Test ID:	1.3.6.1.4.1.25623.1.0.842998
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3162-1)
Summary:	The remote host is missing an update for the 'linux' package(s) announced via the USN-3162-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux' package(s) announced via the USN-3162-1 advisory. Vulnerability Insight: CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6213) It was discovered that the KVM implementation for x86/x86_64 in the Linux kernel could dereference a null pointer. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the KVM host. (CVE-2016-8630) Eyal Itkin discovered that the IP over IEEE 1394 (FireWire) implementation in the Linux kernel contained a buffer overflow when handling fragmented packets. A remote attacker could use this to possibly execute arbitrary code with administrative privileges. (CVE-2016-8633) Marco Grassi discovered that the TCP implementation in the Linux kernel mishandles socket buffer (skb) truncation. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-8645) It was discovered that the keyring implementation in the Linux kernel improperly handled crypto registration in conjunction with successful key- type registration. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-9313) Andrey Konovalov discovered that the SCTP implementation in the Linux kernel improperly handled validation of incoming data. A remote attacker could use this to cause a denial of service (system crash). (CVE-2016-9555) Affected Software/OS: 'linux' package(s) on Ubuntu 16.10. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6213 BugTraq ID: 91754 http://www.securityfocus.com/bid/91754 http://www.openwall.com/lists/oss-security/2016/07/13/8 RedHat Security Advisories: RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842 RedHat Security Advisories: RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077 Common Vulnerability Exposure (CVE) ID: CVE-2016-8630 94459 http://www.securityfocus.com/bid/94459 RHSA-2017:0386 http://rhn.redhat.com/errata/RHSA-2017-0386.html RHSA-2017:0387 http://rhn.redhat.com/errata/RHSA-2017-0387.html [oss-security] 20161122 CVE-2016-8630 kernel: kvm: x86: NULL pointer dereference duringinstruction decode http://www.openwall.com/lists/oss-security/2016/11/22/3 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d9092f52d7e61dd1557f2db2400ddb430e85937e http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7 https://bugzilla.redhat.com/show_bug.cgi?id=1393350 https://github.com/torvalds/linux/commit/d9092f52d7e61dd1557f2db2400ddb430e85937e Common Vulnerability Exposure (CVE) ID: CVE-2016-8633 94149 http://www.securityfocus.com/bid/94149 RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676 RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062 RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1170 RHSA-2019:1190 https://access.redhat.com/errata/RHSA-2019:1190 [oss-security] 20161106 Re: [engineering.redhat.com #426293] CVE Request - firewire driver RCE - linux 4.8 http://www.openwall.com/lists/oss-security/2016/11/06/1 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac https://bugzilla.redhat.com/show_bug.cgi?id=1391490 https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/ https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac Common Vulnerability Exposure (CVE) ID: CVE-2016-8645 1037285 http://www.securitytracker.com/id/1037285 94264 http://www.securityfocus.com/bid/94264 RHSA-2017:1842 RHSA-2017:2077 RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2017:2669 [oss-security] 20161111 CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c http://www.openwall.com/lists/oss-security/2016/11/11/3 [oss-security] 20161130 Re: CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c http://www.openwall.com/lists/oss-security/2016/11/30/3 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac6e780070e30e4c35bd395acfe9191e6268bdd3 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.10 https://bugzilla.redhat.com/show_bug.cgi?id=1393904 https://github.com/torvalds/linux/commit/ac6e780070e30e4c35bd395acfe9191e6268bdd3 Common Vulnerability Exposure (CVE) ID: CVE-2016-9313 BugTraq ID: 94546 http://www.securityfocus.com/bid/94546 http://www.openwall.com/lists/oss-security/2016/07/22/1 Common Vulnerability Exposure (CVE) ID: CVE-2016-9555 BugTraq ID: 94479 http://www.securityfocus.com/bid/94479 http://www.openwall.com/lists/oss-security/2016/11/22/18 RedHat Security Advisories: RHSA-2017:0086 http://rhn.redhat.com/errata/RHSA-2017-0086.html RedHat Security Advisories: RHSA-2017:0091 http://rhn.redhat.com/errata/RHSA-2017-0091.html RedHat Security Advisories: RHSA-2017:0113 http://rhn.redhat.com/errata/RHSA-2017-0113.html RedHat Security Advisories: RHSA-2017:0307 http://rhn.redhat.com/errata/RHSA-2017-0307.html http://www.securitytracker.com/id/1037339 SuSE Security Announcement: SUSE-SU-2016:3096 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00044.html SuSE Security Announcement: SUSE-SU-2016:3113 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00054.html SuSE Security Announcement: SUSE-SU-2016:3116 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00055.html SuSE Security Announcement: SUSE-SU-2016:3117 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00056.html SuSE Security Announcement: SUSE-SU-2016:3169 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00067.html SuSE Security Announcement: SUSE-SU-2016:3183 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00070.html SuSE Security Announcement: SUSE-SU-2016:3197 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00073.html SuSE Security Announcement: SUSE-SU-2016:3205 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00076.html SuSE Security Announcement: SUSE-SU-2016:3206 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00077.html SuSE Security Announcement: SUSE-SU-2016:3247 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00087.html
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.