English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.842625
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-2888-1)
Summary:The remote host is missing an update for the 'linux-lts-utopic' package(s) announced via the USN-2888-1 advisory.
Description:Summary:
The remote host is missing an update for the 'linux-lts-utopic' package(s) announced via the USN-2888-1 advisory.

Vulnerability Insight:
It was discovered that a use-after-free vulnerability existed in the
AF_UNIX implementation in the Linux kernel. A local attacker could use
crafted epoll_ctl calls to cause a denial of service (system crash) or
expose sensitive information. (CVE-2013-7446)

It was discovered that the KVM implementation in the Linux kernel did not
properly restore the values of the Programmable Interrupt Timer (PIT). A
user-assisted attacker in a KVM guest could cause a denial of service in
the host (system crash). (CVE-2015-7513)

It was discovered that the Linux kernel keyring subsystem contained a race
between read and revoke operations. A local attacker could use this to
cause a denial of service (system crash). (CVE-2015-7550)

Sasha Levin discovered that the Reliable Datagram Sockets (RDS)
implementation in the Linux kernel had a race condition when checking
whether a socket was bound or not. A local attacker could use this to cause
a denial of service (system crash). (CVE-2015-7990)

It was discovered that the Btrfs implementation in the Linux kernel
incorrectly handled compressed inline extants on truncation. A local
attacker could use this to expose sensitive information. (CVE-2015-8374)

Guo Yong Gang discovered that the Linux kernel networking implementation did
not validate protocol identifiers for certain protocol families, A local
attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2015-8543)

Dmitry Vyukov discovered that the pptp implementation in the Linux kernel
did not verify an address length when setting up a socket. A local attacker
could use this to craft an application that exposed sensitive information
from kernel memory. (CVE-2015-8569)

David Miller discovered that the Bluetooth implementation in the Linux
kernel did not properly validate the socket address length for Synchronous
Connection-Oriented (SCO) sockets. A local attacker could use this to
expose sensitive information. (CVE-2015-8575)

Affected Software/OS:
'linux-lts-utopic' package(s) on Ubuntu 14.04.

Solution:
Please install the updated package(s).

