Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.843506 |
Kategorie: | Ubuntu Local Security Checks |
Titel: | Ubuntu Update for linux-aws USN-3631-2 |
Zusammenfassung: | The remote host is missing an update for the 'linux-aws'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'linux-aws' package(s) announced via the referenced advisory. Vulnerability Insight: USN-3631-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a buffer overread vulnerability existed in the keyring subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2017-13305) It was discovered that the DM04/QQBOX USB driver in the Linux kernel did not properly handle device attachment and warm-start. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16538) Luo Quan and Wei Yang discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system deadlock). (CVE-2018-1000004) Wang Qize discovered that an information disclosure vulnerability existed in the SMBus driver for ACPI Embedded Controllers in the Linux kernel. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2018-5750) discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel that could lead to a use-after-free or an out-of-bounds buffer access. A local attacker with access to /dev/snd/seq could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-7566) Affected Software/OS: linux-aws on Ubuntu 14.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-5750 Debian Security Information: DSA-4120 (Google Search) https://www.debian.org/security/2018/dsa-4120 Debian Security Information: DSA-4187 (Google Search) https://www.debian.org/security/2018/dsa-4187 https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html RedHat Security Advisories: RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676 RedHat Security Advisories: RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062 RedHat Security Advisories: RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948 http://www.securitytracker.com/id/1040319 https://usn.ubuntu.com/3631-1/ https://usn.ubuntu.com/3631-2/ https://usn.ubuntu.com/3697-1/ https://usn.ubuntu.com/3697-2/ https://usn.ubuntu.com/3698-1/ https://usn.ubuntu.com/3698-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-7566 BugTraq ID: 103605 http://www.securityfocus.com/bid/103605 https://bugzilla.redhat.com/show_bug.cgi?id=1550142 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d15d662e89fc667b90cd294b0eb45694e33144da https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 Debian Security Information: DSA-4188 (Google Search) https://www.debian.org/security/2018/dsa-4188 https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html http://mailman.alsa-project.org/pipermail/alsa-devel/2018-February/132026.html RedHat Security Advisories: RHSA-2018:2384 https://access.redhat.com/errata/RHSA-2018:2384 RedHat Security Advisories: RHSA-2018:2390 https://access.redhat.com/errata/RHSA-2018:2390 RedHat Security Advisories: RHSA-2018:2395 https://access.redhat.com/errata/RHSA-2018:2395 RedHat Security Advisories: RHSA-2019:1483 https://access.redhat.com/errata/RHSA-2019:1483 RedHat Security Advisories: RHSA-2019:1487 https://access.redhat.com/errata/RHSA-2019:1487 SuSE Security Announcement: SUSE-SU-2018:0834 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.html https://usn.ubuntu.com/3798-1/ https://usn.ubuntu.com/3798-2/ |
Copyright | Copyright (C) 2018 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |