Test ID:	1.3.6.1.4.1.25623.1.0.843354
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3469-2)
Summary:	The remote host is missing an update for the 'linux-lts-xenial' package(s) announced via the USN-3469-2 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-lts-xenial' package(s) announced via the USN-3469-2 advisory. Vulnerability Insight: USN-3469-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Anthony Perard discovered that the Xen virtual block driver did not properly initialize some data structures before passing them to user space. A local attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2017-10911) Bo Zhang discovered that the netlink wireless configuration interface in the Linux kernel did not properly validate attributes when handling certain requests. A local attacker with the CAP_NET_ADMIN could use this to cause a denial of service (system crash). (CVE-2017-12153) It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service (system crash). It was discovered that the key management subsystem in the Linux kernel did not properly restrict key reads on negatively instantiated keys. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-12192) It was discovered that an integer overflow existed in the sysfs interface for the QLogic 24xx+ series SCSI driver in the Linux kernel. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2017-14051) It was discovered that the ATI Radeon framebuffer driver in the Linux kernel did not properly initialize a data structure returned to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-14156) Dave Chinner discovered that the XFS filesystem did not enforce that the realtime inode flag was settable only on filesystems on a realtime device. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-14340) ChunYu Wang discovered that the iSCSI transport implementation in the Linux kernel did not properly validate data structures. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-14489) It was discovered that the generic SCSI driver in the Linux kernel did not properly initialize data returned to user space in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-14991) Dmitry Vyukov discovered that the Floating Point Unit (fpu) subsystem in the Linux kernel did not properly handle attempts to set reserved bits in a task's extended state (xstate) area. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-15537) Pengfei Wang discovered that the Turtle Beach MultiSound audio device driver in the Linux kernel contained race conditions when fetching from the ring-buffer. A local ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'linux-lts-xenial' package(s) on Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-10911 BugTraq ID: 99162 http://www.securityfocus.com/bid/99162 Debian Security Information: DSA-3920 (Google Search) http://www.debian.org/security/2017/dsa-3920 Debian Security Information: DSA-3927 (Google Search) http://www.debian.org/security/2017/dsa-3927 Debian Security Information: DSA-3945 (Google Search) http://www.debian.org/security/2017/dsa-3945 https://security.gentoo.org/glsa/201708-03 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html http://www.securitytracker.com/id/1038720 Common Vulnerability Exposure (CVE) ID: CVE-2017-12153 100855 http://www.securityfocus.com/bid/100855 DSA-3981 http://www.debian.org/security/2017/dsa-3981 USN-3583-1 https://usn.ubuntu.com/3583-1/ USN-3583-2 https://usn.ubuntu.com/3583-2/ http://seclists.org/oss-sec/2017/q3/437 https://bugzilla.novell.com/show_bug.cgi?id=1058410 https://bugzilla.redhat.com/show_bug.cgi?id=1491046 https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git/commit/?id=e785fa0a164aa11001cba931367c7f94ffaff888 https://marc.info/?t=150525503100001&r=1&w=2 Common Vulnerability Exposure (CVE) ID: CVE-2017-12154 100856 http://www.securityfocus.com/bid/100856 RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676 RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062 RHSA-2019:1946 https://access.redhat.com/errata/RHSA-2019:1946 USN-3698-1 https://usn.ubuntu.com/3698-1/ USN-3698-2 https://usn.ubuntu.com/3698-2/ http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51aa68e7d57e3217192d88ce90fd5b8ef29ec94f https://bugzilla.redhat.com/show_bug.cgi?id=1491224 https://github.com/torvalds/linux/commit/51aa68e7d57e3217192d88ce90fd5b8ef29ec94f https://www.spinics.net/lists/kvm/msg155414.html Common Vulnerability Exposure (CVE) ID: CVE-2017-12192 RHSA-2018:0151 https://access.redhat.com/errata/RHSA-2018:0151 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=37863c43b2c6464f252862bf2e9768264e961678 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.5 https://bugzilla.redhat.com/show_bug.cgi?id=1493435 https://github.com/torvalds/linux/commit/37863c43b2c6464f252862bf2e9768264e961678 https://lkml.org/lkml/2017/9/18/764 Common Vulnerability Exposure (CVE) ID: CVE-2017-14051 BugTraq ID: 100571 http://www.securityfocus.com/bid/100571 https://bugzilla.kernel.org/show_bug.cgi?id=194061 https://patchwork.kernel.org/patch/9929625/ https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html Common Vulnerability Exposure (CVE) ID: CVE-2017-14156 BugTraq ID: 100634 http://www.securityfocus.com/bid/100634 Debian Security Information: DSA-3981 (Google Search) https://github.com/torvalds/linux/pull/441 https://marc.info/?l=linux-kernel&m=150401461613306&w=2 https://marc.info/?l=linux-kernel&m=150453196710422&w=2 Common Vulnerability Exposure (CVE) ID: CVE-2017-14340 BugTraq ID: 100851 http://www.securityfocus.com/bid/100851 RedHat Security Advisories: RHSA-2017:2918 https://access.redhat.com/errata/RHSA-2017:2918 Common Vulnerability Exposure (CVE) ID: CVE-2017-14489 BugTraq ID: 101011 http://www.securityfocus.com/bid/101011 https://www.exploit-db.com/exploits/42932/ Common Vulnerability Exposure (CVE) ID: CVE-2017-14991 BugTraq ID: 101187 http://www.securityfocus.com/bid/101187 https://usn.ubuntu.com/3754-1/ Common Vulnerability Exposure (CVE) ID: CVE-2017-15537 Common Vulnerability Exposure (CVE) ID: CVE-2017-9984 BugTraq ID: 99314 http://www.securityfocus.com/bid/99314 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e2b791796bd68816fa115f12be5320de2b8021 https://bugzilla.kernel.org/show_bug.cgi?id=196131 https://github.com/torvalds/linux/commit/20e2b791796bd68816fa115f12be5320de2b8021 Common Vulnerability Exposure (CVE) ID: CVE-2017-9985 BugTraq ID: 99335 http://www.securityfocus.com/bid/99335 https://bugzilla.kernel.org/show_bug.cgi?id=196133
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.