Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.843559
Category:Ubuntu Local Security Checks
Title:Ubuntu Update for linux-azure USN-3678-3
Summary:The remote host is missing an update for the 'linux-azure'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'linux-azure'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Wen Xu discovered that the ext4 filesystem
implementation in the Linux kernel did not properly handle corrupted meta data
in some situations. An attacker could use this to specially craft an ext4 file
system that caused a denial of service (system crash) when mounted. (CVE-2018-1092)

It was discovered that the 802.11 software simulator implementation in the
Linux kernel contained a memory leak when handling certain error
conditions. A local attacker could possibly use this to cause a denial of
service (memory exhaustion). (CVE-2018-8087)

It was discovered that a memory leak existed in the Serial Attached SCSI
(SAS) implementation in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (memory exhaustion).
(CVE-2018-10021)

Affected Software/OS:
linux-azure on Ubuntu 18.04 LTS

Solution:
Please install the updated packages.

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-1092
Debian Security Information: DSA-4187 (Google Search)
https://www.debian.org/security/2018/dsa-4187
Debian Security Information: DSA-4188 (Google Search)
https://www.debian.org/security/2018/dsa-4188
http://openwall.com/lists/oss-security/2018/03/29/1
https://bugzilla.kernel.org/show_bug.cgi?id=199179
https://bugzilla.kernel.org/show_bug.cgi?id=199275
https://bugzilla.redhat.com/show_bug.cgi?id=1560777
https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=8e4b5eae5decd9dfe5a4ee369c22028f90ab4c44
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
RedHat Security Advisories: RHSA-2018:2948
https://access.redhat.com/errata/RHSA-2018:2948
RedHat Security Advisories: RHSA-2018:3083
https://access.redhat.com/errata/RHSA-2018:3083
RedHat Security Advisories: RHSA-2018:3096
https://access.redhat.com/errata/RHSA-2018:3096
https://usn.ubuntu.com/3676-1/
https://usn.ubuntu.com/3676-2/
https://usn.ubuntu.com/3677-1/
https://usn.ubuntu.com/3677-2/
https://usn.ubuntu.com/3678-1/
https://usn.ubuntu.com/3678-2/
https://usn.ubuntu.com/3678-3/
https://usn.ubuntu.com/3678-4/
https://usn.ubuntu.com/3754-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8087
BugTraq ID: 103397
http://www.securityfocus.com/bid/103397
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ddcff49b672239dda94d70d0fcf50317a9f4b51
https://github.com/torvalds/linux/commit/0ddcff49b672239dda94d70d0fcf50317a9f4b51
RedHat Security Advisories: RHSA-2019:2029
https://access.redhat.com/errata/RHSA-2019:2029
RedHat Security Advisories: RHSA-2019:2043
https://access.redhat.com/errata/RHSA-2019:2043
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.