Test ID:	1.3.6.1.4.1.25623.1.0.841674
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2067-1)
Summary:	The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-2067-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-2067-1 advisory. Vulnerability Insight: A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299) Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2013-4470) Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges. (CVE-2013-4511) Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Agere Systems HERMES II Wireless PC Cards. A local user with the CAP_NET_ADMIN capability could exploit this flaw to cause a denial of service or possibly gain administrative privileges. (CVE-2013-4514) Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's driver for Beceem WIMAX chipset based devices. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-4515) A flaw in the handling of memory regions of the kernel virtual machine (KVM) subsystem was discovered. A local user with the ability to assign a device could exploit this flaw to cause a denial of service (memory consumption). (CVE-2013-4592) Catalin Marinas reported a flaw in the get_user and put_user API functions in the Linux kernel on ARM platforms. An unprivileged local user could exploit this flaw to gain administrator privileges. (CVE-2013-6282) Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's debugfs filesystem. An administrative local user could exploit this flaw to cause a denial of service (OOPS). (CVE-2013-6378) A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383) Nico Golde reported a flaw in the Linux kernel's userspace IO (uio) driver. A local user could exploit this flaw to cause a denial of service (memory corruption) or possibly gain privileges. (CVE-2013-6763) Evan Huus reported a buffer overflow in the Linux kernel's radiotap header parsing. A remote attacker could cause a denial of service (buffer over- read) via a specially crafted header. (CVE-2013-7027) An information leak was discovered in the Linux kernel's SIOCWANDEV ioctl call. A local user with the CAP_NET_ADMIN capability could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1444) An information leak was discovered in the wanxl ioctl function the Linux kernel. A local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1445) Affected Software/OS: 'linux-ti-omap4' package(s) on Ubuntu 12.04. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4299 RHSA-2013:1436 http://rhn.redhat.com/errata/RHSA-2013-1436.html RHSA-2013:1449 http://rhn.redhat.com/errata/RHSA-2013-1449.html RHSA-2013:1450 http://rhn.redhat.com/errata/RHSA-2013-1450.html RHSA-2013:1460 http://rhn.redhat.com/errata/RHSA-2013-1460.html RHSA-2013:1490 http://rhn.redhat.com/errata/RHSA-2013-1490.html RHSA-2013:1519 http://rhn.redhat.com/errata/RHSA-2013-1519.html RHSA-2013:1520 http://rhn.redhat.com/errata/RHSA-2013-1520.html RHSA-2013:1783 http://rhn.redhat.com/errata/RHSA-2013-1783.html RHSA-2013:1860 http://rhn.redhat.com/errata/RHSA-2013-1860.html SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html USN-2015-1 http://www.ubuntu.com/usn/USN-2015-1 USN-2016-1 http://www.ubuntu.com/usn/USN-2016-1 USN-2040-1 http://www.ubuntu.com/usn/USN-2040-1 USN-2041-1 http://www.ubuntu.com/usn/USN-2041-1 USN-2042-1 http://www.ubuntu.com/usn/USN-2042-1 USN-2043-1 http://www.ubuntu.com/usn/USN-2043-1 USN-2044-1 http://www.ubuntu.com/usn/USN-2044-1 USN-2045-1 http://www.ubuntu.com/usn/USN-2045-1 USN-2046-1 http://www.ubuntu.com/usn/USN-2046-1 USN-2049-1 http://www.ubuntu.com/usn/USN-2049-1 USN-2050-1 http://www.ubuntu.com/usn/USN-2050-1 USN-2066-1 http://www.ubuntu.com/usn/USN-2066-1 USN-2067-1 http://www.ubuntu.com/usn/USN-2067-1 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9c6a182649f4259db704ae15a91ac820e63b0ca https://bugzilla.redhat.com/show_bug.cgi?id=1004233 https://github.com/torvalds/linux/commit/e9c6a182649f4259db704ae15a91ac820e63b0ca Common Vulnerability Exposure (CVE) ID: CVE-2013-4470 63359 http://www.securityfocus.com/bid/63359 RHSA-2013:1801 http://rhn.redhat.com/errata/RHSA-2013-1801.html RHSA-2014:0100 http://rhn.redhat.com/errata/RHSA-2014-0100.html RHSA-2014:0284 http://rhn.redhat.com/errata/RHSA-2014-0284.html SUSE-SU-2014:0459 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html USN-2069-1 http://www.ubuntu.com/usn/USN-2069-1 USN-2073-1 http://www.ubuntu.com/usn/USN-2073-1 [oss-security] 20131025 Re: CVE request: Linux kernel: net: memory corruption with UDP_CORK and UFO http://www.openwall.com/lists/oss-security/2013/10/25/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e93b7d748be887cd7639b113ba7d7ef792a7efb9 https://bugzilla.redhat.com/show_bug.cgi?id=1023477 https://github.com/torvalds/linux/commit/c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b https://github.com/torvalds/linux/commit/e93b7d748be887cd7639b113ba7d7ef792a7efb9 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2 Common Vulnerability