English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.703696
Category:Debian Local Security Checks
Title:Debian: Security Advisory (DSA-3696-1)
Summary:The remote host is missing an update for the Debian 'linux' package(s) announced via the DSA-3696-1 advisory.
Description:Summary:
The remote host is missing an update for the Debian 'linux' package(s) announced via the DSA-3696-1 advisory.

Vulnerability Insight:
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

CVE-2015-8956

It was discovered that missing input sanitising in RFCOMM Bluetooth socket handling may result in denial of service or information leak.

CVE-2016-5195

It was discovered that a race condition in the memory management code can be used for local privilege escalation.

CVE-2016-7042

Ondrej Kozina discovered that incorrect buffer allocation in the proc_keys_show() function may result in local denial of service.

CVE-2016-7425

Marco Grassi discovered a buffer overflow in the arcmsr SCSI driver which may result in local denial of service, or potentially, arbitrary code execution.

Additionally this update fixes a regression introduced in DSA-3616-1 causing iptables performance issues (cf. Debian Bug #831014).

For the stable distribution (jessie), these problems have been fixed in version 3.16.36-1+deb8u2.

We recommend that you upgrade your linux packages.

Affected Software/OS:
'linux' package(s) on Debian 8.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-8956
BugTraq ID: 93326
http://www.securityfocus.com/bid/93326
RedHat Security Advisories: RHSA-2016:2574
http://rhn.redhat.com/errata/RHSA-2016-2574.html
RedHat Security Advisories: RHSA-2016:2584
http://rhn.redhat.com/errata/RHSA-2016-2584.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5195
BugTraq ID: 93793
http://www.securityfocus.com/bid/93793
Bugtraq: 20161020 [CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability (Google Search)
http://www.securityfocus.com/archive/1/539611/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded
Bugtraq: 20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege (Google Search)
http://www.securityfocus.com/archive/1/540252/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded
Bugtraq: 20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege (Google Search)
http://www.securityfocus.com/archive/1/540344/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded
Bugtraq: 20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege (Google Search)
http://www.securityfocus.com/archive/1/540736/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded
CERT/CC vulnerability note: VU#243144
https://www.kb.cert.org/vuls/id/243144
Cisco Security Advisory: 20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux
Cisco Security Advisory: 20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd
Debian Security Information: DSA-3696 (Google Search)
http://www.debian.org/security/2016/dsa-3696
https://www.exploit-db.com/exploits/40611/
https://www.exploit-db.com/exploits/40616/
https://www.exploit-db.com/exploits/40839/
https://www.exploit-db.com/exploits/40847/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/
http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html
http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html
http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html
http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html
http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html
http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html
https://dirtycow.ninja
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026
http://www.openwall.com/lists/oss-security/2016/10/21/1
http://www.openwall.com/lists/oss-security/2016/10/26/7
http://www.openwall.com/lists/oss-security/2016/10/27/13
http://www.openwall.com/lists/oss-security/2016/10/30/1
http://www.openwall.com/lists/oss-security/2016/11/03/7
http://www.openwall.com/lists/oss-security/2022/03/07/1
http://www.openwall.com/lists/oss-security/2022/08/08/1
http://www.openwall.com/lists/oss-security/2022/08/08/2
http://www.openwall.com/lists/oss-security/2022/08/08/7
http://www.openwall.com/lists/oss-security/2022/08/08/8
http://www.openwall.com/lists/oss-security/2022/08/09/4
http://www.openwall.com/lists/oss-security/2022/08/15/1
RedHat Security Advisories: RHSA-2016:2098
http://rhn.redhat.com/errata/RHSA-2016-2098.html
RedHat Security Advisories: RHSA-2016:2105
http://rhn.redhat.com/errata/RHSA-2016-2105.html
RedHat Security Advisories: RHSA-2016:2106
http://rhn.redhat.com/errata/RHSA-2016-2106.html
RedHat Security Advisories: RHSA-2016:2107
http://rhn.redhat.com/errata/RHSA-2016-2107.html
RedHat Security Advisories: RHSA-2016:2110
http://rhn.redhat.com/errata/RHSA-2016-2110.html
RedHat Security Advisories: RHSA-2016:2118
http://rhn.redhat.com/errata/RHSA-2016-2118.html
RedHat Security Advisories: RHSA-2016:2120
http://rhn.redhat.com/errata/RHSA-2016-2120.html
RedHat Security Advisories: RHSA-2016:2124
