English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.842108
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-2515-1)
Summary:The remote host is missing an update for the 'linux-lts-trusty' package(s) announced via the USN-2515-1 advisory.
Description:Summary:
The remote host is missing an update for the 'linux-lts-trusty' package(s) announced via the USN-2515-1 advisory.

Vulnerability Insight:
A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of
the SYSTENTER instruction when the guest OS does not initialize the
SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of
service of the guest OS (crash) or potentially gain privileges on the guest
OS. (CVE-2015-0239)

Andy Lutomirski discovered an information leak in the Linux kernel's Thread
Local Storage (TLS) implementation allowing users to bypass the espfix to
obtain information that could be used to bypass the Address Space Layout
Randomization (ASLR) protection mechanism. A local user could exploit this
flaw to obtain potentially sensitive information from kernel memory.
(CVE-2014-8133)

A restriction bypass was discovered in iptables when conntrack rules are
specified and the conntrack protocol handler module is not loaded into the
Linux kernel. This flaw can cause the firewall rules on the system to be
bypassed when conntrack rules are used. (CVE-2014-8160)

A flaw was discovered with file renaming in the linux kernel. A local user
could exploit this flaw to cause a denial of service (deadlock and system
hang). (CVE-2014-8559)

A flaw was discovered in how supplemental group memberships are handled in
certain namespace scenarios. A local user could exploit this flaw to bypass
file permission restrictions. (CVE-2014-8989)

A flaw was discovered in how Thread Local Storage (TLS) is handled by the
task switching function in the Linux kernel for x86_64 based machines. A
local user could exploit this flaw to bypass the Address Space Layout
Radomization (ASLR) protection mechanism. (CVE-2014-9419)

Prasad J Pandit reported a flaw in the rock_continue function of the Linux
kernel's ISO 9660 CDROM file system. A local user could exploit this flaw
to cause a denial of service (system crash or hang). (CVE-2014-9420)

A flaw was discovered in the fragment handling of the B.A.T.M.A.N. Advanced
Meshing Protocol in the Linux kernel. A remote attacker could exploit this
flaw to cause a denial of service (mesh-node system crash) via fragmented
packets. (CVE-2014-9428)

A race condition was discovered in the Linux kernel's key ring. A local
user could cause a denial of service (memory corruption or panic) or
possibly have unspecified impact via the keyctl commands. (CVE-2014-9529)

A memory leak was discovered in the ISO 9660 CDROM file system when parsing
rock ridge ER records. A local user could exploit this flaw to obtain
sensitive information from kernel memory via a crafted iso9660 image.
(CVE-2014-9584)

A flaw was discovered in the Address Space Layout Randomization (ASLR) of
the Virtual Dynamically linked Shared Objects (vDSO) location. This flaw
makes it easier for a local user to bypass the ASLR protection mechanism.
(CVE-2014-9585)

