security Advisories: RHSA-2017:2585
https://access.redhat.com/errata/RHSA-2017:2585
RedHat Security Advisories: RHSA-2017:2669
https://access.redhat.com/errata/RHSA-2017:2669
RedHat Security Advisories: RHSA-2017:2770
https://access.redhat.com/errata/RHSA-2017:2770
RedHat Security Advisories: RHSA-2017:2869
https://access.redhat.com/errata/RHSA-2017:2869
http://www.securitytracker.com/id/1039075
Common Vulnerability Exposure (CVE) ID: CVE-2017-7482
BugTraq ID: 99299
http://www.securityfocus.com/bid/99299
https://www.debian.org/security/2017/dsa-3927
https://www.debian.org/security/2017/dsa-3945
http://seclists.org/oss-sec/2017/q2/602
RedHat Security Advisories: RHSA-2019:0641
https://access.redhat.com/errata/RHSA-2019:0641
http://www.securitytracker.com/id/1038787
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.