Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.703696
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 3696-1 (linux - security update)
Summary:Several vulnerabilities have been discovered in the Linux kernel that;may lead to a privilege escalation, denial of service or information;leaks.;;CVE-2015-8956;It was discovered that missing input sanitising in RFCOMM Bluetooth;socket handling may result in denial of service or information leak.;;CVE-2016-5195;It was discovered that a race condition in the memory management;code can be used for local privilege escalation.;;CVE-2016-7042;Ondrej Kozina discovered that incorrect buffer allocation in the;proc_keys_show() function may result in local denial of service.;;CVE-2016-7425;Marco Grassi discovered a buffer overflow in the arcmsr SCSI driver;which may result in local denial of service, or potentially,;arbitrary code execution.;;Additionally this update fixes a regression introduced in DSA-3616-1;causing iptables performance issues (cf. Debian Bug #831014).
Description:Summary:
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2015-8956
It was discovered that missing input sanitising in RFCOMM Bluetooth
socket handling may result in denial of service or information leak.

CVE-2016-5195
It was discovered that a race condition in the memory management
code can be used for local privilege escalation.

CVE-2016-7042
Ondrej Kozina discovered that incorrect buffer allocation in the
proc_keys_show() function may result in local denial of service.

CVE-2016-7425
Marco Grassi discovered a buffer overflow in the arcmsr SCSI driver
which may result in local denial of service, or potentially,
arbitrary code execution.

Additionally this update fixes a regression introduced in DSA-3616-1
causing iptables performance issues (cf. Debian Bug #831014).

Affected Software/OS:
linux on Debian Linux

Solution:
For the stable distribution (jessie), these problems have been fixed in
version 3.16.36-1+deb8u2.

We recommend that you upgrade your linux packages.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-8956
BugTraq ID: 93326
http://www.securityfocus.com/bid/93326
RedHat Security Advisories: RHSA-2016:2574
http://rhn.redhat.com/errata/RHSA-2016-2574.html
RedHat Security Advisories: RHSA-2016:2584
http://rhn.redhat.com/errata/RHSA-2016-2584.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5195
BugTraq ID: 93793
http://www.securityfocus.com/bid/93793
CERT/CC vulnerability note: VU#243144
https://www.kb.cert.org/vuls/id/243144
https://www.exploit-db.com/exploits/40611/
https://www.exploit-db.com/exploits/40616/
https://www.exploit-db.com/exploits/40839/
https://www.exploit-db.com/exploits/40847/
https://dirtycow.ninja
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
http://www.openwall.com/lists/oss-security/2016/10/26/7
RedHat Security Advisories: RHSA-2016:2098
http://rhn.redhat.com/errata/RHSA-2016-2098.html
RedHat Security Advisories: RHSA-2016:2105
http://rhn.redhat.com/errata/RHSA-2016-2105.html
RedHat Security Advisories: RHSA-2016:2106
http://rhn.redhat.com/errata/RHSA-2016-2106.html
RedHat Security Advisories: RHSA-2016:2107
http://rhn.redhat.com/errata/RHSA-2016-2107.html
RedHat Security Advisories: RHSA-2016:2110
http://rhn.redhat.com/errata/RHSA-2016-2110.html
RedHat Security Advisories: RHSA-2016:2118
http://rhn.redhat.com/errata/RHSA-2016-2118.html
RedHat Security Advisories: RHSA-2016:2120
http://rhn.redhat.com/errata/RHSA-2016-2120.html
RedHat Security Advisories: RHSA-2016:2124
http://rhn.redhat.com/errata/RHSA-2016-2124.html
RedHat Security Advisories: RHSA-2016:2126
http://rhn.redhat.com/errata/RHSA-2016-2126.html
RedHat Security Advisories: RHSA-2016:2127
http://rhn.redhat.com/errata/RHSA-2016-2127.html
RedHat Security Advisories: RHSA-2016:2128
http://rhn.redhat.com/errata/RHSA-2016-2128.html
RedHat Security Advisories: RHSA-2016:2132
http://rhn.redhat.com/errata/RHSA-2016-2132.html
RedHat Security Advisories: RHSA-2016:2133
http://rhn.redhat.com/errata/RHSA-2016-2133.html
RedHat Security Advisories: RHSA-2017:0372
https://access.redhat.com/errata/RHSA-2017:0372
http://www.securitytracker.com/id/1037078
SuSE Security Announcement: openSUSE-SU-2020:0554 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7042
BugTraq ID: 93544
http://www.securityfocus.com/bid/93544
http://www.openwall.com/lists/oss-security/2016/10/13/5
RedHat Security Advisories: RHSA-2017:0817
http://rhn.redhat.com/errata/RHSA-2017-0817.html
RedHat Security Advisories: RHSA-2017:1842
https://access.redhat.com/errata/RHSA-2017:1842
RedHat Security Advisories: RHSA-2017:2077
https://access.redhat.com/errata/RHSA-2017:2077
RedHat Security Advisories: RHSA-2017:2669
https://access.redhat.com/errata/RHSA-2017:2669
Common Vulnerability Exposure (CVE) ID: CVE-2016-7425
BugTraq ID: 93037
http://www.securityfocus.com/bid/93037
http://marc.info/?l=linux-scsi&m=147394796228991&w=2
http://marc.info/?l=linux-scsi&m=147394713328707&w=2
http://www.openwall.com/lists/oss-security/2016/09/17/2
http://www.ubuntu.com/usn/USN-3144-1
http://www.ubuntu.com/usn/USN-3144-2
http://www.ubuntu.com/usn/USN-3145-1
http://www.ubuntu.com/usn/USN-3145-2
http://www.ubuntu.com/usn/USN-3146-1
http://www.ubuntu.com/usn/USN-3146-2
http://www.ubuntu.com/usn/USN-3147-1
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.