Test ID:	1.3.6.1.4.1.25623.1.0.845104
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-5117-1)
Summary:	The remote host is missing an update for the 'linux-oem-5.13' package(s) announced via the USN-5117-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-oem-5.13' package(s) announced via the USN-5117-1 advisory. Vulnerability Insight: It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739) It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743) It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) Affected Software/OS: 'linux-oem-5.13' package(s) on Ubuntu 20.04. Solution: Please install the updated package(s). CVSS Score: 3.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-3739 https://bugzilla.redhat.com/show_bug.cgi?id=1997958 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e4571b8c5e9ffa1e85c0c671995bd4dcc5c75091 https://github.com/torvalds/linux/commit/e4571b8c5e9ffa1e85c0c671995bd4dcc5c75091 https://security.netapp.com/advisory/ntap-20220407-0006/ https://ubuntu.com/security/CVE-2021-3739 https://www.openwall.com/lists/oss-security/2021/08/25/3 Common Vulnerability Exposure (CVE) ID: CVE-2021-3743 https://bugzilla.redhat.com/show_bug.cgi?id=1997961 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117 https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117 https://lists.openwall.net/netdev/2021/08/17/124 https://security.netapp.com/advisory/ntap-20220407-0007/ https://www.openwall.com/lists/oss-security/2021/08/27/2 https://www.oracle.com/security-alerts/cpujul2022.html Common Vulnerability Exposure (CVE) ID: CVE-2021-3753 https://bugzilla.redhat.com/show_bug.cgi?id=1999589 https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7 https://www.openwall.com/lists/oss-security/2021/09/01/4 Common Vulnerability Exposure (CVE) ID: CVE-2021-3759 https://access.redhat.com/security/cve/CVE-2021-3759 https://bugzilla.redhat.com/show_bug.cgi?id=1999675 https://lore.kernel.org/linux-mm/1626333284-1404-1-git-send-email-nglaive@gmail.com/ https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.