 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.841482 |
| Category: | Ubuntu Local Security Checks |
| Title: | Ubuntu: Security Advisory (USN-1879-1) |
| Summary: | The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-1879-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-1879-1 advisory. Vulnerability Insight: Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges. (CVE-2013-2850) An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. (CVE-2013-0160) A flaw was discovered in the Linux kernel's perf events subsystem for Intel Sandy Bridge and Ivy Bridge processors. A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-2146) An information leak was discovered in the Linux kernel's crypto API. A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. (CVE-2013-3076) An information leak was discovered in the Linux kernel's rcvmsg path for ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. (CVE-2013-3222) An information leak was discovered in the Linux kernel's recvmsg path for ax25 address family. A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. (CVE-2013-3223) An information leak was discovered in the Linux kernel's recvmsg path for the bluetooth address family. A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. (CVE-2013-3224) An information leak was discovered in the Linux kernel's bluetooth rfcomm protocol support. A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. (CVE-2013-3225) An information leak was discovered in the Linux kernel's CAIF protocol implementation. A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. (CVE-2013-3227) An information leak was discovered in the Linux kernel's IRDA (infrared) support subsystem. A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. (CVE-2013-3228) An information leak was discovered in the Linux kernel's s390 - z/VM support. A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. (CVE-2013-3229) An information leak was discovered in the Linux kernel's llc (Logical Link Layer 2) support. A local user could exploit this flaw to examine potentially sensitive information from the kernel's stack memory. (CVE-2013-3231) An information leak was discovered in the Linux kernel's receive message handling for the netrom address family. A local user could exploit this flaw to obtain sensitive information from the kernel's stack ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'linux-ti-omap4' package(s) on Ubuntu 12.04. Solution: Please install the updated package(s). CVSS Score: 7.9 CVSS Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-0160 SUSE-SU-2013:0674 http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html SUSE-SU-2013:1182 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html USN-2128-1 http://www.ubuntu.com/usn/USN-2128-1 USN-2129-1 http://www.ubuntu.com/usn/USN-2129-1 [oss-security] 20130107 Re: /dev/ptmx timing http://www.openwall.com/lists/oss-security/2013/01/08/3 https://bugzilla.redhat.com/show_bug.cgi?id=892983 openSUSE-SU-2013:0395 http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html openSUSE-SU-2013:0925 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html openSUSE-SU-2013:1187 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2013-2146 MDVSA-2013:176 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 RHSA-2013:1173 http://rhn.redhat.com/errata/RHSA-2013-1173.html [oss-security] 20130605 Re: CVE Request: More perf security fixes http://www.openwall.com/lists/oss-security/2013/06/05/23 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f1923820c447e986a9da0fc6bf60c1dccdf0408e http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9 https://bugzilla.redhat.com/show_bug.cgi?id=971309 https://github.com/torvalds/linux/commit/f1923820c447e986a9da0fc6bf60c1dccdf0408e Common Vulnerability Exposure (CVE) ID: CVE-2013-2850 http://www.openwall.com/lists/oss-security/2013/06/01/2 SuSE Security Announcement: SUSE-SU-2013:0845 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00017.html SuSE Security Announcement: openSUSE-SU-2013:1005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00011.html SuSE Security Announcement: openSUSE-SU-2013:1042 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html SuSE Security Announcement: openSUSE-SU-2013:1043 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00018.html http://www.ubuntu.com/usn/USN-1844-1 http://www.ubuntu.com/usn/USN-1845-1 http://www.ubuntu.com/usn/USN-1846-1 http://www.ubuntu.com/usn/USN-1847-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-3076 http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103750.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104480.html http://www.openwall.com/lists/oss-security/2013/04/14/3 SuSE Security Announcement: SUSE-SU-2013:1182 (Google Search) SuSE Security Announcement: openSUSE-SU-2013:1187 (Google Search) http://www.ubuntu.com/usn/USN-1837-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-3222 https://lkml.org/lkml/2013/4/14/107 RedHat Security Advisories: RHSA-2013:1051 http://rhn.redhat.com/errata/RHSA-2013-1051.html SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html Common Vulnerability Exposure (CVE) ID: CVE-2013-3223 Common Vulnerability Exposure (CVE) ID: CVE-2013-3224 Common Vulnerability Exposure (CVE) ID: CVE-2013-3225 Common Vulnerability Exposure (CVE) ID: CVE-2013-3227 Common Vulnerability Exposure (CVE) ID: CVE-2013-3228 Common Vulnerability Exposure (CVE) ID: CVE-2013-3229 Common Vulnerability Exposure (CVE) ID: CVE-2013-3231 RedHat Security Advisories: RHSA-2013:1645 http://rhn.redhat.com/errata/RHSA-2013-1645.html Common Vulnerability Exposure (CVE) ID: CVE-2013-3232 Common Vulnerability Exposure (CVE) ID: CVE-2013-3234 Common Vulnerability Exposure (CVE) ID: CVE-2013-3235 |
| Copyright | Copyright (C) 2013 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |