Test ID:	1.3.6.1.4.1.25623.1.0.842951
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3127-1)
Summary:	The remote host is missing an update for the 'linux' package(s) announced via the USN-3127-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux' package(s) announced via the USN-3127-1 advisory. Vulnerability Insight: It was discovered that the compression handling code in the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service (system crash). (CVE-2014-9904) Kirill A. Shutemov discovered that memory manager in the Linux kernel did not properly handle anonymous pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2015-3288) Vitaly Kuznetsov discovered that the Linux kernel did not properly suppress hugetlbfs support in X86 paravirtualized guests. An attacker in the guest OS could cause a denial of service (guest system crash). (CVE-2016-3961) Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-7042) Affected Software/OS: 'linux' package(s) on Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9904 BugTraq ID: 91510 http://www.securityfocus.com/bid/91510 Debian Security Information: DSA-3616 (Google Search) http://www.debian.org/security/2016/dsa-3616 http://www.securitytracker.com/id/1036189 SuSE Security Announcement: SUSE-SU-2016:1937 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html SuSE Security Announcement: SUSE-SU-2016:2105 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html SuSE Security Announcement: openSUSE-SU-2016:2184 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3288 93591 http://www.securityfocus.com/bid/93591 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4 https://bugzilla.redhat.com/show_bug.cgi?id=1333830 https://github.com/torvalds/linux/commit/6b7339f4c31ad69c8e9c0b2859276e22cf72176d https://security-tracker.debian.org/tracker/CVE-2015-3288 https://source.android.com/security/bulletin/2017-01-01.html Common Vulnerability Exposure (CVE) ID: CVE-2016-3961 BugTraq ID: 86068 http://www.securityfocus.com/bid/86068 Debian Security Information: DSA-3607 (Google Search) http://www.debian.org/security/2016/dsa-3607 http://www.securitytracker.com/id/1035569 http://www.ubuntu.com/usn/USN-3001-1 http://www.ubuntu.com/usn/USN-3002-1 http://www.ubuntu.com/usn/USN-3003-1 http://www.ubuntu.com/usn/USN-3004-1 http://www.ubuntu.com/usn/USN-3005-1 http://www.ubuntu.com/usn/USN-3006-1 http://www.ubuntu.com/usn/USN-3007-1 http://www.ubuntu.com/usn/USN-3049-1 http://www.ubuntu.com/usn/USN-3050-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-7042 BugTraq ID: 93544 http://www.securityfocus.com/bid/93544 http://www.openwall.com/lists/oss-security/2016/10/13/5 RedHat Security Advisories: RHSA-2017:0817 http://rhn.redhat.com/errata/RHSA-2017-0817.html RedHat Security Advisories: RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842 RedHat Security Advisories: RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077 RedHat Security Advisories: RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2017:2669
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.