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-7446
BugTraq ID: 77638
http://www.securityfocus.com/bid/77638
Debian Security Information: DSA-3426 (Google Search)
http://www.debian.org/security/2015/dsa-3426
https://forums.grsecurity.net/viewtopic.php?f=3&t=4150
https://lkml.org/lkml/2013/10/14/424
https://lkml.org/lkml/2014/5/15/532
https://lkml.org/lkml/2015/9/13/195
http://www.spinics.net/lists/netdev/msg318826.html
http://www.openwall.com/lists/oss-security/2015/11/18/16
http://www.securitytracker.com/id/1034557
SuSE Security Announcement: SUSE-SU-2016:0745 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00033.html
SuSE Security Announcement: SUSE-SU-2016:0746 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00034.html
SuSE Security Announcement: SUSE-SU-2016:0747 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00035.html
SuSE Security Announcement: SUSE-SU-2016:0749 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00037.html
SuSE Security Announcement: SUSE-SU-2016:0750 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00038.html
SuSE Security Announcement: SUSE-SU-2016:0751 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00039.html
SuSE Security Announcement: SUSE-SU-2016:0752 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00040.html
SuSE Security Announcement: SUSE-SU-2016:0753 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00041.html
SuSE Security Announcement: SUSE-SU-2016:0754 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00042.html
SuSE Security Announcement: SUSE-SU-2016:0755 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00043.html
SuSE Security Announcement: SUSE-SU-2016:0756 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00044.html
SuSE Security Announcement: SUSE-SU-2016:0757 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00045.html
SuSE Security Announcement: SUSE-SU-2016:0911 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html
SuSE Security Announcement: SUSE-SU-2016:1102 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html
SuSE Security Announcement: SUSE-SU-2016:1961 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html
SuSE Security Announcement: SUSE-SU-2016:1994 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html
SuSE Security Announcement: SUSE-SU-2016:1995 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html
SuSE Security Announcement: SUSE-SU-2016:2000 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html
SuSE Security Announcement: SUSE-SU-2016:2001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html
SuSE Security Announcement: SUSE-SU-2016:2002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html
SuSE Security Announcement: SUSE-SU-2016:2003 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html
SuSE Security Announcement: SUSE-SU-2016:2005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html
SuSE Security Announcement: SUSE-SU-2016:2006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html
SuSE Security Announcement: SUSE-SU-2016:2007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html
SuSE Security Announcement: SUSE-SU-2016:2009 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html
SuSE Security Announcement: SUSE-SU-2016:2010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html
SuSE Security Announcement: SUSE-SU-2016:2011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html
SuSE Security Announcement: SUSE-SU-2016:2014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html
SuSE Security Announcement: SUSE-SU-2016:2074 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
SuSE Security Announcement: openSUSE-SU-2016:1641 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html
http://www.ubuntu.com/usn/USN-2886-1
http://www.ubuntu.com/usn/USN-2887-1
http://www.ubuntu.com/usn/USN-2887-2
http://www.ubuntu.com/usn/USN-2888-1
http://www.ubuntu.com/usn/USN-2889-1
http://www.ubuntu.com/usn/USN-2889-2
http://www.ubuntu.com/usn/USN-2890-1
http://www.ubuntu.com/usn/USN-2890-2
http://www.ubuntu.com/usn/USN-2890-3
Common Vulnerability Exposure (CVE) ID: CVE-2015-7513
1034602
http://www.securitytracker.com/id/1034602
79901
http://www.securityfocus.com/bid/79901
DSA-3434
http://www.debian.org/security/2016/dsa-3434
FEDORA-2016-26e19f042a
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html
FEDORA-2016-5d43766e33
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html
FEDORA-2016-b59fd603be
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html
USN-2886-1
USN-2887-1
USN-2887-2
USN-2888-1
USN-2889-1
USN-2889-2
USN-2890-1
USN-2890-2
USN-2890-3
[oss-security] 20160107 CVE-2015-7513 Kernel: kvm: divide by zero issue leads to DoS
http://www.openwall.com/lists/oss-security/2016/01/07/2
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8
https://bugzilla.redhat.com/show_bug.cgi?id=1284847
https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8
Common Vulnerability Exposure (CVE) ID: CVE-2015-7550
79903
http://www.securityfocus.com/bid/79903
SUSE-SU-2016:0911
SUSE-SU-2016:1102
SUSE-SU-2016:2074
USN-2911-1
http://www.ubuntu.com/usn/USN-2911-1
USN-2911-2
http://www.ubuntu.com/usn/USN-2911-2
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b4a1b4f5047e4f54e194681125c74c0aa64d637d
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4
https://bugzilla.redhat.com/show_bug.cgi?id=1291197
https://github.com/torvalds/linux/commit/b4a1b4f5047e4f54e194681125c74c0aa64d637d
https://security-tracker.debian.org/tracker/CVE-2015-7550
Common Vulnerability Exposure (CVE) ID: CVE-2015-7990
BugTraq ID: 77340
http://www.securityfocus.com/bid/77340
Debian Security Information: DSA-3396 (Google Search)
http://www.debian.org/security/2015/dsa-3396
https://lkml.org/lkml/2015/10/16/530
http://www.openwall.com/lists/oss-security/2015/10/27/5
http://www.securitytracker.com/id/1034453
SuSE Security Announcement: SUSE-SU-2015:2108 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html
SuSE Security Announcement: SUSE-SU-2015:2194 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html
SuSE Security Announcement: SUSE-SU-2015:2292 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html
SuSE Security Announcement: SUSE-SU-2015:2339 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html
SuSE Security Announcement: SUSE-SU-2015:2350 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html
SuSE Security Announcement: SUSE-SU-2016:0335 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html
SuSE Security Announcement: SUSE-SU-2016:0337 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html
SuSE Security Announcement: SUSE-SU-2016:0354 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html
SuSE Security Announcement: SUSE-SU-2016:0380 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html
SuSE Security Announcement: SUSE-SU-2016:0381 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html
SuSE Security Announcement: SUSE-SU-2016:0383 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html
SuSE Security Announcement: SUSE-SU-2016:0384 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html
SuSE Security Announcement: SUSE-SU-2016:0386 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html
SuSE Security Announcement: SUSE-SU-2016:0387 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html
SuSE Security Announcement: SUSE-SU-2016:0434 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html
SuSE Security Announcement: openSUSE-SU-2015:2232 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8374
BugTraq ID: 78219
http://www.securityfocus.com/bid/78219
http://www.openwall.com/lists/oss-security/2015/11/27/2
RedHat Security Advisories: RHSA-2016:2574
http://rhn.redhat.com/errata/RHSA-2016-2574.html
RedHat Security Advisories: RHSA-2016:2584
http://rhn.redhat.com/errata/RHSA-2016-2584.html
http://www.securitytracker.com/id/1034895
Common Vulnerability Exposure (CVE) ID: CVE-2015-8543
BugTraq ID: 79698
http://www.securityfocus.com/bid/79698
Debian Security Information: DSA-3434 (Google Search)
http://www.openwall.com/lists/oss-security/2015/12/09/5
RedHat Security Advisories: RHSA-2016:0855
http://rhn.redhat.com/errata/RHSA-2016-0855.html
http://www.securitytracker.com/id/1034892
Common Vulnerability Exposure (CVE) ID: CVE-2015-8569
BugTraq ID: 79428
http://www.securityfocus.com/bid/79428
http://twitter.com/grsecurity/statuses/676744240802750464
https://lkml.org/lkml/2015/12/14/252
http://www.openwall.com/lists/oss-security/2015/12/15/11
http://www.securitytracker.com/id/1034549
Common Vulnerability Exposure (CVE) ID: CVE-2015-8575
BugTraq ID: 79724
http://www.securityfocus.com/bid/79724
http://www.openwall.com/lists/oss-security/2015/12/16/3
CopyrightCopyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.