Test ID:	1.3.6.1.4.1.25623.1.0.843500
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3617-3)
Summary:	The remote host is missing an update for the 'linux-raspi2' package(s) announced via the USN-3617-3 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-raspi2' package(s) announced via the USN-3617-3 advisory. Vulnerability Insight: It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-0861) It was discovered that a use-after-free vulnerability existed in the network namespaces implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-15129) Andrey Konovalov discovered that the usbtest device driver in the Linux kernel did not properly validate endpoint metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16532) Andrey Konovalov discovered that the SoundGraph iMON USB driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16537) Andrey Konovalov discovered that the IMS Passenger Control Unit USB driver in the Linux kernel did not properly validate device descriptors. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16645) Andrey Konovalov discovered that the DiBcom DiB0700 USB DVB driver in the Linux kernel did not properly handle detach events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16646) Andrey Konovalov discovered that the ASIX Ethernet USB driver in the Linux kernel did not properly handle suspend and resume events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16647) Andrey Konovalov discovered that the CDC USB Ethernet driver did not properly validate device descriptors. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16649) Andrey Konovalov discovered that the QMI WWAN USB driver did not properly validate device descriptors. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16650) It was discovered that the HugeTLB component of the Linux kernel did not properly handle holes in hugetlb ranges. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-16994) It was discovered that the netfilter component of the Linux did not properly restrict access to the connection tracking helpers list. A local attacker could use this to bypass intended access restrictions. (CVE-2017-17448) It was discovered that the netfilter passive OS fingerprinting (xt_osf) module did not properly perform access control checks. A local attacker could improperly modify the system-wide OS fingerprint list. (CVE-2017-17450) Dmitry Vyukov discovered that the KVM implementation in the Linux kernel contained an out-of-bounds read when ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'linux-raspi2' package(s) on Ubuntu 17.10. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-0861 BugTraq ID: 102329 http://www.securityfocus.com/bid/102329 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=362bca57f5d78220f8b5907b875961af9436e229 https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://security-tracker.debian.org/tracker/CVE-2017-0861 https://source.android.com/security/bulletin/pixel/2017-11-01 Debian Security Information: DSA-4187 (Google Search) https://www.debian.org/security/2018/dsa-4187 https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html http://lists.alioth.debian.org/pipermail/secure-testing-commits/2017-December/059967.html RedHat Security Advisories: RHSA-2018:2390 https://access.redhat.com/errata/RHSA-2018:2390 RedHat Security Advisories: RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3083 RedHat Security Advisories: RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2018:3096 RedHat Security Advisories: RHSA-2020:0036 https://access.redhat.com/errata/RHSA-2020:0036 https://usn.ubuntu.com/3583-1/ https://usn.ubuntu.com/3583-2/ https://usn.ubuntu.com/3617-1/ https://usn.ubuntu.com/3617-2/ https://usn.ubuntu.com/3617-3/ https://usn.ubuntu.com/3619-1/ https://usn.ubuntu.com/3619-2/ https://usn.ubuntu.com/3632-1/ Common Vulnerability Exposure (CVE) ID: CVE-2017-15129 102485 http://www.securityfocus.com/bid/102485 RHSA-2018:0654 https://access.redhat.com/errata/RHSA-2018:0654 RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676 RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062 RHSA-2019:1946 https://access.redhat.com/errata/RHSA-2019:1946 USN-3617-1 USN-3617-2 USN-3617-3 USN-3619-1 USN-3619-2 USN-3632-1 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=21b5944350052d2583e82dd59b19a9ba94a007f0 http://seclists.org/oss-sec/2018/q1/7 https://access.redhat.com/security/cve/CVE-2017-15129 https://bugzilla.redhat.com/show_bug.cgi?id=1531174 https://github.com/torvalds/linux/commit/21b5944350052d2583e82dd59b19a9ba94a007f0 https://marc.info/?l=linux-netdev&m=151370451121029&w=2 https://marc.info/?t=151370468900001&r=1&w=2 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.11 Common Vulnerability Exposure (CVE) ID: CVE-2017-16532 https://github.com/torvalds/linux/commit/7c80f9e4a588f1925b07134bb2e3689335f6c6d8 https://groups.google.com/d/msg/syzkaller/l3870gs3LhA/y79DYQdFBAAJ https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html