Test ID:	1.3.6.1.4.1.25623.1.0.841670
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2075-1)
Summary:	The remote host is missing an update for the 'linux' package(s) announced via the USN-2075-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux' package(s) announced via the USN-2075-1 advisory. Vulnerability Insight: Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2929) Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. (CVE-2013-2930) Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. (CVE-2013-4345) Jason Wang discovered a bug in the network flow dissector in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (infinite loop). (CVE-2013-4348) Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges. (CVE-2013-4511) Nico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo Devices USB over WiFi devices. A local user could exploit this flaw to cause a denial of service or possibly unspecified impact. (CVE-2013-4513) Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Agere Systems HERMES II Wireless PC Cards. A local user with the CAP_NET_ADMIN capability could exploit this flaw to cause a denial of service or possibly gain administrative privileges. (CVE-2013-4514) Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Beceem WIMAX chipset based devices. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-4515) Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for the SystemBase Multi-2/PCI serial card. An unprivileged user could obtain sensitive information from kernel memory. (CVE-2013-4516) Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's debugfs filesystem. An administrative local user could exploit this flaw to cause a denial of service (OOPS). (CVE-2013-6378) Nico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec AACRAID scsi raid devices in the Linux kernel. A local user could use this flaw to cause a denial of service or possibly other unspecified impact. (CVE-2013-6380) A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383) Nico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. A local user could exploit this flaw to cause a denial of service (memory corruption) or possibly gain privileges. (CVE-2013-6763) A race condition flaw ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'linux' package(s) on Ubuntu 13.10. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2929 BugTraq ID: 64111 http://www.securityfocus.com/bid/64111 RedHat Security Advisories: RHSA-2014:0100 http://rhn.redhat.com/errata/RHSA-2014-0100.html RedHat Security Advisories: RHSA-2014:0159 http://rhn.redhat.com/errata/RHSA-2014-0159.html RedHat Security Advisories: RHSA-2014:0285 http://rhn.redhat.com/errata/RHSA-2014-0285.html RedHat Security Advisories: RHSA-2018:1252 https://access.redhat.com/errata/RHSA-2018:1252 SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://www.ubuntu.com/usn/USN-2070-1 http://www.ubuntu.com/usn/USN-2075-1 http://www.ubuntu.com/usn/USN-2109-1 http://www.ubuntu.com/usn/USN-2110-1 http://www.ubuntu.com/usn/USN-2111-1 http://www.ubuntu.com/usn/USN-2112-1 http://www.ubuntu.com/usn/USN-2114-1 http://www.ubuntu.com/usn/USN-2115-1 http://www.ubuntu.com/usn/USN-2116-1 http://www.ubuntu.com/usn/USN-2128-1 http://www.ubuntu.com/usn/USN-2129-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-2930 http://www.ubuntu.com/usn/USN-2068-1 http://www.ubuntu.com/usn/USN-2071-1 http://www.ubuntu.com/usn/USN-2072-1 http://www.ubuntu.com/usn/USN-2074-1 http://www.ubuntu.com/usn/USN-2076-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-4345 62740 http://www.securityfocus.com/bid/62740 RHSA-2013:1449 http://rhn.redhat.com/errata/RHSA-2013-1449.html RHSA-2013:1490 http://rhn.redhat.com/errata/RHSA-2013-1490.html RHSA-2013:1645 http://rhn.redhat.com/errata/RHSA-2013-1645.html USN-2064-1 http://www.ubuntu.com/usn/USN-2064-1 USN-2065-1 http://www.ubuntu.com/usn/USN-2065-1 USN-2068-1 USN-2070-1 USN-2071-1 USN-2072-1 USN-2074-1 USN-2075-1 USN-2076-1 USN-2109-1 USN-2110-1 USN-2158-1 