Test ID:	1.3.6.1.4.1.25623.1.0.843455
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3582-1)
Summary:	The remote host is missing an update for the 'linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon' package(s) announced via the USN-3582-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon' package(s) announced via the USN-3582-1 advisory. Vulnerability Insight: Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2017-17712) Laurent Guerby discovered that the mbcache feature in the ext2 and ext4 filesystems in the Linux kernel improperly handled xattr block caching. A local attacker could use this to cause a denial of service. (CVE-2015-8952) Vitaly Mayatskikh discovered that the SCSI subsystem in the Linux kernel did not properly track reference counts when merging buffers. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2017-12190) ChunYu Wang discovered that a use-after-free vulnerability existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code, (CVE-2017-15115) Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-8824) USN-3540-1 mitigated CVE-2017-5715 (Spectre Variant 2) for the amd64 architecture in Ubuntu 16.04 LTS. This update provides the compiler-based retpoline kernel mitigation for the amd64 and i386 architectures. Original advisory details: Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715) Affected Software/OS: 'linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon' package(s) on Ubuntu 16.04. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8952 http://www.openwall.com/lists/oss-security/2016/08/22/2 http://www.openwall.com/lists/oss-security/2016/08/25/4 https://usn.ubuntu.com/3582-1/ https://usn.ubuntu.com/3582-2/ Common Vulnerability Exposure (CVE) ID: CVE-2017-12190 101911 http://www.securityfocus.com/bid/101911 RHSA-2018:0654 https://access.redhat.com/errata/RHSA-2018:0654 RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676 RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062 RHSA-2018:1854 https://access.redhat.com/errata/RHSA-2018:1854 RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1170 RHSA-2019:1190 https://access.redhat.com/errata/RHSA-2019:1190 USN-3582-1 USN-3582-2 USN-3583-1 https://usn.ubuntu.com/3583-1/ USN-3583-2 https://usn.ubuntu.com/3583-2/ [debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2b04e8f6bbb196cab4b232af0f8d48ff2c7a8058 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=95d78c28b5a85bacbc29b8dba7c04babb9b0d467 http://seclists.org/oss-sec/2017/q4/52 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8 https://bugzilla.redhat.com/show_bug.cgi?id=1495089 https://github.com/torvalds/linux/commit/2b04e8f6bbb196cab4b232af0f8d48ff2c7a8058 https://github.com/torvalds/linux/commit/95d78c28b5a85bacbc29b8dba7c04babb9b0d467 https://support.f5.com/csp/article/K93472064?utm_source=f5support&amp%3Butm_medium=RSS Common Vulnerability Exposure (CVE) ID: CVE-2017-15115 101877 http://www.securityfocus.com/bid/101877 SUSE-SU-2018:0011 http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html USN-3581-1 https://usn.ubuntu.com/3581-1/ USN-3581-2 https://usn.ubuntu.com/3581-2/ USN-3581-3 https://usn.ubuntu.com/3581-3/ http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df80cd9b28b9ebaa284a41df611dbf3a2d05ca74 http://seclists.org/oss-sec/2017/q4/282 https://bugzilla.redhat.com/show_bug.cgi?id=1513345 https://github.com/torvalds/linux/commit/df80cd9b28b9ebaa284a41df611dbf3a2d05ca74 https://patchwork.ozlabs.org/patch/827077/ https://source.android.com/security/bulletin/pixel/2018-04-01 Common Vulnerability Exposure (CVE) ID: CVE-2017-17712 Debian Security Information: DSA-4073 (Google Search) https://www.debian.org/security/2017/dsa-4073 RedHat Security Advisories: RHSA-2018:0502 https://access.redhat.com/errata/RHSA-2018:0502 Common Vulnerability Exposure (CVE) ID: CVE-2017-5715 BugTraq ID: 102376 http://www.securityfocus.com/bid/102376 Bugtraq: 20190624 [SECURITY] [DSA 4469-1] libvirt security update (Google Search) https://seclists.org/bugtraq/2019/Jun/36 