Test ID:	1.3.6.1.4.1.25623.1.0.842381
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2681-1)
Summary:	The remote host is missing an update for the 'linux' package(s) announced via the USN-2681-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux' package(s) announced via the USN-2681-1 advisory. Vulnerability Insight: A flaw was discovered in the user space memory copying for the pipe iovecs in the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-1805) A flaw was discovered in the kvm (kernel virtual machine) subsystem's kvm_apic_has_events function. A unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2015-4692) Daniel Borkmann reported a kernel crash in the Linux kernel's BPF filter JIT optimization. A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2015-4700) A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. (CVE-2015-5364) A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker can cause a denial of service against applications that use epoll by injecting a single packet with an invalid checksum. (CVE-2015-5366) A double free flaw was discovered in the Linux kernel's path lookup. A local user could cause a denial of service (Oops). (CVE-2015-5706) Affected Software/OS: 'linux' package(s) on Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1805 1032454 http://www.securitytracker.com/id/1032454 74951 http://www.securityfocus.com/bid/74951 DSA-3290 http://www.debian.org/security/2015/dsa-3290 RHSA-2015:1042 http://rhn.redhat.com/errata/RHSA-2015-1042.html RHSA-2015:1081 http://rhn.redhat.com/errata/RHSA-2015-1081.html RHSA-2015:1082 http://rhn.redhat.com/errata/RHSA-2015-1082.html RHSA-2015:1120 http://rhn.redhat.com/errata/RHSA-2015-1120.html RHSA-2015:1137 http://rhn.redhat.com/errata/RHSA-2015-1137.html RHSA-2015:1138 http://rhn.redhat.com/errata/RHSA-2015-1138.html RHSA-2015:1190 http://rhn.redhat.com/errata/RHSA-2015-1190.html RHSA-2015:1199 http://rhn.redhat.com/errata/RHSA-2015-1199.html RHSA-2015:1211 http://rhn.redhat.com/errata/RHSA-2015-1211.html SUSE-SU-2015:1224 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html SUSE-SU-2015:1324 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html SUSE-SU-2015:1478 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html SUSE-SU-2015:1487 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html SUSE-SU-2015:1488 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html SUSE-SU-2015:1489 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html SUSE-SU-2015:1490 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html SUSE-SU-2015:1491 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html SUSE-SU-2015:1592 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html SUSE-SU-2015:1611 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html USN-2679-1 http://www.ubuntu.com/usn/USN-2679-1 USN-2680-1 http://www.ubuntu.com/usn/USN-2680-1 USN-2681-1 http://www.ubuntu.com/usn/USN-2681-1 USN-2967-1 http://www.ubuntu.com/usn/USN-2967-1 USN-2967-2 http://www.ubuntu.com/usn/USN-2967-2 [oss-security] 20150606 CVE-2015-1805 Linux kernel: pipe: iovec overrun leading to memory corruption http://www.openwall.com/lists/oss-security/2015/06/06/2 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045 http://source.android.com/security/bulletin/2016-04-02.html http://source.android.com/security/bulletin/2016-05-01.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html https://bugzilla.redhat.com/show_bug.cgi?id=1202855 https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1 https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045 Common Vulnerability Exposure (CVE) ID: CVE-2015-4692 BugTraq ID: 75142 http://www.securityfocus.com/bid/75142 Debian Security Information: DSA-3329 (Google Search) http://www.debian.org/security/2015/dsa-3329 http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html http://www.openwall.com/lists/oss-security/2015/06/21/1 http://www.securitytracker.com/id/1032798 SuSE Security Announcement: SUSE-SU-2015:1324 (Google Search) SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://www.ubuntu.com/usn/USN-2682-1 http://www.ubuntu.com/usn/USN-2683-1 http://www.ubuntu.com/usn/USN-2684-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-4700 BugTraq ID: 75356 http://www.securityfocus.com/bid/75356 http://www.openwall.com/lists/oss-security/2015/06/23/2 RedHat Security Advisories: RHSA-2015:1778 http://rhn.redhat.com/errata/RHSA-2015-1778.html http://www.securitytracker.com/id/1033046 SuSE Security Announcement: SUSE-SU-2015:1224 (Google Search) SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search) SuSE Security Announcement: SUSE-SU-2015:1487 (Google Search) SuSE Security Announcement: SUSE-SU-2015:1488 (Google Search) SuSE Security Announcement: SUSE-SU-2015:1489 (Google Search) SuSE Security Announcement: SUSE-SU-2015:1490 (Google Search) SuSE Security Announcement: SUSE-SU-2015:1491 (Google Search) SuSE Security Announcement: SUSE-SU-2015:1592 (Google Search) SuSE Security Announcement: SUSE-SU-2015:1611 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2015-5364 BugTraq ID: 75510 http://www.securityfocus.com/bid/75510 Debian Security Information: DSA-3313 (Google Search) http://www.debian.org/security/2015/dsa-3313 https://twitter.com/grsecurity/status/605854034260426753 http://www.openwall.com/lists/oss-security/2015/06/30/13 RedHat Security Advisories: RHSA-2015:1623 http://rhn.redhat.com/errata/RHSA-2015-1623.html RedHat Security Advisories: RHSA-2015:1787 http://rhn.redhat.com/errata/RHSA-2015-1787.html RedHat Security Advisories: RHSA-2016:0045 http://rhn.redhat.com/errata/RHSA-2016-0045.html RedHat Security Advisories: RHSA-2016:1096 http://rhn.redhat.com/errata/RHSA-2016-1096.html RedHat Security Advisories: RHSA-2016:1100 http://rhn.redhat.com/errata/RHSA-2016-1100.html RedHat Security Advisories: RHSA-2016:1225 https://access.redhat.com/errata/RHSA-2016:1225 http://www.securitytracker.com/id/1032794 http://www.ubuntu.com/usn/USN-2713-1 http://www.ubuntu.com/usn/USN-2714-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-5366 Common Vulnerability Exposure (CVE) ID: CVE-2015-5706 BugTraq ID: 76142 http://www.securityfocus.com/bid/76142 http://twitter.com/grsecurity/statuses/597127122910490624 http://www.openwall.com/lists/oss-security/2015/08/01/5
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.