Test ID:	1.3.6.1.4.1.25623.1.0.843397
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3508-1)
Summary:	The remote host is missing an update for the 'linux, linux-raspi2' package(s) announced via the USN-3508-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux, linux-raspi2' package(s) announced via the USN-3508-1 advisory. Vulnerability Insight: Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16939) It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service (application crashes) or possibly gain administrative privileges. (CVE-2017-1000405) Yonggang Guo discovered that a race condition existed in the driver subsystem in the Linux kernel. A local attacker could use this to possibly gain administrative privileges. (CVE-2017-12146) Affected Software/OS: 'linux, linux-raspi2' package(s) on Ubuntu 17.04. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-1000405 BugTraq ID: 102032 http://www.securityfocus.com/bid/102032 https://www.exploit-db.com/exploits/43199/ https://medium.com/bindecy/huge-dirty-cow-cve-2017-1000405-110eca132de0 RedHat Security Advisories: RHSA-2018:0180 https://access.redhat.com/errata/RHSA-2018:0180 http://www.securitytracker.com/id/1040020 Common Vulnerability Exposure (CVE) ID: CVE-2017-12146 BugTraq ID: 100651 http://www.securityfocus.com/bid/100651 Debian Security Information: DSA-3981 (Google Search) http://www.debian.org/security/2017/dsa-3981 Common Vulnerability Exposure (CVE) ID: CVE-2017-16939 BugTraq ID: 101954 http://www.securityfocus.com/bid/101954 Debian Security Information: DSA-4082 (Google Search) https://www.debian.org/security/2018/dsa-4082 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1137b5e2529a8f5ca8ee709288ecba3e68044df2 http://seclists.org/fulldisclosure/2017/Nov/40 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.11 https://blogs.securiteam.com/index.php/archives/3535 https://bugzilla.suse.com/show_bug.cgi?id=1069702 https://github.com/torvalds/linux/commit/1137b5e2529a8f5ca8ee709288ecba3e68044df2 https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html RedHat Security Advisories: RHSA-2018:1318 https://access.redhat.com/errata/RHSA-2018:1318 RedHat Security Advisories: RHSA-2018:1355 https://access.redhat.com/errata/RHSA-2018:1355 RedHat Security Advisories: RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1170 RedHat Security Advisories: RHSA-2019:1190 https://access.redhat.com/errata/RHSA-2019:1190 SuSE Security Announcement: SUSE-SU-2018:0011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.