Exposure (CVE) ID: CVE-2013-4511 USN-2036-1 http://www.ubuntu.com/usn/USN-2036-1 USN-2037-1 http://www.ubuntu.com/usn/USN-2037-1 USN-2068-1 http://www.ubuntu.com/usn/USN-2068-1 USN-2070-1 http://www.ubuntu.com/usn/USN-2070-1 USN-2071-1 http://www.ubuntu.com/usn/USN-2071-1 USN-2072-1 http://www.ubuntu.com/usn/USN-2072-1 USN-2074-1 http://www.ubuntu.com/usn/USN-2074-1 USN-2075-1 http://www.ubuntu.com/usn/USN-2075-1 USN-2076-1 http://www.ubuntu.com/usn/USN-2076-1 [oss-security] 20131104 Re: some unstracked linux kernel security fixes http://www.openwall.com/lists/oss-security/2013/11/04/22 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7314e613d5ff9f0934f7a0f74ed7973b903315d1 https://github.com/torvalds/linux/commit/7314e613d5ff9f0934f7a0f74ed7973b903315d1 openSUSE-SU-2014:0204 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html openSUSE-SU-2014:0205 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html openSUSE-SU-2014:0247 http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4514 63509 http://www.securityfocus.com/bid/63509 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b5e2f339865fb443107e5b10603e53bbc92dc054 https://github.com/torvalds/linux/commit/b5e2f339865fb443107e5b10603e53bbc92dc054 Common Vulnerability Exposure (CVE) ID: CVE-2013-4515 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d1e72250c847fa96498ec029891de4dc638a5ba https://github.com/torvalds/linux/commit/8d1e72250c847fa96498ec029891de4dc638a5ba Common Vulnerability Exposure (CVE) ID: CVE-2013-4592 RHSA-2013:1645 http://rhn.redhat.com/errata/RHSA-2013-1645.html USN-2111-1 http://www.ubuntu.com/usn/USN-2111-1 USN-2112-1 http://www.ubuntu.com/usn/USN-2112-1 USN-2114-1 http://www.ubuntu.com/usn/USN-2114-1 USN-2115-1 http://www.ubuntu.com/usn/USN-2115-1 USN-2116-1 http://www.ubuntu.com/usn/USN-2116-1 [oss-security] 20131118 CVE-2013-4592 -- Linux kernel: kvm: memory leak when memory slot is moved with assigned device http://www.openwall.com/lists/oss-security/2013/11/18/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=12d6e7538e2d418c08f082b1b44ffa5fb7270ed8 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e40f193f5bb022e927a57a4f5d5194e4f12ddb74 https://bugzilla.redhat.com/show_bug.cgi?id=1031702 https://github.com/torvalds/linux/commit/12d6e7538e2d418c08f082b1b44ffa5fb7270ed8 https://github.com/torvalds/linux/commit/e40f193f5bb022e927a57a4f5d5194e4f12ddb74 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.9.bz2 Common Vulnerability Exposure (CVE) ID: CVE-2013-6282 BugTraq ID: 63734 http://www.securityfocus.com/bid/63734 https://www.exploit-db.com/exploits/40975/ http://www.openwall.com/lists/oss-security/2013/11/14/11 Common Vulnerability Exposure (CVE) ID: CVE-2013-6378 59262 http://secunia.com/advisories/59262 59309 http://secunia.com/advisories/59309 59406 http://secunia.com/advisories/59406 63886 http://www.securityfocus.com/bid/63886 USN-2064-1 http://www.ubuntu.com/usn/USN-2064-1 USN-2065-1 http://www.ubuntu.com/usn/USN-2065-1 [oss-security] 20131122 Linux kernel CVE fixes http://www.openwall.com/lists/oss-security/2013/11/22/5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a497e47d4aec37aaf8f13509f3ef3d1f6a717d88 http://linux.oracle.com/errata/ELSA-2014-0771.html http://linux.oracle.com/errata/ELSA-2014-3043.html https://bugzilla.redhat.com/show_bug.cgi?id=1033578 https://github.com/torvalds/linux/commit/a497e47d4aec37aaf8f13509f3ef3d1f6a717d88 Common Vulnerability Exposure (CVE) ID: CVE-2013-6383 RHSA-2014:0285 http://rhn.redhat.com/errata/RHSA-2014-0285.html USN-2107-1 http://www.ubuntu.com/usn/USN-2107-1 USN-2108-1 http://www.ubuntu.com/usn/USN-2108-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f856567b930dfcdbc3323261bf77240ccdde01f5 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.8 https://bugzilla.redhat.com/show_bug.cgi?id=1033530 https://github.com/torvalds/linux/commit/f856567b930dfcdbc3323261bf77240ccdde01f5 Common Vulnerability Exposure (CVE) ID: CVE-2013-6763 Common Vulnerability Exposure (CVE) ID: CVE-2013-7027 BugTraq ID: 64013 http://www.securityfocus.com/bid/64013 http://www.securitytracker.com/id/1029413 http://secunia.com/advisories/55606 SuSE Security Announcement: openSUSE-SU-2014:0204 (Google Search) SuSE Security Announcement: openSUSE-SU-2014:0247 (Google Search) http://www.ubuntu.com/usn/USN-2128-1 http://www.ubuntu.com/usn/USN-2129-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-1444 BugTraq ID: 64952 http://www.securityfocus.com/bid/64952 http://www.openwall.com/lists/oss-security/2014/01/15/3 XForce ISS Database: linux-kernel-cve20141444-info-disc(90443) https://exchange.xforce.ibmcloud.com/vulnerabilities/90443 Common Vulnerability Exposure (CVE) ID: CVE-2014-1445 BugTraq ID: 64953 http://www.securityfocus.com/bid/64953 XForce ISS Database: linux-kernel-cve20141445-info-disc(90444) https://exchange.xforce.ibmcloud.com/vulnerabilities/90444
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.