http://www.ubuntu.com/usn/USN-2158-1 [linux-crypto] 20130917 [PATCH] ansi_cprng: Fix off by one error in non-block size request http://marc.info/?l=linux-crypto-vger&m=137942122902845&w=2 https://bugzilla.redhat.com/show_bug.cgi?id=1007690 Common Vulnerability Exposure (CVE) ID: CVE-2013-4348 https://bugzilla.redhat.com/show_bug.cgi?id=1007939 https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=6f092343855a71e03b8d209815d8c45bf3a27fcd openSUSE-SU-2014:0204 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4511 USN-2036-1 http://www.ubuntu.com/usn/USN-2036-1 USN-2037-1 http://www.ubuntu.com/usn/USN-2037-1 USN-2066-1 http://www.ubuntu.com/usn/USN-2066-1 USN-2067-1 http://www.ubuntu.com/usn/USN-2067-1 USN-2069-1 http://www.ubuntu.com/usn/USN-2069-1 USN-2073-1 http://www.ubuntu.com/usn/USN-2073-1 [oss-security] 20131104 Re: some unstracked linux kernel security fixes http://www.openwall.com/lists/oss-security/2013/11/04/22 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7314e613d5ff9f0934f7a0f74ed7973b903315d1 https://github.com/torvalds/linux/commit/7314e613d5ff9f0934f7a0f74ed7973b903315d1 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2 openSUSE-SU-2014:0205 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html openSUSE-SU-2014:0247 http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4513 63508 http://www.securityfocus.com/bid/63508 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c2c65cd2e14ada6de44cb527e7f1990bede24e15 https://github.com/torvalds/linux/commit/c2c65cd2e14ada6de44cb527e7f1990bede24e15 Common Vulnerability Exposure (CVE) ID: CVE-2013-4514 63509 http://www.securityfocus.com/bid/63509 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b5e2f339865fb443107e5b10603e53bbc92dc054 https://github.com/torvalds/linux/commit/b5e2f339865fb443107e5b10603e53bbc92dc054 Common Vulnerability Exposure (CVE) ID: CVE-2013-4515 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d1e72250c847fa96498ec029891de4dc638a5ba https://github.com/torvalds/linux/commit/8d1e72250c847fa96498ec029891de4dc638a5ba Common Vulnerability Exposure (CVE) ID: CVE-2013-4516 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b33654b1e3b0c74d4a1fed041c9aae50b3c427 https://github.com/torvalds/linux/commit/a8b33654b1e3b0c74d4a1fed041c9aae50b3c427 Common Vulnerability Exposure (CVE) ID: CVE-2013-6378 59262 http://secunia.com/advisories/59262 59309 http://secunia.com/advisories/59309 59406 http://secunia.com/advisories/59406 63886 http://www.securityfocus.com/bid/63886 RHSA-2014:0100 USN-2111-1 USN-2112-1 USN-2114-1 USN-2115-1 USN-2116-1 [oss-security] 20131122 Linux kernel CVE fixes http://www.openwall.com/lists/oss-security/2013/11/22/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a497e47d4aec37aaf8f13509f3ef3d1f6a717d88 http://linux.oracle.com/errata/ELSA-2014-0771.html http://linux.oracle.com/errata/ELSA-2014-3043.html https://bugzilla.redhat.com/show_bug.cgi?id=1033578 https://github.com/torvalds/linux/commit/a497e47d4aec37aaf8f13509f3ef3d1f6a717d88 Common Vulnerability Exposure (CVE) ID: CVE-2013-6380 USN-2128-1 USN-2129-1 USN-2136-1 http://www.ubuntu.com/usn/USN-2136-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4789b8e6be3151a955ade74872822f30e8cd914 https://bugzilla.redhat.com/show_bug.cgi?id=1033593 https://github.com/torvalds/linux/commit/b4789b8e6be3151a955ade74872822f30e8cd914 Common Vulnerability Exposure (CVE) ID: CVE-2013-6383 RHSA-2014:0285 USN-2107-1 http://www.ubuntu.com/usn/USN-2107-1 USN-2108-1 http://www.ubuntu.com/usn/USN-2108-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f856567b930dfcdbc3323261bf77240ccdde01f5 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.8 https://bugzilla.redhat.com/show_bug.cgi?id=1033530 https://github.com/torvalds/linux/commit/f856567b930dfcdbc3323261bf77240ccdde01f5 Common Vulnerability Exposure (CVE) ID: CVE-2013-6763 Common Vulnerability Exposure (CVE) ID: CVE-2013-7026
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.