Test ID:	1.3.6.1.4.1.25623.1.0.843559
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3678-3)
Summary:	The remote host is missing an update for the 'linux-azure' package(s) announced via the USN-3678-3 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-azure' package(s) announced via the USN-3678-3 advisory. Vulnerability Insight: Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service (system crash) when mounted. (CVE-2018-1092) It was discovered that the 802.11 software simulator implementation in the Linux kernel contained a memory leak when handling certain error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2018-8087) It was discovered that a memory leak existed in the Serial Attached SCSI (SAS) implementation in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-10021) Affected Software/OS: 'linux-azure' package(s) on Ubuntu 18.04. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-10021 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=318aaf34f1179b39fa9c30fa0f3288b645beee39 https://bugzilla.suse.com/show_bug.cgi?id=1089281 https://github.com/torvalds/linux/commit/318aaf34f1179b39fa9c30fa0f3288b645beee39 https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html https://usn.ubuntu.com/3678-1/ https://usn.ubuntu.com/3678-2/ https://usn.ubuntu.com/3678-3/ https://usn.ubuntu.com/3678-4/ https://usn.ubuntu.com/3696-1/ https://usn.ubuntu.com/3696-2/ https://usn.ubuntu.com/3754-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-1092 DSA-4187 https://www.debian.org/security/2018/dsa-4187 DSA-4188 https://www.debian.org/security/2018/dsa-4188 RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948 RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3083 RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2018:3096 USN-3676-1 https://usn.ubuntu.com/3676-1/ USN-3676-2 https://usn.ubuntu.com/3676-2/ USN-3677-1 https://usn.ubuntu.com/3677-1/ USN-3677-2 https://usn.ubuntu.com/3677-2/ USN-3678-1 USN-3678-2 USN-3678-3 USN-3678-4 USN-3754-1 [debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html http://openwall.com/lists/oss-security/2018/03/29/1 https://bugzilla.kernel.org/show_bug.cgi?id=199179 https://bugzilla.kernel.org/show_bug.cgi?id=199275 https://bugzilla.redhat.com/show_bug.cgi?id=1560777 https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=8e4b5eae5decd9dfe5a4ee369c22028f90ab4c44 Common Vulnerability Exposure (CVE) ID: CVE-2018-8087 BugTraq ID: 103397 http://www.securityfocus.com/bid/103397 Debian Security Information: DSA-4188 (Google Search) http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ddcff49b672239dda94d70d0fcf50317a9f4b51 https://github.com/torvalds/linux/commit/0ddcff49b672239dda94d70d0fcf50317a9f4b51 RedHat Security Advisories: RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2029 RedHat Security Advisories: RHSA-2019:2043 https://access.redhat.com/errata/RHSA-2019:2043
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.