Test ID:	1.3.6.1.4.1.25623.1.0.842161
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2562-1)
Summary:	The remote host is missing an update for the 'linux-lts-trusty' package(s) announced via the USN-2562-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-lts-trusty' package(s) announced via the USN-2562-1 advisory. Vulnerability Insight: Sun Baoliang discovered a use after free flaw in the Linux kernel's SCTP (Stream Control Transmission Protocol) subsystem during INIT collisions. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges on the system. (CVE-2015-1421) Marcelo Leitner discovered a flaw in the Linux kernel's routing of packets to too many different dsts/too fast. A remote attacker on the same subnet can exploit this flaw to cause a denial of service (system crash). (CVE-2015-1465) An integer overflow was discovered in the stack randomization feature of the Linux kernel on 64 bit platforms. A local attacker could exploit this flaw to bypass the Address Space Layout Randomization (ASLR) protection mechanism. (CVE-2015-1593) An information leak was discovered in the Linux Kernel's handling of userspace configuration of the link layer control (LLC). A local user could exploit this flaw to read data from other sysctl settings. (CVE-2015-2041) An information leak was discovered in how the Linux kernel handles setting the Reliable Datagram Sockets (RDS) settings. A local user could exploit this flaw to read data from other sysctl settings. (CVE-2015-2042) Affected Software/OS: 'linux-lts-trusty' package(s) on Ubuntu 12.04. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1421 BugTraq ID: 72356 http://www.securityfocus.com/bid/72356 Debian Security Information: DSA-3170 (Google Search) http://www.debian.org/security/2015/dsa-3170 http://www.openwall.com/lists/oss-security/2015/01/29/15 RedHat Security Advisories: RHSA-2015:0726 http://rhn.redhat.com/errata/RHSA-2015-0726.html RedHat Security Advisories: RHSA-2015:0751 http://rhn.redhat.com/errata/RHSA-2015-0751.html RedHat Security Advisories: RHSA-2015:0782 http://rhn.redhat.com/errata/RHSA-2015-0782.html RedHat Security Advisories: RHSA-2015:0864 http://rhn.redhat.com/errata/RHSA-2015-0864.html RedHat Security Advisories: RHSA-2015:1082 http://rhn.redhat.com/errata/RHSA-2015-1082.html http://www.securitytracker.com/id/1032172 SuSE Security Announcement: SUSE-SU-2015:0832 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00001.html SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html http://www.ubuntu.com/usn/USN-2541-1 http://www.ubuntu.com/usn/USN-2542-1 http://www.ubuntu.com/usn/USN-2545-1 http://www.ubuntu.com/usn/USN-2546-1 http://www.ubuntu.com/usn/USN-2562-1 http://www.ubuntu.com/usn/USN-2563-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-1465 BugTraq ID: 72435 http://www.securityfocus.com/bid/72435 http://www.openwall.com/lists/oss-security/2015/02/03/13 http://www.securitytracker.com/id/1036763 SuSE Security Announcement: SUSE-SU-2015:1488 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html SuSE Security Announcement: SUSE-SU-2015:1489 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html Common Vulnerability Exposure (CVE) ID: CVE-2015-1593 BugTraq ID: 72607 http://www.securityfocus.com/bid/72607 http://hmarco.org/bugs/linux-ASLR-integer-overflow.html https://lkml.org/lkml/2015/1/7/811 http://www.openwall.com/lists/oss-security/2015/02/13/13 RedHat Security Advisories: RHSA-2015:1137 http://rhn.redhat.com/errata/RHSA-2015-1137.html RedHat Security Advisories: RHSA-2015:1138 http://rhn.redhat.com/errata/RHSA-2015-1138.html RedHat Security Advisories: RHSA-2015:1221 http://rhn.redhat.com/errata/RHSA-2015-1221.html RedHat Security Advisories: RHSA-2019:3517 https://access.redhat.com/errata/RHSA-2019:3517 SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SuSE Security Announcement: openSUSE-SU-2015:0714 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html http://www.ubuntu.com/usn/USN-2560-1 http://www.ubuntu.com/usn/USN-2561-1 http://www.ubuntu.com/usn/USN-2564-1 http://www.ubuntu.com/usn/USN-2565-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-2041 BugTraq ID: 72729 http://www.securityfocus.com/bid/72729 Debian Security Information: DSA-3237 (Google Search) http://www.debian.org/security/2015/dsa-3237 http://www.openwall.com/lists/oss-security/2015/02/20/19 SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html SuSE Security Announcement: SUSE-SU-2015:1224 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html Common Vulnerability Exposure (CVE) ID: CVE-2015-2042 BugTraq ID: 72730 http://www.securityfocus.com/bid/72730 http://www.openwall.com/lists/oss-security/2015/02/20/20
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.