http://rhn.redhat.com/errata/RHSA-2016-2124.html
RedHat Security Advisories: RHSA-2016:2126
http://rhn.redhat.com/errata/RHSA-2016-2126.html
RedHat Security Advisories: RHSA-2016:2127
http://rhn.redhat.com/errata/RHSA-2016-2127.html
RedHat Security Advisories: RHSA-2016:2128
http://rhn.redhat.com/errata/RHSA-2016-2128.html
RedHat Security Advisories: RHSA-2016:2132
http://rhn.redhat.com/errata/RHSA-2016-2132.html
RedHat Security Advisories: RHSA-2016:2133
http://rhn.redhat.com/errata/RHSA-2016-2133.html
RedHat Security Advisories: RHSA-2017:0372
https://access.redhat.com/errata/RHSA-2017:0372
http://www.securitytracker.com/id/1037078
SuSE Security Announcement: SUSE-SU-2016:2585 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html
SuSE Security Announcement: SUSE-SU-2016:2592 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html
SuSE Security Announcement: SUSE-SU-2016:2593 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html
SuSE Security Announcement: SUSE-SU-2016:2596 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html
SuSE Security Announcement: SUSE-SU-2016:2614 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html
SuSE Security Announcement: SUSE-SU-2016:2629 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html
SuSE Security Announcement: SUSE-SU-2016:2630 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html
SuSE Security Announcement: SUSE-SU-2016:2631 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html
SuSE Security Announcement: SUSE-SU-2016:2632 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html
SuSE Security Announcement: SUSE-SU-2016:2633 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html
SuSE Security Announcement: SUSE-SU-2016:2634 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html
SuSE Security Announcement: SUSE-SU-2016:2635 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html
SuSE Security Announcement: SUSE-SU-2016:2636 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html
SuSE Security Announcement: SUSE-SU-2016:2637 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html
SuSE Security Announcement: SUSE-SU-2016:2638 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html
SuSE Security Announcement: SUSE-SU-2016:2655 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html
SuSE Security Announcement: SUSE-SU-2016:2657 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html
SuSE Security Announcement: SUSE-SU-2016:2658 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html
SuSE Security Announcement: SUSE-SU-2016:2659 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html
SuSE Security Announcement: SUSE-SU-2016:2673 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html
SuSE Security Announcement: SUSE-SU-2016:3069 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html
SuSE Security Announcement: SUSE-SU-2016:3304 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html
SuSE Security Announcement: openSUSE-SU-2016:2583 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html
SuSE Security Announcement: openSUSE-SU-2016:2584 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html
SuSE Security Announcement: openSUSE-SU-2016:2625 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html
SuSE Security Announcement: openSUSE-SU-2016:2649 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html
SuSE Security Announcement: openSUSE-SU-2020:0554 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html
http://www.ubuntu.com/usn/USN-3104-1
http://www.ubuntu.com/usn/USN-3104-2
http://www.ubuntu.com/usn/USN-3105-1
http://www.ubuntu.com/usn/USN-3105-2
http://www.ubuntu.com/usn/USN-3106-1
http://www.ubuntu.com/usn/USN-3106-2
http://www.ubuntu.com/usn/USN-3106-3
http://www.ubuntu.com/usn/USN-3106-4
http://www.ubuntu.com/usn/USN-3107-1
http://www.ubuntu.com/usn/USN-3107-2
Common Vulnerability Exposure (CVE) ID: CVE-2016-7042
BugTraq ID: 93544
http://www.securityfocus.com/bid/93544
http://www.openwall.com/lists/oss-security/2016/10/13/5
RedHat Security Advisories: RHSA-2017:0817
http://rhn.redhat.com/errata/RHSA-2017-0817.html
RedHat Security Advisories: RHSA-2017:1842
https://access.redhat.com/errata/RHSA-2017:1842
RedHat Security Advisories: RHSA-2017:2077
https://access.redhat.com/errata/RHSA-2017:2077
RedHat Security Advisories: RHSA-2017:2669
https://access.redhat.com/errata/RHSA-2017:2669
Common Vulnerability Exposure (CVE) ID: CVE-2016-7425
BugTraq ID: 93037
http://www.securityfocus.com/bid/93037
http://marc.info/?l=linux-scsi&m=147394796228991&w=2
http://marc.info/?l=linux-scsi&m=147394713328707&w=2
http://www.openwall.com/lists/oss-security/2016/09/17/2
http://www.ubuntu.com/usn/USN-3144-1
http://www.ubuntu.com/usn/USN-3144-2
http://www.ubuntu.com/usn/USN-3145-1
http://www.ubuntu.com/usn/USN-3145-2
http://www.ubuntu.com/usn/USN-3146-1
http://www.ubuntu.com/usn/USN-3146-2
http://www.ubuntu.com/usn/USN-3147-1
CopyrightCopyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.