Dmitry Chernenkov discovered a buffer overflow in eCryptfs' encrypted file
name decoding. A local unprivileged user could exploit this flaw to ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'linux-lts-trusty' package(s) on Ubuntu 12.04.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-8133
62801
http://secunia.com/advisories/62801
71684
http://www.securityfocus.com/bid/71684
DSA-3128
http://www.debian.org/security/2015/dsa-3128
MDVSA-2015:058
http://www.mandriva.com/security/advisories?name=MDVSA-2015:058
RHSA-2015:1272
http://rhn.redhat.com/errata/RHSA-2015-1272.html
SUSE-SU-2015:0736
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
USN-2490-1
http://www.ubuntu.com/usn/USN-2490-1
USN-2491-1
http://www.ubuntu.com/usn/USN-2491-1
USN-2492-1
http://www.ubuntu.com/usn/USN-2492-1
USN-2493-1
http://www.ubuntu.com/usn/USN-2493-1
USN-2515-1
http://www.ubuntu.com/usn/USN-2515-1
USN-2516-1
http://www.ubuntu.com/usn/USN-2516-1
USN-2517-1
http://www.ubuntu.com/usn/USN-2517-1
USN-2518-1
http://www.ubuntu.com/usn/USN-2518-1
[oss-security] 20141215 Linux kernel: multiple x86_64 vulnerabilities
http://www.openwall.com/lists/oss-security/2014/12/15/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=41bdc78544b8a93a9c6814b8bbbfef966272abbe
https://bugzilla.redhat.com/show_bug.cgi?id=1172797
https://github.com/torvalds/linux/commit/41bdc78544b8a93a9c6814b8bbbfef966272abbe
openSUSE-SU-2015:0566
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-8160
72061
http://www.securityfocus.com/bid/72061
DSA-3170
http://www.debian.org/security/2015/dsa-3170
MDVSA-2015:057
http://www.mandriva.com/security/advisories?name=MDVSA-2015:057
RHSA-2015:0284
http://rhn.redhat.com/errata/RHSA-2015-0284.html
RHSA-2015:0290
http://rhn.redhat.com/errata/RHSA-2015-0290.html
RHSA-2015:0674
http://rhn.redhat.com/errata/RHSA-2015-0674.html
SUSE-SU-2015:0529
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html
SUSE-SU-2015:0652
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
USN-2513-1
http://www.ubuntu.com/usn/USN-2513-1
USN-2514-1
http://www.ubuntu.com/usn/USN-2514-1
[netfilter-devel] 20140925 [PATCH nf] netfilter: conntrack: disable generic protocol tracking
http://www.spinics.net/lists/netfilter-devel/msg33430.html
[oss-security] 20150114 CVE-2014-8160 Linux Kernel: SCTP firewalling fails until SCTP module is loaded
http://www.openwall.com/lists/oss-security/2015/01/14/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=db29a9508a9246e77087c5531e45b2c88ec6988b
https://bugzilla.redhat.com/show_bug.cgi?id=1182059
https://github.com/torvalds/linux/commit/db29a9508a9246e77087c5531e45b2c88ec6988b
openSUSE-SU-2015:0714
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-8559
BugTraq ID: 70854
http://www.securityfocus.com/bid/70854
Debian Security Information: DSA-3170 (Google Search)
https://lkml.org/lkml/2014/10/25/171
https://lkml.org/lkml/2014/10/25/179
https://lkml.org/lkml/2014/10/25/180
https://lkml.org/lkml/2014/10/26/101
https://lkml.org/lkml/2014/10/26/116
https://lkml.org/lkml/2014/10/26/128
https://lkml.org/lkml/2014/10/26/129
http://www.openwall.com/lists/oss-security/2014/10/30/7
RedHat Security Advisories: RHSA-2015:1976
http://rhn.redhat.com/errata/RHSA-2015-1976.html
RedHat Security Advisories: RHSA-2015:1978
http://rhn.redhat.com/errata/RHSA-2015-1978.html
http://www.securitytracker.com/id/1034051
SuSE Security Announcement: SUSE-SU-2015:0178 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html
SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
SuSE Security Announcement: SUSE-SU-2015:0529 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:0714 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-8989
BugTraq ID: 71154
http://www.securityfocus.com/bid/71154
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html
http://www.openwall.com/lists/oss-security/2014/11/20/4
Common Vulnerability Exposure (CVE) ID: CVE-2014-9419
BugTraq ID: 71794
http://www.securityfocus.com/bid/71794
Debian Security Information: DSA-3128 (Google Search)
http://www.openwall.com/lists/oss-security/2014/12/25/1
