Test ID:	1.3.6.1.4.1.25623.1.0.840828
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-1286-1)
Summary:	The remote host is missing an update for the 'linux' package(s) announced via the USN-1286-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux' package(s) announced via the USN-1286-1 advisory. Vulnerability Insight: Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. (CVE-2011-2491) Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2496) It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. (CVE-2011-2517) Ben Pfaff discovered that Classless Queuing Disciplines (qdiscs) were being incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2525) Affected Software/OS: 'linux' package(s) on Ubuntu 10.04. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2491 RHSA-2011:1212 http://rhn.redhat.com/errata/RHSA-2011-1212.html [oss-security] 20110623 Re: CVE request: kernel: NLM: Don't hang forever on NLM unlock requests http://www.openwall.com/lists/oss-security/2011/06/23/6 http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0b760113a3a155269a3fba93a409c640031dd68f https://bugzilla.redhat.com/show_bug.cgi?id=709393 https://github.com/torvalds/linux/commit/0b760113a3a155269a3fba93a409c640031dd68f Common Vulnerability Exposure (CVE) ID: CVE-2011-2496 [oss-security] 20110627 Re: CVE request: kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions http://www.openwall.com/lists/oss-security/2011/06/27/2 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=982134ba62618c2d69fbbbd166d0a11ee3b7e3d8 https://bugzilla.redhat.com/show_bug.cgi?id=716538 https://github.com/torvalds/linux/commit/982134ba62618c2d69fbbbd166d0a11ee3b7e3d8 Common Vulnerability Exposure (CVE) ID: CVE-2011-2517 [oss-security] 20110701 Re: CVE request: kernel: nl80211: missing check for valid SSID size in scan operations http://www.openwall.com/lists/oss-security/2011/07/01/4 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=208c72f4fe44fe09577e7975ba0e7fa0278f3d03 https://bugzilla.redhat.com/show_bug.cgi?id=718152 https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03 Common Vulnerability Exposure (CVE) ID: CVE-2011-2525 RHSA-2011:1065 http://rhn.redhat.com/errata/RHSA-2011-1065.html RHSA-2011:1163 http://rhn.redhat.com/errata/RHSA-2011-1163.html [netdev] 20100521 tc: RTM_GETQDISC causes kernel OOPS http://kerneltrap.org/mailarchive/linux-netdev/2010/5/21/6277805 [oss-security] 20110712 CVE-2011-2525 kernel: kernel: net_sched: fix qdisc_notify() http://openwall.com/lists/oss-security/2011/07/12/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=53b0f08042f04813cd1a7473dacd3edfacb28eb3 http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.35 https://bugzilla.redhat.com/show_bug.cgi?id=720552
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.