Test ID:	1.3.6.1.4.1.25623.1.0.843308
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3420-2)
Summary:	The remote host is missing an update for the 'linux-lts-xenial' package(s) announced via the USN-3420-2 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-lts-xenial' package(s) announced via the USN-3420-2 advisory. Vulnerability Insight: USN-3420-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-1000251) It was discovered that the Flash-Friendly File System (f2fs) implementation in the Linux kernel did not properly validate superblock metadata. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-10663) It was discovered that a buffer overflow existed in the ioctl handling code in the ISDN subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-12762) Pengfei Wang discovered that a race condition existed in the NXP SAA7164 TV Decoder driver for the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-8831) Affected Software/OS: 'linux-lts-xenial' package(s) on Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-1000251 BugTraq ID: 100809 http://www.securityfocus.com/bid/100809 CERT/CC vulnerability note: VU#240311 https://www.kb.cert.org/vuls/id/240311 Debian Security Information: DSA-3981 (Google Search) http://www.debian.org/security/2017/dsa-3981 https://www.exploit-db.com/exploits/42762/ https://github.com/torvalds/linux/commit/f2fcfcd670257236ebf2088bbdf26f6a8ef459fe https://www.armis.com/blueborne RedHat Security Advisories: RHSA-2017:2679 https://access.redhat.com/errata/RHSA-2017:2679 RedHat Security Advisories: RHSA-2017:2680 https://access.redhat.com/errata/RHSA-2017:2680 RedHat Security Advisories: RHSA-2017:2681 https://access.redhat.com/errata/RHSA-2017:2681 RedHat Security Advisories: RHSA-2017:2682 https://access.redhat.com/errata/RHSA-2017:2682 RedHat Security Advisories: RHSA-2017:2683 https://access.redhat.com/errata/RHSA-2017:2683 RedHat Security Advisories: RHSA-2017:2704 https://access.redhat.com/errata/RHSA-2017:2704 RedHat Security Advisories: RHSA-2017:2705 https://access.redhat.com/errata/RHSA-2017:2705 RedHat Security Advisories: RHSA-2017:2706 https://access.redhat.com/errata/RHSA-2017:2706 RedHat Security Advisories: RHSA-2017:2707 https://access.redhat.com/errata/RHSA-2017:2707 RedHat Security Advisories: RHSA-2017:2731 https://access.redhat.com/errata/RHSA-2017:2731 RedHat Security Advisories: RHSA-2017:2732 https://access.redhat.com/errata/RHSA-2017:2732 http://www.securitytracker.com/id/1039373 Common Vulnerability Exposure (CVE) ID: CVE-2017-10663 BugTraq ID: 100215 http://www.securityfocus.com/bid/100215 Common Vulnerability Exposure (CVE) ID: CVE-2017-12762 BugTraq ID: 100251 http://www.securityfocus.com/bid/100251 https://patchwork.kernel.org/patch/9880041/ http://www.openwall.com/lists/oss-security/2020/02/11/1 http://www.openwall.com/lists/oss-security/2020/02/11/2 http://www.openwall.com/lists/oss-security/2020/02/14/4 https://usn.ubuntu.com/3620-1/ https://usn.ubuntu.com/3620-2/ Common Vulnerability Exposure (CVE) ID: CVE-2017-8831 BugTraq ID: 99619 http://www.securityfocus.com/bid/99619 http://www.securityfocus.com/archive/1/540770/30/0/threaded https://bugzilla.kernel.org/show_bug.cgi?id=195559 https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html https://usn.ubuntu.com/3754-1/
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.