Ubuntu Local Security Checks : Ubuntu: Security Advisory (USN-3445-1)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.843326
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3445-1)
Summary:	The remote host is missing an update for the 'linux' package(s) announced via the USN-3445-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux' package(s) announced via the USN-3445-1 advisory. Vulnerability Insight: Eyal Itkin discovered that the IP over IEEE 1394 (FireWire) implementation in the Linux kernel contained a buffer overflow when handling fragmented packets. A remote attacker could use this to possibly execute arbitrary code with administrative privileges. (CVE-2016-8633) Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-14106) Affected Software/OS: 'linux' package(s) on Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 6.2 CVSS Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-8633 94149 http://www.securityfocus.com/bid/94149 RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676 RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062 RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1170 RHSA-2019:1190 https://access.redhat.com/errata/RHSA-2019:1190 [oss-security] 20161106 Re: [engineering.redhat.com #426293] CVE Request - firewire driver RCE - linux 4.8 http://www.openwall.com/lists/oss-security/2016/11/06/1 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7 https://bugzilla.redhat.com/show_bug.cgi?id=1391490 https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/ https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac Common Vulnerability Exposure (CVE) ID: CVE-2017-14106 BugTraq ID: 100878 http://www.securityfocus.com/bid/100878 Debian Security Information: DSA-3981 (Google Search) http://www.debian.org/security/2017/dsa-3981 RedHat Security Advisories: RHSA-2017:2918 https://access.redhat.com/errata/RHSA-2017:2918 RedHat Security Advisories: RHSA-2017:2930 https://access.redhat.com/errata/RHSA-2017:2930 RedHat Security Advisories: RHSA-2017:2931 https://access.redhat.com/errata/RHSA-2017:2931 RedHat Security Advisories: RHSA-2017:3200 https://access.redhat.com/errata/RHSA-2017:3200 RedHat Security Advisories: RHSA-2018:2172 https://access.redhat.com/errata/RHSA-2018:2172 http://www.securitytracker.com/id/1039549 SuSE Security Announcement: SUSE-SU-2018:0011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
Copyright	Copyright (C) 2017 Greenbone AG