Bugtraq: 20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu (Google Search) https://seclists.org/bugtraq/2019/Nov/16 CERT/CC vulnerability note: VU#180049 https://www.kb.cert.org/vuls/id/180049 CERT/CC vulnerability note: VU#584653 http://www.kb.cert.org/vuls/id/584653 Cisco Security Advisory: 20180104 CPU Side-Channel Information Disclosure Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel Debian Security Information: DSA-4120 (Google Search) https://www.debian.org/security/2018/dsa-4120 Debian Security Information: DSA-4187 (Google Search) https://www.debian.org/security/2018/dsa-4187 Debian Security Information: DSA-4188 (Google Search) https://www.debian.org/security/2018/dsa-4188 Debian Security Information: DSA-4213 (Google Search) https://www.debian.org/security/2018/dsa-4213 https://www.exploit-db.com/exploits/43427/ FreeBSD Security Advisory: FreeBSD-SA-19:26 https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc https://security.gentoo.org/glsa/201810-06 http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html https://spectreattack.com/ https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html RedHat Security Advisories: RHSA-2018:0292 https://access.redhat.com/errata/RHSA-2018:0292 http://www.securitytracker.com/id/1040071 SuSE Security Announcement: SUSE-SU-2018:0006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html SuSE Security Announcement: SUSE-SU-2018:0007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html SuSE Security Announcement: SUSE-SU-2018:0008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html SuSE Security Announcement: SUSE-SU-2018:0009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html SuSE Security Announcement: SUSE-SU-2018:0010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html SuSE Security Announcement: SUSE-SU-2018:0011 (Google Search) SuSE Security Announcement: SUSE-SU-2018:0012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html SuSE Security Announcement: SUSE-SU-2018:0019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html SuSE Security Announcement: SUSE-SU-2018:0020 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html SuSE Security Announcement: openSUSE-SU-2018:0013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html SuSE Security Announcement: openSUSE-SU-2018:0022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html SuSE Security Announcement: openSUSE-SU-2018:0023 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html https://usn.ubuntu.com/usn/usn-3516-1/ https://usn.ubuntu.com/3531-1/ https://usn.ubuntu.com/3531-3/ https://usn.ubuntu.com/3540-2/ https://usn.ubuntu.com/3541-2/ https://usn.ubuntu.com/3542-2/ https://usn.ubuntu.com/3549-1/ https://usn.ubuntu.com/3560-1/ https://usn.ubuntu.com/3561-1/ https://usn.ubuntu.com/3580-1/ https://usn.ubuntu.com/3594-1/ https://usn.ubuntu.com/3597-1/ https://usn.ubuntu.com/3597-2/ https://usn.ubuntu.com/3620-2/ https://usn.ubuntu.com/3690-1/ https://usn.ubuntu.com/3777-3/ Common Vulnerability Exposure (CVE) ID: CVE-2017-8824 BugTraq ID: 102056 http://www.securityfocus.com/bid/102056 Debian Security Information: DSA-4082 (Google Search) https://www.debian.org/security/2018/dsa-4082 https://www.exploit-db.com/exploits/43234/ http://lists.openwall.net/netdev/2017/12/04/224 http://www.openwall.com/lists/oss-security/2017/12/05/1 RedHat Security Advisories: RHSA-2018:0399 https://access.redhat.com/errata/RHSA-2018:0399 RedHat Security Advisories: RHSA-2018:0676 RedHat Security Advisories: RHSA-2018:1062 RedHat Security Advisories: RHSA-2018:1130 https://access.redhat.com/errata/RHSA-2018:1130 RedHat Security Advisories: RHSA-2018:1170 https://access.redhat.com/errata/RHSA-2018:1170 RedHat Security Advisories: RHSA-2018:1216 https://access.redhat.com/errata/RHSA-2018:1216 RedHat Security Advisories: RHSA-2018:1319 https://access.redhat.com/errata/RHSA-2018:1319 RedHat Security Advisories: RHSA-2018:3822 https://access.redhat.com/errata/RHSA-2018:3822
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.