Test ID:	1.3.6.1.4.1.25623.1.0.841672
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2074-1)
Summary:	The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-2074-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-2074-1 advisory. Vulnerability Insight: Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. (CVE-2013-2930) Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. (CVE-2013-4345) Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges. (CVE-2013-4511) Nico Golde and Fabian Yamaguchi reported a buffer overflow in the Ozmo Devices USB over WiFi devices. A local user could exploit this flaw to cause a denial of service or possibly unspecified impact. (CVE-2013-4513) Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Agere Systems HERMES II Wireless PC Cards. A local user with the CAP_NET_ADMIN capability could exploit this flaw to cause a denial of service or possibly gain administrative privileges. (CVE-2013-4514) Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Beceem WIMAX chipset based devices. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-4515) A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383) Nico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. A local user could exploit this flaw to cause a denial of service (memory corruption) or possibly gain privileges. (CVE-2013-6763) Evan Huus reported a buffer overflow in the Linux kernel's radiotap header parsing. A remote attacker could cause a denial of service (buffer over- read) via a specially crafted header. (CVE-2013-7027) Affected Software/OS: 'linux-ti-omap4' package(s) on Ubuntu 13.04. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2930 RedHat Security Advisories: RHSA-2014:0100 http://rhn.redhat.com/errata/RHSA-2014-0100.html http://www.ubuntu.com/usn/USN-2068-1 http://www.ubuntu.com/usn/USN-2070-1 http://www.ubuntu.com/usn/USN-2071-1 http://www.ubuntu.com/usn/USN-2072-1 http://www.ubuntu.com/usn/USN-2074-1 http://www.ubuntu.com/usn/USN-2075-1 http://www.ubuntu.com/usn/USN-2076-1 http://www.ubuntu.com/usn/USN-2112-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-4345 62740 http://www.securityfocus.com/bid/62740 RHSA-2013:1449 http://rhn.redhat.com/errata/RHSA-2013-1449.html RHSA-2013:1490 http://rhn.redhat.com/errata/RHSA-2013-1490.html RHSA-2013:1645 http://rhn.redhat.com/errata/RHSA-2013-1645.html USN-2064-1 http://www.ubuntu.com/usn/USN-2064-1 USN-2065-1 http://www.ubuntu.com/usn/USN-2065-1 USN-2068-1 USN-2070-1 USN-2071-1 USN-2072-1 USN-2074-1 USN-2075-1 USN-2076-1 USN-2109-1 http://www.ubuntu.com/usn/USN-2109-1 USN-2110-1 http://www.ubuntu.com/usn/USN-2110-1 USN-2158-1 http://www.ubuntu.com/usn/USN-2158-1 [linux-crypto] 20130917 [PATCH] ansi_cprng: Fix off by one error in non-block size request http://marc.info/?l=linux-crypto-vger&m=137942122902845&w=2 https://bugzilla.redhat.com/show_bug.cgi?id=1007690 Common Vulnerability Exposure (CVE) ID: CVE-2013-4511 USN-2036-1 http://www.ubuntu.com/usn/USN-2036-1 USN-2037-1 http://www.ubuntu.com/usn/USN-2037-1 USN-2066-1 http://www.ubuntu.com/usn/USN-2066-1 USN-2067-1 http://www.ubuntu.com/usn/USN-2067-1 USN-2069-1 http://www.ubuntu.com/usn/USN-2069-1 USN-2073-1 http://www.ubuntu.com/usn/USN-2073-1 [oss-security] 20131104 Re: some unstracked linux kernel security fixes http://www.openwall.com/lists/oss-security/2013/11/04/22 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7314e613d5ff9f0934f7a0f74ed7973b903315d1 https://github.com/torvalds/linux/commit/7314e613d5ff9f0934f7a0f74ed7973b903315d1 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2 openSUSE-SU-2014:0204 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html openSUSE-SU-2014:0205 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html openSUSE-SU-2014:0247 http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4513 63508 http://www.securityfocus.com/bid/63508 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c2c65cd2e14ada6de44cb527e7f1990bede24e15 https://github.com/torvalds/linux/commit/c2c65cd2e14ada6de44cb527e7f1990bede24e15 Common Vulnerability Exposure (CVE) ID: CVE-2013-4514 63509 http://www.securityfocus.com/bid/63509 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b5e2f339865fb443107e5b10603e53bbc92dc054 https://github.com/torvalds/linux/commit/b5e2f339865fb443107e5b10603e53bbc92dc054 Common Vulnerability Exposure (CVE) ID: CVE-2013-4515 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d1e72250c847fa96498ec029891de4dc638a5ba https://github.com/torvalds/linux/commit/8d1e72250c847fa96498ec029891de4dc638a5ba Common Vulnerability Exposure (CVE) ID: CVE-2013-6383 RHSA-2014:0100 RHSA-2014:0285 http://rhn.redhat.com/errata/RHSA-2014-0285.html USN-2107-1 http://www.ubuntu.com/usn/USN-2107-1 USN-2108-1 http://www.ubuntu.com/usn/USN-2108-1 [oss-security] 20131122 Linux kernel CVE fixes http://www.openwall.com/lists/oss-security/2013/11/22/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f856567b930dfcdbc3323261bf77240ccdde01f5 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.8 https://bugzilla.redhat.com/show_bug.cgi?id=1033530 https://github.com/torvalds/linux/commit/f856567b930dfcdbc3323261bf77240ccdde01f5 Common Vulnerability Exposure (CVE) ID: CVE-2013-6763 Common Vulnerability Exposure (CVE) ID: CVE-2013-7027 BugTraq ID: 64013 http://www.securityfocus.com/bid/64013 http://www.securitytracker.com/id/1029413 http://secunia.com/advisories/55606 SuSE Security Announcement: openSUSE-SU-2014:0204 (Google Search) SuSE Security Announcement: openSUSE-SU-2014:0247 (Google Search) http://www.ubuntu.com/usn/USN-2128-1 http://www.ubuntu.com/usn/USN-2129-1
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.