RedHat Security Advisories: RHSA-2015:1081
http://rhn.redhat.com/errata/RHSA-2015-1081.html
http://www.ubuntu.com/usn/USN-2541-1
http://www.ubuntu.com/usn/USN-2542-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-9420
FEDORA-2015-0515
FEDORA-2015-0517
RHSA-2015:1081
RHSA-2015:1137
http://rhn.redhat.com/errata/RHSA-2015-1137.html
RHSA-2015:1138
http://rhn.redhat.com/errata/RHSA-2015-1138.html
SUSE-SU-2015:0178
SUSE-SU-2015:0812
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
[oss-security] 20141225 Re: CVE Request Linux kernel: fs: isofs: infinite loop in CE records
http://www.openwall.com/lists/oss-security/2014/12/25/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f54e18f1b831c92f6512d2eedb224cd63d607d3d
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
https://bugzilla.redhat.com/show_bug.cgi?id=1175235
https://github.com/torvalds/linux/commit/f54e18f1b831c92f6512d2eedb224cd63d607d3d
https://source.android.com/security/bulletin/2017-01-01.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-9428
https://lists.open-mesh.org/pipermail/b.a.t.m.a.n/2014-November/012561.html
http://www.spinics.net/lists/netdev/msg309425.html
http://www.openwall.com/lists/oss-security/2014/12/31/7
Common Vulnerability Exposure (CVE) ID: CVE-2014-9529
BugTraq ID: 71880
http://www.securityfocus.com/bid/71880
http://www.openwall.com/lists/oss-security/2015/01/06/10
RedHat Security Advisories: RHSA-2015:0864
http://rhn.redhat.com/errata/RHSA-2015-0864.html
RedHat Security Advisories: RHSA-2015:1137
RedHat Security Advisories: RHSA-2015:1138
http://www.securitytracker.com/id/1036763
http://www.ubuntu.com/usn/USN-2511-1
http://www.ubuntu.com/usn/USN-2512-1
XForce ISS Database: linux-kernel-cve20149529-dos(99641)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99641
Common Vulnerability Exposure (CVE) ID: CVE-2014-9584
71883
http://www.securityfocus.com/bid/71883
RHSA-2015:0864
SUSE-SU-2015:0481
USN-2511-1
USN-2512-1
[oss-security] 20150109 Re: CVE request Linux kernel: isofs: unchecked printing of ER records
http://www.openwall.com/lists/oss-security/2015/01/09/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e2024624e678f0ebb916e6192bd23c1f9fdf696
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2
https://bugzilla.redhat.com/show_bug.cgi?id=1180119
https://github.com/torvalds/linux/commit/4e2024624e678f0ebb916e6192bd23c1f9fdf696
Common Vulnerability Exposure (CVE) ID: CVE-2014-9585
BugTraq ID: 71990
http://www.securityfocus.com/bid/71990
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148480.html
http://git.kernel.org/?p=linux/kernel/git/luto/linux.git;a=commit;h=bc3b94c31d65e761ddfe150d02932c65971b74e2
http://v0ids3curity.blogspot.in/2014/12/return-to-vdso-using-elf-auxiliary.html
http://www.openwall.com/lists/oss-security/2014/12/09/10
http://www.openwall.com/lists/oss-security/2015/01/09/8
RedHat Security Advisories: RHSA-2015:1778
http://rhn.redhat.com/errata/RHSA-2015-1778.html
RedHat Security Advisories: RHSA-2015:1787
http://rhn.redhat.com/errata/RHSA-2015-1787.html
SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-9683
BugTraq ID: 72643
http://www.securityfocus.com/bid/72643
http://www.openwall.com/lists/oss-security/2015/02/17/9
RedHat Security Advisories: RHSA-2015:1272
http://www.securitytracker.com/id/1031860
SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-0239
72842
http://www.securityfocus.com/bid/72842
[bk-commits-head] 20150123 KVM: x86: SYSENTER emulation is broken
http://permalink.gmane.org/gmane.linux.kernel.commits.head/502245
[oss-security] 20150127 KVM SYSENTER emulation vulnerability - CVE-2015-0239
http://www.openwall.com/lists/oss-security/2015/01/27/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f3747379accba8e95d70cec0eae0582c8c182050
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.5
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
https://bugzilla.redhat.com/show_bug.cgi?id=1186448
https://github.com/torvalds/linux/commit/f3747379accba8e95d70cec0eae0582c8c182050
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.