English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.843200
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-3312-1)
Summary:The remote host is missing an update for the 'linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon' package(s) announced via the USN-3312-1 advisory.
Description:Summary:
The remote host is missing an update for the 'linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon' package(s) announced via the USN-3312-1 advisory.

Vulnerability Insight:
It was discovered that the netfilter netlink implementation in the Linux
kernel did not properly validate batch messages. A local attacker with the
CAP_NET_ADMIN capability could use this to expose sensitive information or
cause a denial of service. (CVE-2016-7917)

Qian Zhang discovered a heap-based buffer overflow in the tipc_msg_build()
function in the Linux kernel. A local attacker could use to cause a denial
of service (system crash) or possibly execute arbitrary code with
administrative privileges. (CVE-2016-8632)

It was discovered that the keyring implementation in the Linux kernel in
some situations did not prevent special internal keyrings from being joined
by userspace keyrings. A privileged local attacker could use this to bypass
module verification. (CVE-2016-9604)

It was discovered that a buffer overflow existed in the trace subsystem in
the Linux kernel. A privileged local attacker could use this to execute
arbitrary code. (CVE-2017-0605)

Dmitry Vyukov discovered that KVM implementation in the Linux kernel
improperly emulated the VMXON instruction. A local attacker in a guest OS
could use this to cause a denial of service (memory consumption) in the
host OS. (CVE-2017-2596)

Daniel Jiang discovered that a race condition existed in the ipv4 ping
socket implementation in the Linux kernel. A local privileged attacker
could use this to cause a denial of service (system crash). (CVE-2017-2671)

Di Shen discovered that a race condition existed in the perf subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service or possibly gain administrative privileges. (CVE-2017-6001)

Eric Biggers discovered a memory leak in the keyring implementation in the
Linux kernel. A local attacker could use this to cause a denial of service
(memory consumption). (CVE-2017-7472)

Sabrina Dubroca discovered that the asynchronous cryptographic hash (ahash)
implementation in the Linux kernel did not properly handle a full request
queue. A local attacker could use this to cause a denial of service
(infinite recursion). (CVE-2017-7618)

Tuomas Haanpaa and Ari Kauppi discovered that the NFSv2 and NFSv3 server
implementations in the Linux kernel did not properly handle certain long
RPC replies. A remote attacker could use this to cause a denial of service
(system crash). (CVE-2017-7645)

Tommi Rantala and Brad Spengler discovered that the memory manager in the
Linux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection
mechanism. A local attacker with access to /dev/mem could use this to
expose sensitive information or possibly execute arbitrary code.
(CVE-2017-7889)

