Test ID:	1.3.6.1.4.1.25623.1.0.841645
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2041-1)
Summary:	The remote host is missing an update for the 'linux-lts-raring' package(s) announced via the USN-2041-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-lts-raring' package(s) announced via the USN-2041-1 advisory. Vulnerability Insight: A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299) Alan Chester reported a flaw in the IPv6 Stream Control Transmission Protocol (SCTP) of the Linux kernel. A remote attacker could exploit this flaw to obtain sensitive information by sniffing network traffic. (CVE-2013-4350) Dmitry Vyukov reported a flaw in the Linux kernel's handling of IPv6 UDP Fragmentation Offload (UFO) processing. A remote attacker could leverage this flaw to cause a denial of service (system crash). (CVE-2013-4387) A flaw was discovered in the Linux kernel's fib6 error-code encoding for IPv6. A local user with the CAT_NET_ADMIN capability could exploit this flaw to cause a denial of service (system crash). (CVE-2013-6431) Affected Software/OS: 'linux-lts-raring' package(s) on Ubuntu 12.04. Solution: Please install the updated package(s). CVSS Score: 6.1 CVSS Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4299 RHSA-2013:1436 http://rhn.redhat.com/errata/RHSA-2013-1436.html RHSA-2013:1449 http://rhn.redhat.com/errata/RHSA-2013-1449.html RHSA-2013:1450 http://rhn.redhat.com/errata/RHSA-2013-1450.html RHSA-2013:1460 http://rhn.redhat.com/errata/RHSA-2013-1460.html RHSA-2013:1490 http://rhn.redhat.com/errata/RHSA-2013-1490.html RHSA-2013:1519 http://rhn.redhat.com/errata/RHSA-2013-1519.html RHSA-2013:1520 http://rhn.redhat.com/errata/RHSA-2013-1520.html RHSA-2013:1783 http://rhn.redhat.com/errata/RHSA-2013-1783.html RHSA-2013:1860 http://rhn.redhat.com/errata/RHSA-2013-1860.html SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html USN-2015-1 http://www.ubuntu.com/usn/USN-2015-1 USN-2016-1 http://www.ubuntu.com/usn/USN-2016-1 USN-2040-1 http://www.ubuntu.com/usn/USN-2040-1 USN-2041-1 http://www.ubuntu.com/usn/USN-2041-1 USN-2042-1 http://www.ubuntu.com/usn/USN-2042-1 USN-2043-1 http://www.ubuntu.com/usn/USN-2043-1 USN-2044-1 http://www.ubuntu.com/usn/USN-2044-1 USN-2045-1 http://www.ubuntu.com/usn/USN-2045-1 USN-2046-1 http://www.ubuntu.com/usn/USN-2046-1 USN-2049-1 http://www.ubuntu.com/usn/USN-2049-1 USN-2050-1 http://www.ubuntu.com/usn/USN-2050-1 USN-2066-1 http://www.ubuntu.com/usn/USN-2066-1 USN-2067-1 http://www.ubuntu.com/usn/USN-2067-1 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9c6a182649f4259db704ae15a91ac820e63b0ca https://bugzilla.redhat.com/show_bug.cgi?id=1004233 https://github.com/torvalds/linux/commit/e9c6a182649f4259db704ae15a91ac820e63b0ca Common Vulnerability Exposure (CVE) ID: CVE-2013-4350 USN-2019-1 http://www.ubuntu.com/usn/USN-2019-1 USN-2021-1 http://www.ubuntu.com/usn/USN-2021-1 USN-2022-1 http://www.ubuntu.com/usn/USN-2022-1 USN-2024-1 http://www.ubuntu.com/usn/USN-2024-1 USN-2038-1 http://www.ubuntu.com/usn/USN-2038-1 USN-2039-1 http://www.ubuntu.com/usn/USN-2039-1 [oss-security] 20130913 Re: CVE request -- Linux kernel: net: sctp: ipv6 ipsec encryption bug in sctp_v6_xmit http://www.openwall.com/lists/oss-security/2013/09/13/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=95ee62083cb6453e056562d91f597552021e6ae7 https://bugzilla.redhat.com/show_bug.cgi?id=1007872 https://github.com/torvalds/linux/commit/95ee62083cb6453e056562d91f597552021e6ae7 Common Vulnerability Exposure (CVE) ID: CVE-2013-4387 RHSA-2013:1645 http://rhn.redhat.com/errata/RHSA-2013-1645.html RHSA-2014:0284 http://rhn.redhat.com/errata/RHSA-2014-0284.html [oss-security] 20130928 Re: linux kernel memory corruption with ipv6 udp offloading http://www.openwall.com/lists/oss-security/2013/09/29/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2811ebac2521ceac84f2bdae402455baa6a7fb47 https://bugzilla.redhat.com/show_bug.cgi?id=1011927 https://github.com/torvalds/linux/commit/2811ebac2521ceac84f2bdae402455baa6a7fb47 Common Vulnerability Exposure (CVE) ID: CVE-2013-6431 RHSA-2014:0100 http://rhn.redhat.com/errata/RHSA-2014-0100.html [oss-security] 20131206 Re: CVE request: Linux kernel: net: fib: fib6_add: potential NULL pointer dereference http://www.openwall.com/lists/oss-security/2013/12/06/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ae7b4e1f213aa659aedf9c6ecad0bf5f0476e1e2 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.5 https://bugzilla.redhat.com/show_bug.cgi?id=1039054 https://github.com/torvalds/linux/commit/ae7b4e1f213aa659aedf9c6ecad0bf5f0476e1e2 openSUSE-SU-2014:0204 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.