Test ID:	1.3.6.1.4.1.25623.1.0.843549
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3674-1)
Summary:	The remote host is missing an update for the 'linux' package(s) announced via the USN-3674-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux' package(s) announced via the USN-3674-1 advisory. Vulnerability Insight: It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-1068) It was discovered that a NULL pointer dereference existed in the RDS (Reliable Datagram Sockets) protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-7492) Eyal Itkin discovered that the USB displaylink video adapter driver in the Linux kernel did not properly validate mmap offsets sent from userspace. A local attacker could use this to expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2018-8781) Xingyuan Lin discovered that a out-of-bounds read existed in the USB Video Class (UVC) driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-0627) Affected Software/OS: 'linux' package(s) on Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-0627 BugTraq ID: 98205 http://www.securityfocus.com/bid/98205 https://usn.ubuntu.com/3674-1/ https://usn.ubuntu.com/3674-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-1068 BugTraq ID: 103459 http://www.securityfocus.com/bid/103459 Debian Security Information: DSA-4187 (Google Search) https://www.debian.org/security/2018/dsa-4187 Debian Security Information: DSA-4188 (Google Search) https://www.debian.org/security/2018/dsa-4188 https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https://marc.info/?l=linux-netdev&m=152023808817590&w=2 https://marc.info/?l=linux-netdev&m=152025888924151&w=2 RedHat Security Advisories: RHSA-2018:1318 https://access.redhat.com/errata/RHSA-2018:1318 RedHat Security Advisories: RHSA-2018:1355 https://access.redhat.com/errata/RHSA-2018:1355 RedHat Security Advisories: RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948 RedHat Security Advisories: RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1170 RedHat Security Advisories: RHSA-2019:1190 https://access.redhat.com/errata/RHSA-2019:1190 RedHat Security Advisories: RHSA-2019:4159 https://access.redhat.com/errata/RHSA-2019:4159 https://usn.ubuntu.com/3654-1/ https://usn.ubuntu.com/3654-2/ https://usn.ubuntu.com/3656-1/ https://usn.ubuntu.com/3677-1/ https://usn.ubuntu.com/3677-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-7492 BugTraq ID: 103185 http://www.securityfocus.com/bid/103185 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3069c6d33f6ae63a1668737bc78aaaa51bff7ca https://bugzilla.redhat.com/show_bug.cgi?id=1527393 https://github.com/torvalds/linux/commit/f3069c6d33f6ae63a1668737bc78aaaa51bff7ca https://patchwork.kernel.org/patch/10096441/ https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.7 https://xorl.wordpress.com/2017/12/18/linux-kernel-rdma-null-pointer-dereference/ https://usn.ubuntu.com/3619-1/ https://usn.ubuntu.com/3619-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8781 https://patchwork.freedesktop.org/patch/211845/ https://research.checkpoint.com/mmap-vulnerabilities-linux-kernel/ RedHat Security Advisories: RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3083 RedHat Security Advisories: RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2018:3096
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.