Test ID:	1.3.6.1.4.1.25623.1.0.842166
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2564-1)
Summary:	The remote host is missing an update for the 'linux-lts-utopic' package(s) announced via the USN-2564-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-lts-utopic' package(s) announced via the USN-2564-1 advisory. Vulnerability Insight: An integer overflow was discovered in the stack randomization feature of the Linux kernel on 64 bit platforms. A local attacker could exploit this flaw to bypass the Address Space Layout Randomization (ASLR) protection mechanism. (CVE-2015-1593) An information leak was discovered in the Linux Kernel's handling of userspace configuration of the link layer control (LLC). A local user could exploit this flaw to read data from other sysctl settings. (CVE-2015-2041) An information leak was discovered in how the Linux kernel handles setting the Reliable Datagram Sockets (RDS) settings. A local user could exploit this flaw to read data from other sysctl settings. (CVE-2015-2042) A memory corruption flaw was discovered in the Linux kernel's scsi subsystem. A local attacker could potentially exploit this flaw to cause a denial of service (system crash). (CVE-2015-4036) Affected Software/OS: 'linux-lts-utopic' package(s) on Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1593 BugTraq ID: 72607 http://www.securityfocus.com/bid/72607 Debian Security Information: DSA-3170 (Google Search) http://www.debian.org/security/2015/dsa-3170 http://hmarco.org/bugs/linux-ASLR-integer-overflow.html https://lkml.org/lkml/2015/1/7/811 http://www.openwall.com/lists/oss-security/2015/02/13/13 RedHat Security Advisories: RHSA-2015:1137 http://rhn.redhat.com/errata/RHSA-2015-1137.html RedHat Security Advisories: RHSA-2015:1138 http://rhn.redhat.com/errata/RHSA-2015-1138.html RedHat Security Advisories: RHSA-2015:1221 http://rhn.redhat.com/errata/RHSA-2015-1221.html RedHat Security Advisories: RHSA-2019:3517 https://access.redhat.com/errata/RHSA-2019:3517 SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SuSE Security Announcement: openSUSE-SU-2015:0714 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html http://www.ubuntu.com/usn/USN-2560-1 http://www.ubuntu.com/usn/USN-2561-1 http://www.ubuntu.com/usn/USN-2562-1 http://www.ubuntu.com/usn/USN-2563-1 http://www.ubuntu.com/usn/USN-2564-1 http://www.ubuntu.com/usn/USN-2565-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-2041 BugTraq ID: 72729 http://www.securityfocus.com/bid/72729 Debian Security Information: DSA-3237 (Google Search) http://www.debian.org/security/2015/dsa-3237 http://www.openwall.com/lists/oss-security/2015/02/20/19 SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html SuSE Security Announcement: SUSE-SU-2015:1224 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html Common Vulnerability Exposure (CVE) ID: CVE-2015-2042 BugTraq ID: 72730 http://www.securityfocus.com/bid/72730 http://www.openwall.com/lists/oss-security/2015/02/20/20 Common Vulnerability Exposure (CVE) ID: CVE-2015-4036 BugTraq ID: 74664 http://www.securityfocus.com/bid/74664 http://www.openwall.com/lists/oss-security/2015/05/13/4 http://www.securitytracker.com/id/1033729 SuSE Security Announcement: SUSE-SU-2015:1324 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html http://www.ubuntu.com/usn/USN-2633-1 http://www.ubuntu.com/usn/USN-2634-1
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.