Test ID:	1.3.6.1.4.1.25623.1.0.841781
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2177-1)
Summary:	The remote host is missing an update for the 'linux-lts-saucy' package(s) announced via the USN-2177-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-lts-saucy' package(s) announced via the USN-2177-1 advisory. Vulnerability Insight: A flaw was discovered in the Kernel Virtual Machine (KVM) subsystem of the Linux kernel. A guest OS user could exploit this flaw to execute arbitrary code on the host OS. (CVE-2014-0049) Al Viro discovered an error in how CIFS in the Linux kernel handles uncached write operations. An unprivileged local user could exploit this flaw to cause a denial of service (system crash), obtain sensitive information from kernel memory, or possibly gain privileges. (CVE-2014-0069) Jouni Malinen reported a flaw in the handling of fragmentation in the mac8Linux subsystem of the kernel. A remote attacker could exploit this flaw to obtain potential sensitive cleartext information by reading packets. (CVE-2014-8709) Affected Software/OS: 'linux-lts-saucy' package(s) on Ubuntu 12.04. Solution: Please install the updated package(s). CVSS Score: 7.4 CVSS Vector: AV:A/AC:M/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0049 [oss-security] 20140303 CVE-2014-0049 -- Linux kernel: kvm: mmio_fragments out-of-the-bounds access http://www.openwall.com/lists/oss-security/2014/03/03/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a08d3b3b99efd509133946056531cdf8f3a0c09b http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6 https://bugzilla.redhat.com/show_bug.cgi?id=1062368 https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b Common Vulnerability Exposure (CVE) ID: CVE-2014-0069 65588 http://www.securityfocus.com/bid/65588 RHSA-2014:0328 http://rhn.redhat.com/errata/RHSA-2014-0328.html SUSE-SU-2014:0459 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html [linux-cifs] 20140214 [PATCH] cifs: ensure that uncached writes handle unmapped areas correctly http://article.gmane.org/gmane.linux.kernel.cifs/9401 [oss-security] 20140217 CVE-2014-0069 -- kernel: cifs: incorrect handling of bogus user pointers during uncached writes http://www.openwall.com/lists/oss-security/2014/02/17/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d81de8e8667da7135d3a32a964087c0faf5483f https://bugzilla.redhat.com/show_bug.cgi?id=1064253 https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f Common Vulnerability Exposure (CVE) ID: CVE-2014-8709 BugTraq ID: 70965 http://www.securityfocus.com/bid/70965 http://www.openwall.com/lists/oss-security/2014/11/09/1 RedHat Security Advisories: RHSA-2015:0290 http://rhn.redhat.com/errata/RHSA-2015-0290.html RedHat Security Advisories: RHSA-2015:1272 http://rhn.redhat.com/errata/RHSA-2015-1272.html http://www.securitytracker.com/id/1037968 SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html XForce ISS Database: linux-kernel-cve20148709-info-disclsoure(98922) https://exchange.xforce.ibmcloud.com/vulnerabilities/98922
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.