| Description: | Summary:
The remote host is missing an update for the Debian 'linux' package(s) announced via the DSA-3329-1 advisory.
Vulnerability Insight:
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
CVE-2015-1333
Colin Ian King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user can exploit this flaw to cause a denial of service due to memory exhaustion.
CVE-2015-3212
Ji Jianwen of Red Hat Engineering discovered a flaw in the handling of the SCTPs automatic handling of dynamic multi-homed connections. A local attacker could use this flaw to cause a crash or potentially for privilege escalation.
CVE-2015-4692
A NULL pointer dereference flaw was found in the kvm_apic_has_events function in the KVM subsystem. A unprivileged local user could exploit this flaw to crash the system kernel resulting in denial of service.
CVE-2015-4700
Daniel Borkmann discovered a flaw in the Linux kernel implementation of the Berkeley Packet Filter which can be used by a local user to crash the system.
CVE-2015-5364
It was discovered that the Linux kernel does not properly handle invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums.
CVE-2015-5366
It was discovered that the Linux kernel does not properly handle invalid UDP checksums. A remote attacker can cause a denial of service against applications that use epoll by injecting a single packet with an invalid checksum.
CVE-2015-5697
A flaw was discovered in the md driver in the Linux kernel leading to an information leak.
CVE-2015-5706
An user triggerable use-after-free vulnerability in path lookup in the Linux kernel could potentially lead to privilege escalation.
CVE-2015-5707
An integer overflow in the SCSI generic driver in the Linux kernel was discovered. A local user with write permission on a SCSI generic device could potentially exploit this flaw for privilege escalation.
For the oldstable distribution (wheezy), these problems have been fixed in version 3.2.68-1+deb7u3. CVE-2015-1333, CVE-2015-4692 and CVE-2015-5706 do not affect the wheezy distribution.
For the stable distribution (jessie), these problems have been fixed in version 3.16.7-ckt11-1+deb8u3, except CVE-2015-5364 and CVE-2015-5366 which were fixed already in DSA-3313-1.
For the unstable distribution (sid), these problems have been fixed in version 4.1.3-1 or earlier versions.
We recommend that you upgrade your linux packages.
Affected Software/OS:
'linux' package(s) on Debian 7, Debian 8.
Solution:
Please install the updated package(s).
CVSS Score:
4.9
CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
|
