Test ID:	1.3.6.1.4.1.25623.1.0.841644
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2040-1)
Summary:	The remote host is missing an update for the 'linux-lts-quantal' package(s) announced via the USN-2040-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-lts-quantal' package(s) announced via the USN-2040-1 advisory. Vulnerability Insight: A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299) Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2013-4470) An information leak was discovered in the Linux kernel's SIOCWANDEV ioctl call. A local user with the CAP_NET_ADMIN capability could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1444) An information leak was discovered in the wanxl ioctl function the Linux kernel. A local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1445) Affected Software/OS: 'linux-lts-quantal' package(s) on Ubuntu 12.04. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4299 RHSA-2013:1436 http://rhn.redhat.com/errata/RHSA-2013-1436.html RHSA-2013:1449 http://rhn.redhat.com/errata/RHSA-2013-1449.html RHSA-2013:1450 http://rhn.redhat.com/errata/RHSA-2013-1450.html RHSA-2013:1460 http://rhn.redhat.com/errata/RHSA-2013-1460.html RHSA-2013:1490 http://rhn.redhat.com/errata/RHSA-2013-1490.html RHSA-2013:1519 http://rhn.redhat.com/errata/RHSA-2013-1519.html RHSA-2013:1520 http://rhn.redhat.com/errata/RHSA-2013-1520.html RHSA-2013:1783 http://rhn.redhat.com/errata/RHSA-2013-1783.html RHSA-2013:1860 http://rhn.redhat.com/errata/RHSA-2013-1860.html SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html USN-2015-1 http://www.ubuntu.com/usn/USN-2015-1 USN-2016-1 http://www.ubuntu.com/usn/USN-2016-1 USN-2040-1 http://www.ubuntu.com/usn/USN-2040-1 USN-2041-1 http://www.ubuntu.com/usn/USN-2041-1 USN-2042-1 http://www.ubuntu.com/usn/USN-2042-1 USN-2043-1 http://www.ubuntu.com/usn/USN-2043-1 USN-2044-1 http://www.ubuntu.com/usn/USN-2044-1 USN-2045-1 http://www.ubuntu.com/usn/USN-2045-1 USN-2046-1 http://www.ubuntu.com/usn/USN-2046-1 USN-2049-1 http://www.ubuntu.com/usn/USN-2049-1 USN-2050-1 http://www.ubuntu.com/usn/USN-2050-1 USN-2066-1 http://www.ubuntu.com/usn/USN-2066-1 USN-2067-1 http://www.ubuntu.com/usn/USN-2067-1 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9c6a182649f4259db704ae15a91ac820e63b0ca https://bugzilla.redhat.com/show_bug.cgi?id=1004233 https://github.com/torvalds/linux/commit/e9c6a182649f4259db704ae15a91ac820e63b0ca Common Vulnerability Exposure (CVE) ID: CVE-2013-4470 63359 http://www.securityfocus.com/bid/63359 RHSA-2013:1801 http://rhn.redhat.com/errata/RHSA-2013-1801.html RHSA-2014:0100 http://rhn.redhat.com/errata/RHSA-2014-0100.html RHSA-2014:0284 http://rhn.redhat.com/errata/RHSA-2014-0284.html SUSE-SU-2014:0459 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html USN-2069-1 http://www.ubuntu.com/usn/USN-2069-1 USN-2073-1 http://www.ubuntu.com/usn/USN-2073-1 [oss-security] 20131025 Re: CVE request: Linux kernel: net: memory corruption with UDP_CORK and UFO http://www.openwall.com/lists/oss-security/2013/10/25/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e93b7d748be887cd7639b113ba7d7ef792a7efb9 https://bugzilla.redhat.com/show_bug.cgi?id=1023477 https://github.com/torvalds/linux/commit/c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b https://github.com/torvalds/linux/commit/e93b7d748be887cd7639b113ba7d7ef792a7efb9 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2 Common Vulnerability Exposure (CVE) ID: CVE-2014-1444 BugTraq ID: 64952 http://www.securityfocus.com/bid/64952 http://www.openwall.com/lists/oss-security/2014/01/15/3 http://www.ubuntu.com/usn/USN-2128-1 http://www.ubuntu.com/usn/USN-2129-1 XForce ISS Database: linux-kernel-cve20141444-info-disc(90443) https://exchange.xforce.ibmcloud.com/vulnerabilities/90443 Common Vulnerability Exposure (CVE) ID: CVE-2014-1445 BugTraq ID: 64953 http://www.securityfocus.com/bid/64953 XForce ISS Database: linux-kernel-cve20141445-info-disc(90444) https://exchange.xforce.ibmcloud.com/vulnerabilities/90444
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.