Test ID:	1.3.6.1.4.1.25623.1.0.842983
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3149-2)
Summary:	The remote host is missing an update for the 'linux-lts-trusty' package(s) announced via the USN-3149-2 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-lts-trusty' package(s) announced via the USN-3149-2 advisory. Vulnerability Insight: USN-3149-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges. Affected Software/OS: 'linux-lts-trusty' package(s) on Ubuntu 12.04. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-8655 1037403 http://www.securitytracker.com/id/1037403 1037968 http://www.securitytracker.com/id/1037968 40871 https://www.exploit-db.com/exploits/40871/ 44696 https://www.exploit-db.com/exploits/44696/ 94692 http://www.securityfocus.com/bid/94692 RHSA-2017:0386 http://rhn.redhat.com/errata/RHSA-2017-0386.html RHSA-2017:0387 http://rhn.redhat.com/errata/RHSA-2017-0387.html RHSA-2017:0402 http://rhn.redhat.com/errata/RHSA-2017-0402.html SUSE-SU-2016:3096 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00044.html SUSE-SU-2016:3113 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00054.html SUSE-SU-2016:3116 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00055.html SUSE-SU-2016:3117 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00056.html SUSE-SU-2016:3169 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00067.html SUSE-SU-2016:3183 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00070.html SUSE-SU-2016:3197 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00073.html SUSE-SU-2016:3205 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00076.html SUSE-SU-2016:3206 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00077.html SUSE-SU-2016:3247 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00087.html USN-3149-1 http://www.ubuntu.com/usn/USN-3149-1 USN-3149-2 http://www.ubuntu.com/usn/USN-3149-2 USN-3150-1 http://www.ubuntu.com/usn/USN-3150-1 USN-3150-2 http://www.ubuntu.com/usn/USN-3150-2 USN-3151-1 http://www.ubuntu.com/usn/USN-3151-1 USN-3151-2 http://www.ubuntu.com/usn/USN-3151-2 USN-3151-3 http://www.ubuntu.com/usn/USN-3151-3 USN-3151-4 http://www.ubuntu.com/usn/USN-3151-4 USN-3152-1 http://www.ubuntu.com/usn/USN-3152-1 USN-3152-2 http://www.ubuntu.com/usn/USN-3152-2 [oss-security] 20161206 CVE-2016-8655 Linux af_packet.c race condition (local root) http://www.openwall.com/lists/oss-security/2016/12/06/1 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c http://packetstormsecurity.com/files/140063/Linux-Kernel-4.4.0-AF_PACKET-Race-Condition-Privilege-Escalation.html https://bugzilla.redhat.com/show_bug.cgi?id=1400019 https://github.com/torvalds/linux/commit/84ac7260236a49c79eede91617700174c2c19b0c https://source.android.com/security/bulletin/2017-03-01.html
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.