Test ID:	1.3.6.1.4.1.25623.1.0.842579
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2846-1)
Summary:	The remote host is missing an update for the 'linux' package(s) announced via the USN-2846-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux' package(s) announced via the USN-2846-1 advisory. Vulnerability Insight: Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550) Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform consistency checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host. (CVE-2015-8551) Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform consistency checks on the device's state. An attacker could exploit this flaw to cause a denial of service by flooding the logging system with WARN() messages causing the initial domain to exhaust disk space. (CVE-2015-8552) Affected Software/OS: 'linux' package(s) on Ubuntu 12.04. Solution: Please install the updated package(s). CVSS Score: 5.7 CVSS Vector: AV:L/AC:L/Au:S/C:P/I:P/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8550 BugTraq ID: 79592 http://www.securityfocus.com/bid/79592 Debian Security Information: DSA-3434 (Google Search) http://www.debian.org/security/2016/dsa-3434 Debian Security Information: DSA-3471 (Google Search) http://www.debian.org/security/2016/dsa-3471 Debian Security Information: DSA-3519 (Google Search) http://www.debian.org/security/2016/dsa-3519 https://security.gentoo.org/glsa/201604-03 http://www.securitytracker.com/id/1034479 SuSE Security Announcement: SUSE-SU-2016:0911 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html SuSE Security Announcement: SUSE-SU-2016:1102 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html SuSE Security Announcement: SUSE-SU-2016:1764 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2015-8551 BugTraq ID: 79546 http://www.securityfocus.com/bid/79546 http://www.securitytracker.com/id/1034480 SuSE Security Announcement: SUSE-SU-2016:1707 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html SuSE Security Announcement: SUSE-SU-2016:1937 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html SuSE Security Announcement: SUSE-SU-2016:2105 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html SuSE Security Announcement: openSUSE-SU-2016:2184 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html Common Vulnerability Exposure (CVE) ID: CVE-2015-8552
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.