Tuomas Haanpaa and Ari Kauppi discovered that the NFSv2 and NFSv3 server
implementations in the Linux kernel did not properly check for the end of
buffer. A remote attacker could use this to craft requests that cause a
denial of service (system crash) or possibly execute ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon' package(s) on Ubuntu 16.04.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-7913
BugTraq ID: 94201
http://www.securityfocus.com/bid/94201
RedHat Security Advisories: RHSA-2018:0676
https://access.redhat.com/errata/RHSA-2018:0676
RedHat Security Advisories: RHSA-2018:1062
https://access.redhat.com/errata/RHSA-2018:1062
RedHat Security Advisories: RHSA-2019:1170
https://access.redhat.com/errata/RHSA-2019:1170
RedHat Security Advisories: RHSA-2019:1190
https://access.redhat.com/errata/RHSA-2019:1190
https://usn.ubuntu.com/3798-1/
https://usn.ubuntu.com/3798-2/
Common Vulnerability Exposure (CVE) ID: CVE-2016-7917
BugTraq ID: 94147
http://www.securityfocus.com/bid/94147
Common Vulnerability Exposure (CVE) ID: CVE-2016-8632
94211
http://www.securityfocus.com/bid/94211
[netdev] 20161018 [PATCH net] tipc: Guard against tiny MTU in tipc_msg_build()
https://www.mail-archive.com/netdev%40vger.kernel.org/msg133205.html
[oss-security] 20161108 CVE-2016-8632 -- Linux kernel: tipc_msg_build() doesn't validate MTU that can trigger heap overflow
http://www.openwall.com/lists/oss-security/2016/11/08/5
https://bugzilla.redhat.com/show_bug.cgi?id=1390832
Common Vulnerability Exposure (CVE) ID: CVE-2016-9083
BugTraq ID: 93929
http://www.securityfocus.com/bid/93929
http://www.openwall.com/lists/oss-security/2016/10/26/11
RedHat Security Advisories: RHSA-2017:0386
http://rhn.redhat.com/errata/RHSA-2017-0386.html
RedHat Security Advisories: RHSA-2017:0387
http://rhn.redhat.com/errata/RHSA-2017-0387.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9084
BugTraq ID: 93930
http://www.securityfocus.com/bid/93930
Common Vulnerability Exposure (CVE) ID: CVE-2016-9604
BugTraq ID: 102135
http://www.securityfocus.com/bid/102135
RedHat Security Advisories: RHSA-2017:1842
https://access.redhat.com/errata/RHSA-2017:1842
RedHat Security Advisories: RHSA-2017:2077
https://access.redhat.com/errata/RHSA-2017:2077
RedHat Security Advisories: RHSA-2017:2669
https://access.redhat.com/errata/RHSA-2017:2669
Common Vulnerability Exposure (CVE) ID: CVE-2017-0605
Common Vulnerability Exposure (CVE) ID: CVE-2017-2596
95878
http://www.securityfocus.com/bid/95878
DSA-3791
http://www.debian.org/security/2017/dsa-3791
RHSA-2017:1842
RHSA-2017:2077
[oss-security] 20170131 CVE-2017-2596 Kernel: kvm: page reference leakage in handle_vmon
http://www.openwall.com/lists/oss-security/2017/01/31/4
https://bugzilla.redhat.com/show_bug.cgi?id=1417812
Common Vulnerability Exposure (CVE) ID: CVE-2017-2671
42135
https://www.exploit-db.com/exploits/42135/
97407
http://www.securityfocus.com/bid/97407
RHSA-2017:2669
RHSA-2018:1854
https://access.redhat.com/errata/RHSA-2018:1854
USN-3754-1
https://usn.ubuntu.com/3754-1/
[oss-security] 20170404 Re: Linux kernel ping socket / AF_LLC connect() sin_family race
http://openwall.com/lists/oss-security/2017/04/04/8
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/net/ipv4/ping.c?id=43a6684519ab0a6c52024b5e25322476cabad893
https://github.com/danieljiang0415/android_kernel_crash_poc
https://github.com/torvalds/linux/commit/43a6684519ab0a6c52024b5e25322476cabad893
https://twitter.com/danieljiang0415/status/845116665184497664
Common Vulnerability Exposure (CVE) ID: CVE-2017-6001
BugTraq ID: 96264
http://www.securityfocus.com/bid/96264
Debian Security Information: DSA-3791 (Google Search)
http://www.openwall.com/lists/oss-security/2017/02/16/1
RedHat Security Advisories: RHSA-2018:1854
Common Vulnerability Exposure (CVE) ID: CVE-2017-7472
1038471
http://www.securitytracker.com/id/1038471
42136
https://www.exploit-db.com/exploits/42136/
98422
http://www.securityfocus.com/bid/98422
RHSA-2018:0151
https://access.redhat.com/errata/RHSA-2018:0151
RHSA-2018:0152
https://access.redhat.com/errata/RHSA-2018:0152
RHSA-2018:0181
https://access.redhat.com/errata/RHSA-2018:0181
SUSE-SU-2018:0011
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c9f838d104fed6f2f61d68164712e3204bf5271b
http://openwall.com/lists/oss-security/2017/05/11/1
https://bugzilla.novell.com/show_bug.cgi?id=1034862
https://bugzilla.redhat.com/show_bug.cgi?id=1442086
https://github.com/torvalds/linux/commit/c9f838d104fed6f2f61d68164712e3204bf5271b
https://lkml.org/lkml/2017/4/1/235
https://lkml.org/lkml/2017/4/3/724
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.13
Common Vulnerability Exposure (CVE) ID: CVE-2017-7618
BugTraq ID: 97534
http://www.securityfocus.com/bid/97534
http://marc.info/?l=linux-crypto-vger&m=149181655623850&w=2
Common Vulnerability Exposure (CVE) ID: CVE-2017-7645
BugTraq ID: 97950
http://www.securityfocus.com/bid/97950
Debian Security Information: DSA-3886 (Google Search)
http://www.debian.org/security/2017/dsa-3886
https://marc.info/?l=linux-nfs&m=149218228327497&w=2
https://marc.info/?l=linux-nfs&m=149247516212924&w=2
RedHat Security Advisories: RHSA-2017:1615
https://access.redhat.com/errata/RHSA-2017:1615
RedHat Security Advisories: RHSA-2017:1616
https://access.redhat.com/errata/RHSA-2017:1616
RedHat Security Advisories: RHSA-2017:1647
https://access.redhat.com/errata/RHSA-2017:1647
RedHat Security Advisories: RHSA-2018:1319
https://access.redhat.com/errata/RHSA-2018:1319
Common Vulnerability Exposure (CVE) ID: CVE-2017-7889
BugTraq ID: 97690
http://www.securityfocus.com/bid/97690
Debian Security Information: DSA-3945 (Google Search)
http://www.debian.org/security/2017/dsa-3945
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94
http://www.openwall.com/lists/oss-security/2017/04/16/4
https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94
https://usn.ubuntu.com/3583-1/
https://usn.ubuntu.com/3583-2/
Common Vulnerability Exposure (CVE) ID: CVE-2017-7895
BugTraq ID: 98085
http://www.securityfocus.com/bid/98085
RedHat Security Advisories: RHSA-2017:1715
https://access.redhat.com/errata/RHSA-2017:1715
RedHat Security Advisories: RHSA-2017:1723
https://access.redhat.com/errata/RHSA-2017:1723
RedHat Security Advisories: RHSA-2017:1766
https://access.redhat.com/errata/RHSA-2017:1766
RedHat Security Advisories: RHSA-2017:1798
https://access.redhat.com/errata/RHSA-2017:1798
RedHat Security Advisories: RHSA-2017:2412
https://access.redhat.com/errata/RHSA-2017:2412
RedHat Security Advisories: RHSA-2017:2428
https://access.redhat.com/errata/RHSA-2017:2428
RedHat Security Advisories: RHSA-2017:2429
https://access.redhat.com/errata/RHSA-2017:2429
RedHat Security Advisories: RHSA-2017:2472
https://access.redhat.com/errata/RHSA-2017:2472
RedHat Security Advisories: RHSA-2017:2732
https://access.redhat.com/errata/RHSA-2017:2732
CopyrightCopyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.