Test ID:	1.3.6.1.4.1.25623.1.0.843460
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3581-3)
Summary:	The remote host is missing an update for the 'linux-raspi2' package(s) announced via the USN-3581-3 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-raspi2' package(s) announced via the USN-3581-3 advisory. Vulnerability Insight: Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2017-17712) ChunYu Wang discovered that a use-after-free vulnerability existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code, (CVE-2017-15115) Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-8824) Affected Software/OS: 'linux-raspi2' package(s) on Ubuntu 17.10. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-15115 101877 http://www.securityfocus.com/bid/101877 SUSE-SU-2018:0011 http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html USN-3581-1 https://usn.ubuntu.com/3581-1/ USN-3581-2 https://usn.ubuntu.com/3581-2/ USN-3581-3 https://usn.ubuntu.com/3581-3/ USN-3582-1 https://usn.ubuntu.com/3582-1/ USN-3582-2 https://usn.ubuntu.com/3582-2/ USN-3583-1 https://usn.ubuntu.com/3583-1/ USN-3583-2 https://usn.ubuntu.com/3583-2/ [debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df80cd9b28b9ebaa284a41df611dbf3a2d05ca74 http://seclists.org/oss-sec/2017/q4/282 https://bugzilla.redhat.com/show_bug.cgi?id=1513345 https://github.com/torvalds/linux/commit/df80cd9b28b9ebaa284a41df611dbf3a2d05ca74 https://patchwork.ozlabs.org/patch/827077/ https://source.android.com/security/bulletin/pixel/2018-04-01 Common Vulnerability Exposure (CVE) ID: CVE-2017-17712 Debian Security Information: DSA-4073 (Google Search) https://www.debian.org/security/2017/dsa-4073 RedHat Security Advisories: RHSA-2018:0502 https://access.redhat.com/errata/RHSA-2018:0502 Common Vulnerability Exposure (CVE) ID: CVE-2017-8824 BugTraq ID: 102056 http://www.securityfocus.com/bid/102056 Debian Security Information: DSA-4082 (Google Search) https://www.debian.org/security/2018/dsa-4082 https://www.exploit-db.com/exploits/43234/ http://lists.openwall.net/netdev/2017/12/04/224 http://www.openwall.com/lists/oss-security/2017/12/05/1 RedHat Security Advisories: RHSA-2018:0399 https://access.redhat.com/errata/RHSA-2018:0399 RedHat Security Advisories: RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676 RedHat Security Advisories: RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062 RedHat Security Advisories: RHSA-2018:1130 https://access.redhat.com/errata/RHSA-2018:1130 RedHat Security Advisories: RHSA-2018:1170 https://access.redhat.com/errata/RHSA-2018:1170 RedHat Security Advisories: RHSA-2018:1216 https://access.redhat.com/errata/RHSA-2018:1216 RedHat Security Advisories: RHSA-2018:1319 https://access.redhat.com/errata/RHSA-2018:1319 RedHat Security Advisories: RHSA-2018:3822 https://access.redhat.com/errata/RHSA-2018:3822 SuSE Security Announcement: SUSE-SU-2018:0011 (Google Search)
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.