Ubuntu Local Security Checks : Ubuntu: Security Advisory (USN-2665-1)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.842272
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2665-1)
Summary:	The remote host is missing an update for the 'linux-lts-vivid' package(s) announced via the USN-2665-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-lts-vivid' package(s) announced via the USN-2665-1 advisory. Vulnerability Insight: A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. (CVE-2015-1420) A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. (CVE-2015-4001) A bounds check error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. (CVE-2015-4002) A division by zero error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2015-4003) A double free flaw was discovered in the Linux kernel's path lookup. A local user could cause a denial of service (Oops). (CVE-2015-5706) Affected Software/OS: 'linux-lts-vivid' package(s) on Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1420 BugTraq ID: 72357 http://www.securityfocus.com/bid/72357 Debian Security Information: DSA-3170 (Google Search) http://www.debian.org/security/2015/dsa-3170 http://marc.info/?l=linux-kernel&m=142247707318982&w=2 http://www.openwall.com/lists/oss-security/2015/01/29/12 SuSE Security Announcement: SUSE-SU-2015:1224 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html SuSE Security Announcement: SUSE-SU-2015:1592 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html SuSE Security Announcement: SUSE-SU-2015:1611 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://www.ubuntu.com/usn/USN-2660-1 http://www.ubuntu.com/usn/USN-2661-1 http://www.ubuntu.com/usn/USN-2665-1 http://www.ubuntu.com/usn/USN-2667-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-4001 BugTraq ID: 74672 http://www.securityfocus.com/bid/74672 http://openwall.com/lists/oss-security/2015/06/05/7 Common Vulnerability Exposure (CVE) ID: CVE-2015-4002 BugTraq ID: 74668 http://www.securityfocus.com/bid/74668 Common Vulnerability Exposure (CVE) ID: CVE-2015-4003 Common Vulnerability Exposure (CVE) ID: CVE-2015-5706 BugTraq ID: 76142 http://www.securityfocus.com/bid/76142 Debian Security Information: DSA-3329 (Google Search) http://www.debian.org/security/2015/dsa-3329 http://twitter.com/grsecurity/statuses/597127122910490624 http://www.openwall.com/lists/oss-security/2015/08/01/5 http://www.ubuntu.com/usn/USN-2680-1 http://www.ubuntu.com/usn/USN-2681-1
Copyright	Copyright (C) 2015 Greenbone AG