Test ID:	1.3.6.1.4.1.25623.1.0.843062
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3208-2)
Summary:	The remote host is missing an update for the 'linux-lts-xenial' package(s) announced via the USN-3208-2 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-lts-xenial' package(s) announced via the USN-3208-2 advisory. Vulnerability Insight: USN-3208-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2016-10088) CAI Qian discovered that the sysctl implementation in the Linux kernel did not properly perform reference counting in some situations. An unprivileged attacker could use this to cause a denial of service (system hang). (CVE-2016-9191) Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the #BP and #OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service (guest OS crash). (CVE-2016-9588) Andy Lutomirski and Willy Tarreau discovered that the KVM implementation in the Linux kernel did not properly emulate instructions on the SS segment register. A local attacker in a guest virtual machine could use this to cause a denial of service (guest OS crash) or possibly gain administrative privileges in the guest OS. (CVE-2017-2583) Dmitry Vyukov discovered that the KVM implementation in the Linux kernel improperly emulated certain instructions. A local attacker could use this to obtain sensitive information (kernel memory). (CVE-2017-2584) It was discovered that the KLSI KL5KUSB105 serial-to-USB device driver in the Linux kernel did not properly initialize memory related to logging. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-5549) Andrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2017-6074) Affected Software/OS: 'linux-lts-xenial' package(s) on Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-10088 BugTraq ID: 95169 http://www.securityfocus.com/bid/95169 http://www.openwall.com/lists/oss-security/2016/12/30/1 RedHat Security Advisories: RHSA-2017:0817 http://rhn.redhat.com/errata/RHSA-2017-0817.html RedHat Security Advisories: RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842 RedHat Security Advisories: RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077 RedHat Security Advisories: RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2017:2669 http://www.securitytracker.com/id/1037538 Common Vulnerability Exposure (CVE) ID: CVE-2016-9191 BugTraq ID: 94129 http://www.securityfocus.com/bid/94129 Debian Security Information: DSA-3791 (Google Search) http://www.debian.org/security/2017/dsa-3791 http://www.openwall.com/lists/oss-security/2016/11/05/4 Common Vulnerability Exposure (CVE) ID: CVE-2016-9588 94933 http://www.securityfocus.com/bid/94933 DSA-3804 http://www.debian.org/security/2017/dsa-3804 RHSA-2017:1842 RHSA-2017:2077 USN-3822-1 https://usn.ubuntu.com/3822-1/ USN-3822-2 https://usn.ubuntu.com/3822-2/ [oss-security] 20161215 CVE-2016-9588 Kernel: kvm: nVMX: uncaught software exceptions in L1 guest lead to DoS http://www.openwall.com/lists/oss-security/2016/12/15/3 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ef85b67385436ddc1998f45f1d6a210f935b3388 https://bugzilla.redhat.com/show_bug.cgi?id=1404924 https://github.com/torvalds/linux/commit/ef85b67385436ddc1998f45f1d6a210f935b3388 Common Vulnerability Exposure (CVE) ID: CVE-2017-2583 95673 http://www.securityfocus.com/bid/95673 DSA-3791 RHSA-2017:1615 https://access.redhat.com/errata/RHSA-2017:1615 RHSA-2017:1616 https://access.redhat.com/errata/RHSA-2017:1616 USN-3754-1 https://usn.ubuntu.com/3754-1/ [oss-security] 20170119 CVE-2017-2583 Kernel: Kvm: vmx/svm potential privilege escalation inside guest http://www.openwall.com/lists/oss-security/2017/01/19/2 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33ab91103b3415e12457e3104f0e4517ce12d0f3 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5 https://bugzilla.redhat.com/show_bug.cgi?id=1414735 https://github.com/torvalds/linux/commit/33ab91103b3415e12457e3104f0e4517ce12d0f3 Common Vulnerability Exposure (CVE) ID: CVE-2017-2584 BugTraq ID: 95430 http://www.securityfocus.com/bid/95430 http://www.openwall.com/lists/oss-security/2017/01/13/7 http://www.securitytracker.com/id/1037603 Common Vulnerability Exposure (CVE) ID: CVE-2017-5549 BugTraq ID: 95715 http://www.securityfocus.com/bid/95715 http://www.openwall.com/lists/oss-security/2017/01/21/3 Common Vulnerability Exposure (CVE) ID: CVE-2017-6074 BugTraq ID: 96310 http://www.securityfocus.com/bid/96310 https://www.exploit-db.com/exploits/41457/ https://www.exploit-db.com/exploits/41458/ http://www.openwall.com/lists/oss-security/2017/02/22/3 RedHat Security Advisories: RHSA-2017:0293 http://rhn.redhat.com/errata/RHSA-2017-0293.html RedHat Security Advisories: RHSA-2017:0294 http://rhn.redhat.com/errata/RHSA-2017-0294.html RedHat Security Advisories: RHSA-2017:0295 http://rhn.redhat.com/errata/RHSA-2017-0295.html RedHat Security Advisories: RHSA-2017:0316 http://rhn.redhat.com/errata/RHSA-2017-0316.html RedHat Security Advisories: RHSA-2017:0323 http://rhn.redhat.com/errata/RHSA-2017-0323.html RedHat Security Advisories: RHSA-2017:0324 http://rhn.redhat.com/errata/RHSA-2017-0324.html RedHat Security Advisories: RHSA-2017:0345 http://rhn.redhat.com/errata/RHSA-2017-0345.html RedHat Security Advisories: RHSA-2017:0346 http://rhn.redhat.com/errata/RHSA-2017-0346.html RedHat Security Advisories: RHSA-2017:0347 http://rhn.redhat.com/errata/RHSA-2017-0347.html RedHat Security Advisories: RHSA-2017:0365 http://rhn.redhat.com/errata/RHSA-2017-0365.html RedHat Security Advisories: RHSA-2017:0366 http://rhn.redhat.com/errata/RHSA-2017-0366.html RedHat Security Advisories: RHSA-2017:0403 http://rhn.redhat.com/errata/RHSA-2017-0403.html RedHat Security Advisories: RHSA-2017:0501 http://rhn.redhat.com/errata/RHSA-2017-0501.html RedHat Security Advisories: RHSA-2017:0932 https://access.redhat.com/errata/RHSA-2017:0932 RedHat Security Advisories: RHSA-2017:1209 https://access.redhat.com/errata/RHSA-2017:1209 http://www.securitytracker.com/id/1037876
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.