English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.843298
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-3405-2)
Summary:The remote host is missing an update for the 'linux-lts-xenial' package(s) announced via the USN-3405-2 advisory.
Description:Summary:
The remote host is missing an update for the 'linux-lts-xenial' package(s) announced via the USN-3405-2 advisory.

Vulnerability Insight:
USN-3405-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.

It was discovered that a use-after-free vulnerability existed in the POSIX
message queue implementation in the Linux kernel. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-11176)

Huang Weller discovered that the ext4 filesystem implementation in the
Linux kernel mishandled a needs-flushing-before-commit list. A local
attacker could use this to expose sensitive information. (CVE-2017-7495)

It was discovered that a buffer overflow existed in the Broadcom FullMAC
WLAN driver in the Linux kernel. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2017-7541)

It was discovered that the Linux kernel did not honor the UEFI secure boot
mode when performing a kexec operation. A local attacker could use this to
bypass secure boot restrictions. (CVE-2015-7837)

Affected Software/OS:
'linux-lts-xenial' package(s) on Ubuntu 14.04.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-7837
BugTraq ID: 77097
http://www.securityfocus.com/bid/77097
http://www.openwall.com/lists/oss-security/2015/10/15/6
RedHat Security Advisories: RHSA-2015:2152
http://rhn.redhat.com/errata/RHSA-2015-2152.html
RedHat Security Advisories: RHSA-2015:2411
http://rhn.redhat.com/errata/RHSA-2015-2411.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-11176
BugTraq ID: 99919
http://www.securityfocus.com/bid/99919
Debian Security Information: DSA-3927 (Google Search)
http://www.debian.org/security/2017/dsa-3927
Debian Security Information: DSA-3945 (Google Search)
http://www.debian.org/security/2017/dsa-3945
https://www.exploit-db.com/exploits/45553/
RedHat Security Advisories: RHSA-2017:2918
https://access.redhat.com/errata/RHSA-2017:2918
RedHat Security Advisories: RHSA-2017:2930
https://access.redhat.com/errata/RHSA-2017:2930
RedHat Security Advisories: RHSA-2017:2931
https://access.redhat.com/errata/RHSA-2017:2931
RedHat Security Advisories: RHSA-2018:0169
https://access.redhat.com/errata/RHSA-2018:0169
RedHat Security Advisories: RHSA-2018:3822
https://access.redhat.com/errata/RHSA-2018:3822
Common Vulnerability Exposure (CVE) ID: CVE-2017-7495
98491
http://www.securityfocus.com/bid/98491
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=06bd3c36a733ac27962fea7d6f47168841376824
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.2
http://www.openwall.com/lists/oss-security/2017/05/15/2
https://bugzilla.redhat.com/show_bug.cgi?id=1450261
https://github.com/torvalds/linux/commit/06bd3c36a733ac27962fea7d6f47168841376824
https://source.android.com/security/bulletin/2017-09-01
Common Vulnerability Exposure (CVE) ID: CVE-2017-7541
1038981
http://www.securitytracker.com/id/1038981
99955
http://www.securityfocus.com/bid/99955
DSA-3927
DSA-3945
RHSA-2017:2863
https://access.redhat.com/errata/RHSA-2017:2863
RHSA-2017:2918
RHSA-2017:2930
RHSA-2017:2931
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f44c9a41386729fea410e688959ddaa9d51be7c
http://openwall.com/lists/oss-security/2017/07/24/2
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.3
https://bugzilla.novell.com/show_bug.cgi?id=1049645
https://bugzilla.redhat.com/show_bug.cgi?id=1473198
https://github.com/torvalds/linux/commit/8f44c9a41386729fea410e688959ddaa9d51be7c
https://source.android.com/security/bulletin/2017-11-01
https://www.spinics.net/lists/stable/msg180994.html
CopyrightCopyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.