https://usn.ubuntu.com/3754-1/ Common Vulnerability Exposure (CVE) ID: CVE-2017-16537 https://groups.google.com/d/msg/syzkaller/bBFN8imrjjo/-5jCl8EiCQAJ https://patchwork.kernel.org/patch/9994017/ Common Vulnerability Exposure (CVE) ID: CVE-2017-16645 BugTraq ID: 101768 http://www.securityfocus.com/bid/101768 https://github.com/torvalds/linux/commit/ea04efee7635c9120d015dcdeeeb6988130cb67a https://groups.google.com/d/msg/syzkaller/q6jjr1OhqO8/WcA99AVFBAAJ Common Vulnerability Exposure (CVE) ID: CVE-2017-16646 BugTraq ID: 101846 http://www.securityfocus.com/bid/101846 https://groups.google.com/d/msg/syzkaller/-d6ilzbVu_g/OBy8_62mAwAJ https://patchwork.linuxtv.org/patch/45291/ Common Vulnerability Exposure (CVE) ID: CVE-2017-16647 BugTraq ID: 101767 http://www.securityfocus.com/bid/101767 https://groups.google.com/d/msg/syzkaller/_9a6pd-p_0E/OnmnplQuAgAJ https://patchwork.ozlabs.org/patch/834686/ Common Vulnerability Exposure (CVE) ID: CVE-2017-16649 BugTraq ID: 101761 http://www.securityfocus.com/bid/101761 https://groups.google.com/d/msg/syzkaller/0e0gmaX9R0g/9Me9JcY2BQAJ https://patchwork.ozlabs.org/patch/834771/ https://usn.ubuntu.com/3822-1/ https://usn.ubuntu.com/3822-2/ Common Vulnerability Exposure (CVE) ID: CVE-2017-16650 BugTraq ID: 101791 http://www.securityfocus.com/bid/101791 https://patchwork.ozlabs.org/patch/834770/ Common Vulnerability Exposure (CVE) ID: CVE-2017-16994 BugTraq ID: 101969 http://www.securityfocus.com/bid/101969 https://www.exploit-db.com/exploits/43178/ RedHat Security Advisories: RHSA-2018:0502 https://access.redhat.com/errata/RHSA-2018:0502 Common Vulnerability Exposure (CVE) ID: CVE-2017-17448 BugTraq ID: 102117 http://www.securityfocus.com/bid/102117 Debian Security Information: DSA-4073 (Google Search) https://www.debian.org/security/2017/dsa-4073 Debian Security Information: DSA-4082 (Google Search) https://www.debian.org/security/2018/dsa-4082 https://patchwork.kernel.org/patch/10089373/ RedHat Security Advisories: RHSA-2018:0654 RedHat Security Advisories: RHSA-2018:0676 RedHat Security Advisories: RHSA-2018:1062 https://usn.ubuntu.com/3620-1/ https://usn.ubuntu.com/3620-2/ Common Vulnerability Exposure (CVE) ID: CVE-2017-17450 BugTraq ID: 102110 http://www.securityfocus.com/bid/102110 https://lkml.org/lkml/2017/12/5/982 SuSE Security Announcement: SUSE-SU-2018:0011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html Common Vulnerability Exposure (CVE) ID: CVE-2017-17741 BugTraq ID: 102227 http://www.securityfocus.com/bid/102227 https://www.spinics.net/lists/kvm/msg160796.html https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html Common Vulnerability Exposure (CVE) ID: CVE-2017-17805 BugTraq ID: 102291 http://www.securityfocus.com/bid/102291 RedHat Security Advisories: RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948 RedHat Security Advisories: RHSA-2019:2473 https://access.redhat.com/errata/RHSA-2019:2473 SuSE Security Announcement: SUSE-SU-2018:0010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html SuSE Security Announcement: SUSE-SU-2018:0012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html SuSE Security Announcement: openSUSE-SU-2018:0022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html SuSE Security Announcement: openSUSE-SU-2018:0023 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html Common Vulnerability Exposure (CVE) ID: CVE-2017-17806 BugTraq ID: 102293 http://www.securityfocus.com/bid/102293 Common Vulnerability Exposure (CVE) ID: CVE-2017-17807 BugTraq ID: 102301 http://www.securityfocus.com/bid/102301 Common Vulnerability Exposure (CVE) ID: CVE-2017-18204 BugTraq ID: 103183 http://www.securityfocus.com/bid/103183 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=28f5a8a7c033cbf3e32277f4cc9c6afd74f05300 https://github.com/torvalds/linux/commit/28f5a8a7c033cbf3e32277f4cc9c6afd74f05300 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.2 https://usn.ubuntu.com/3655-1/ https://usn.ubuntu.com/3655-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-1000026 https://patchwork.ozlabs.org/patch/859410/ https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html http://lists.openwall.net/netdev/2018/01/16/40 http://lists.openwall.net/netdev/2018/01/18/96 Common Vulnerability Exposure (CVE) ID: CVE-2018-5332 BugTraq ID: 102507 http://www.securityfocus.com/bid/102507 RedHat Security Advisories: RHSA-2018:0470 https://access.redhat.com/errata/RHSA-2018:0470 Common Vulnerability Exposure (CVE) ID: CVE-2018-5333 BugTraq ID: 102510 http://www.securityfocus.com/bid/102510 http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html Common Vulnerability Exposure (CVE) ID: CVE-2018-5344 BugTraq ID: 102503 http://www.securityfocus.com/bid/102503 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ae6650163c66a7eff1acd6eb8b0f752dcfa8eba5 https://github.com/torvalds/linux/commit/ae6650163c66a7eff1acd6eb8b0f752dcfa8eba5
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.