| Description: | Summary:
The remote host is missing an update for the Debian 'linux' package(s) announced via the DSA-3313-1 advisory.
Vulnerability Insight:
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service.
CVE-2015-3290
Andy Lutomirski discovered that the Linux kernel does not properly handle nested NMIs. A local, unprivileged user could use this flaw for privilege escalation.
CVE-2015-3291
Andy Lutomirski discovered that under certain conditions a malicious userspace program can cause the kernel to skip NMIs leading to a denial of service.
CVE-2015-4167
Carl Henrik Lunde discovered that the UDF implementation is missing a necessary length check. A local user that can mount devices could use this flaw to crash the system.
CVE-2015-5157
Petr Matousek and Andy Lutomirski discovered that an NMI that interrupts userspace and encounters an IRET fault is incorrectly handled. A local, unprivileged user could use this flaw for denial of service or possibly for privilege escalation.
CVE-2015-5364
It was discovered that the Linux kernel does not properly handle invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums.
CVE-2015-5366
It was discovered that the Linux kernel does not properly handle invalid UDP checksums. A remote attacker can cause a denial of service against applications that use epoll by injecting a single packet with an invalid checksum.
For the stable distribution (jessie), these problems have been fixed in version 3.16.7-ckt11-1+deb8u2.
For the unstable distribution (sid), these problems have been fixed in version 4.0.8-2 or earlier versions.
We recommend that you upgrade your linux packages.
Affected Software/OS:
'linux' package(s) on Debian 8.
Solution:
Please install the updated package(s).
CVSS Score:
7.8
CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
