Test ID:	1.3.6.1.4.1.25623.1.0.844208
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-4162-1)
Summary:	The remote host is missing an update for the 'linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon' package(s) announced via the USN-4162-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon' package(s) announced via the USN-4162-1 advisory. Vulnerability Insight: It was discovered that the RSI 91x Wi-Fi driver in the Linux kernel did not did not handle detach operations correctly, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-21008) Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816) Matt Delco discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform bounds checking when handling coalesced MMIO write operations. A local attacker with write access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-14821) Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel did not properly validate device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15117) Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel improperly performed recursion while handling device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15118) It was discovered that the Technisat DVB-S/S2 USB device driver in the Linux kernel contained a buffer overread. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2019-15505) Brad Spengler discovered that a Spectre mitigation was improperly implemented in the ptrace subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information. (CVE-2019-15902) It was discovered that the SMB networking file system implementation in the Linux kernel contained a buffer overread. An attacker could use this to expose sensitive information (kernel memory). (CVE-2019-15918) Affected Software/OS: 'linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon' package(s) on Ubuntu 16.04, Ubuntu 18.04. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-21008 http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.7 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=abd39c6ded9db53aa44c2540092bdd5fb6590fa8 https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html SuSE Security Announcement: openSUSE-SU-2019:2173 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html SuSE Security Announcement: openSUSE-SU-2019:2181 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://usn.ubuntu.com/4162-1/ https://usn.ubuntu.com/4162-2/ https://usn.ubuntu.com/4163-1/ https://usn.ubuntu.com/4163-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-14814 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01) https://seclists.org/bugtraq/2019/Nov/11 FEDORA-2019-4c91a2f76e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/ FEDORA-2019-97380355ae https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/ RHSA-2020:0174 https://access.redhat.com/errata/RHSA-2020:0174 RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0328 RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0339 USN-4157-1 https://usn.ubuntu.com/4157-1/ USN-4157-2 https://usn.ubuntu.com/4157-2/ USN-4162-1 USN-4162-2 USN-4163-1 USN-4163-2 [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update [oss-security] 20190828 Linux kernel: three heap overflow in the marvell wifi driver http://www.openwall.com/lists/oss-security/2019/08/28/1 http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://access.redhat.com/security/cve/cve-2019-14814 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14814 https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a https://security.netapp.com/advisory/ntap-20191031-0005/ https://www.openwall.com/lists/oss-security/2019/08/28/1 openSUSE-SU-2019:2173 openSUSE-SU-2019:2181 Common Vulnerability Exposure (CVE) ID: CVE-2019-14815 https://access.redhat.com/security/cve/cve-2019-14815 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815 https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com https://security.netapp.com/advisory/ntap-20200103-0001/ Common Vulnerability Exposure (CVE) ID: CVE-2019-14816 RHSA-2020:0204 https://access.redhat.com/errata/RHSA-2020:0204 RHSA-2020:0374 https://access.redhat.com/errata/RHSA-2020:0374 RHSA-2020:0375 https://access.redhat.com/errata/RHSA-2020:0375 RHSA-2020:0653 https://access.redhat.com/errata/RHSA-2020:0653 RHSA-2020:0661 https://access.redhat.com/errata/RHSA-2020:0661 RHSA-2020:0664 https://access.redhat.com/errata/RHSA-2020:0664 https://access.redhat.com/security/cve/cve-2019-14816 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14816 https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3 Common Vulnerability Exposure (CVE) ID: CVE-2019-14821 20190925 [SECURITY] [DSA 4531-1] linux security update https://seclists.org/bugtraq/2019/Sep/41 DSA-4531 https://www.debian.org/security/2019/dsa-4531 FEDORA-2019-15e141c6a7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZQQQANZWQMPILZV7OTS3RGGRLLE2Q7/ FEDORA-2019-a570a92d5a https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/ RHSA-2019:3309 https://access.redhat.com/errata/RHSA-2019:3309 RHSA-2019:3517 https://access.redhat.com/errata/RHSA-2019:3517 RHSA-2019:3978 https://access.redhat.com/errata/RHSA-2019:3978 RHSA-2019:3979 https://access.redhat.com/errata/RHSA-2019:3979 RHSA-2019:4154 https://access.redhat.com/errata/RHSA-2019:4154 RHSA-2019:4256 https://access.redhat.com/errata/RHSA-2019:4256 RHSA-2020:0027 https://access.redhat.com/errata/RHSA-2020:0027 [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html [oss-security] 20190920 CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer http://www.openwall.com/lists/oss-security/2019/09/20/1 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14821 https://security.netapp.com/advisory/ntap-20191004-0001/ https://www.oracle.com/security-alerts/cpuapr2020.html openSUSE-SU-2019:2307 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html openSUSE-SU-2019:2308 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html Common Vulnerability Exposure (CVE) ID: CVE-2019-15117 Bugtraq: 20190925 [SECURITY] [DSA 4531-1] linux security update (Google Search) Bugtraq: 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01) (Google Search) Debian Security Information: DSA-4531 (Google Search) https://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git/commit/?id=daac07156b330b18eb5071aec4b3ddca1c377f2c https://lore.kernel.org/lkml/20190814023625.21683-1-benquike@gmail.com/ https://usn.ubuntu.com/4147-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-15118 https://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git/commit/?id=19bce474c45be69a284ecee660aa12d8f1e88f18 https://lore.kernel.org/lkml/20190815043554.16623-1-benquike@gmail.com/ Common Vulnerability Exposure (CVE) ID: CVE-2019-15505 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/ https://git.linuxtv.org/media_tree.git/commit/?id=0c4df39e504bf925ab666132ac3c98d6cbbe380b https://lore.kernel.org/linux-media/20190821104408.w7krumcglxo6fz5q@gofer.mess.org/ https://lore.kernel.org/lkml/b9b256cb-95f2-5fa1-9956-5a602a017c11@gmail.com/ https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html Common Vulnerability Exposure (CVE) ID: CVE-2019-15902 https://grsecurity.net/teardown_of_a_failed_linux_lts_spectre_fix.php Common Vulnerability Exposure (CVE) ID: CVE-2019-15918 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10 https://github.com/torvalds/linux/commit/b57a55e2200ede754e4dc9cce4ba9402544b9365
Copyright	Copyright (C) 2019 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.