Test ID:	1.3.6.1.4.1.25623.1.0.842163
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2561-1)
Summary:	The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-2561-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-ti-omap4' package(s) announced via the USN-2561-1 advisory. Vulnerability Insight: It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges. (CVE-2014-8159) An integer overflow was discovered in the stack randomization feature of the Linux kernel on 64 bit platforms. A local attacker could exploit this flaw to bypass the Address Space Layout Randomization (ASLR) protection mechanism. (CVE-2015-1593) An information leak was discovered in the Linux Kernel's handling of userspace configuration of the link layer control (LLC). A local user could exploit this flaw to read data from other sysctl settings. (CVE-2015-2041) An information leak was discovered in how the Linux kernel handles setting the Reliable Datagram Sockets (RDS) settings. A local user could exploit this flaw to read data from other sysctl settings. (CVE-2015-2042) Affected Software/OS: 'linux-ti-omap4' package(s) on Ubuntu 12.04. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8159 1032224 http://www.securitytracker.com/id/1032224 73060 http://www.securityfocus.com/bid/73060 DSA-3237 http://www.debian.org/security/2015/dsa-3237 FEDORA-2015-4066 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html RHSA-2015:0674 http://rhn.redhat.com/errata/RHSA-2015-0674.html RHSA-2015:0695 http://rhn.redhat.com/errata/RHSA-2015-0695.html RHSA-2015:0726 http://rhn.redhat.com/errata/RHSA-2015-0726.html RHSA-2015:0751 http://rhn.redhat.com/errata/RHSA-2015-0751.html RHSA-2015:0782 http://rhn.redhat.com/errata/RHSA-2015-0782.html RHSA-2015:0783 http://rhn.redhat.com/errata/RHSA-2015-0783.html RHSA-2015:0803 http://rhn.redhat.com/errata/RHSA-2015-0803.html RHSA-2015:0870 http://rhn.redhat.com/errata/RHSA-2015-0870.html RHSA-2015:0919 http://rhn.redhat.com/errata/RHSA-2015-0919.html SUSE-SU-2015:1478 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html SUSE-SU-2015:1487 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html SUSE-SU-2015:1488 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html SUSE-SU-2015:1489 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html SUSE-SU-2015:1491 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html USN-2525-1 http://www.ubuntu.com/usn/USN-2525-1 USN-2526-1 http://www.ubuntu.com/usn/USN-2526-1 USN-2527-1 http://www.ubuntu.com/usn/USN-2527-1 USN-2528-1 http://www.ubuntu.com/usn/USN-2528-1 USN-2529-1 http://www.ubuntu.com/usn/USN-2529-1 USN-2530-1 http://www.ubuntu.com/usn/USN-2530-1 USN-2561-1 http://www.ubuntu.com/usn/USN-2561-1 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 https://bugzilla.redhat.com/show_bug.cgi?id=1181166 Common Vulnerability Exposure (CVE) ID: CVE-2015-1593 BugTraq ID: 72607 http://www.securityfocus.com/bid/72607 Debian Security Information: DSA-3170 (Google Search) http://www.debian.org/security/2015/dsa-3170 http://hmarco.org/bugs/linux-ASLR-integer-overflow.html https://lkml.org/lkml/2015/1/7/811 http://www.openwall.com/lists/oss-security/2015/02/13/13 RedHat Security Advisories: RHSA-2015:1137 http://rhn.redhat.com/errata/RHSA-2015-1137.html RedHat Security Advisories: RHSA-2015:1138 http://rhn.redhat.com/errata/RHSA-2015-1138.html RedHat Security Advisories: RHSA-2015:1221 http://rhn.redhat.com/errata/RHSA-2015-1221.html RedHat Security Advisories: RHSA-2019:3517 https://access.redhat.com/errata/RHSA-2019:3517 SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SuSE Security Announcement: openSUSE-SU-2015:0714 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html http://www.ubuntu.com/usn/USN-2560-1 http://www.ubuntu.com/usn/USN-2562-1 http://www.ubuntu.com/usn/USN-2563-1 http://www.ubuntu.com/usn/USN-2564-1 http://www.ubuntu.com/usn/USN-2565-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-2041 BugTraq ID: 72729 http://www.securityfocus.com/bid/72729 Debian Security Information: DSA-3237 (Google Search) http://www.openwall.com/lists/oss-security/2015/02/20/19 SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html SuSE Security Announcement: SUSE-SU-2015:1224 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search) SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html Common Vulnerability Exposure (CVE) ID: CVE-2015-2042 BugTraq ID: 72730 http://www.securityfocus.com/bid/72730 http://www.openwall.com/lists/oss-security/2015/02/20/20
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.