Vulnerability   
Search   
    Search 187964 CVE descriptions
and 85075 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.844506
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory for linux (USN-4425-1)
Summary:The remote host is missing an update for the 'linux'; package(s) announced via the USN-4425-1 advisory.
Description:Summary:
The remote host is missing an update for the 'linux'
package(s) announced via the USN-4425-1 advisory.

Vulnerability Insight:
It was discovered that the network block device (nbd) implementation in the
Linux kernel did not properly check for error conditions in some
situations. An attacker could possibly use this to cause a denial of
service (system crash). (CVE-2019-16089)

It was discovered that the kernel->user space relay implementation in the
Linux kernel did not properly check return values in some situations. A
local attacker could possibly use this to cause a denial of service (system
crash). (CVE-2019-19462)

Mauricio Faria de Oliveira discovered that the aufs implementation in the
Linux kernel improperly managed inode reference counts in the
vfsub_dentry_open() method. A local attacker could use this vulnerability
to cause a denial of service. (CVE-2020-11935)

Jason A. Donenfeld discovered that the ACPI implementation in the Linux
kernel did not properly restrict loading ACPI tables via configfs. A
privileged attacker could use this to bypass Secure Boot lockdown
restrictions and execute arbitrary code in the kernel. (CVE-2020-15780)

Affected Software/OS:
'linux' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.

Solution:
Please install the updated package(s).

CVSS Score:
4.9

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-16089
Common Vulnerability Exposure (CVE) ID: CVE-2019-19462
Common Vulnerability Exposure (CVE) ID: CVE-2020-11935
Common Vulnerability Exposure (CVE) ID: CVE-2020-15780
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.