Test ID:	1.3.6.1.4.1.25623.1.1.1.2.2016.378
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DLA-378-1)
Summary:	The remote host is missing an update for the Debian 'linux-2.6' package(s) announced via the DLA-378-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'linux-2.6' package(s) announced via the DLA-378-1 advisory. Vulnerability Insight: This update fixes the CVEs described below. CVE-2015-7550 Dmitry Vyukov discovered a race condition in the keyring subsystem that allows a local user to cause a denial of service (crash). CVE-2015-8543 It was discovered that a local user permitted to create raw sockets could cause a denial-of-service by specifying an invalid protocol number for the socket. The attacker must have the CAP_NET_RAW capability. CVE-2015-8575 David Miller discovered a flaw in the Bluetooth SCO sockets implementation that leads to an information leak to local users. In addition, this update fixes a regression in the previous update: #808293 A regression in the UDP implementation prevented freeradius and some other applications from receiving data. For the oldoldstable distribution (squeeze), these problems have been fixed in version 2.6.32-48squeeze18. For the oldstable distribution (wheezy), these problems have been fixed in version 3.2.73-2+deb7u2. For the stable distribution (jessie), these problems have been fixed in version 3.16.7-ckt20-1+deb8u2 or earlier. Affected Software/OS: 'linux-2.6' package(s) on Debian 6. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-7550 79903 http://www.securityfocus.com/bid/79903 DSA-3434 http://www.debian.org/security/2016/dsa-3434 SUSE-SU-2016:0911 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html SUSE-SU-2016:1102 http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html SUSE-SU-2016:2074 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html USN-2888-1 http://www.ubuntu.com/usn/USN-2888-1 USN-2890-1 http://www.ubuntu.com/usn/USN-2890-1 USN-2890-2 http://www.ubuntu.com/usn/USN-2890-2 USN-2890-3 http://www.ubuntu.com/usn/USN-2890-3 USN-2911-1 http://www.ubuntu.com/usn/USN-2911-1 USN-2911-2 http://www.ubuntu.com/usn/USN-2911-2 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b4a1b4f5047e4f54e194681125c74c0aa64d637d http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4 https://bugzilla.redhat.com/show_bug.cgi?id=1291197 https://github.com/torvalds/linux/commit/b4a1b4f5047e4f54e194681125c74c0aa64d637d https://security-tracker.debian.org/tracker/CVE-2015-7550 Common Vulnerability Exposure (CVE) ID: CVE-2015-8543 BugTraq ID: 79698 http://www.securityfocus.com/bid/79698 Debian Security Information: DSA-3426 (Google Search) http://www.debian.org/security/2015/dsa-3426 Debian Security Information: DSA-3434 (Google Search) http://www.openwall.com/lists/oss-security/2015/12/09/5 RedHat Security Advisories: RHSA-2016:0855 http://rhn.redhat.com/errata/RHSA-2016-0855.html RedHat Security Advisories: RHSA-2016:2574 http://rhn.redhat.com/errata/RHSA-2016-2574.html RedHat Security Advisories: RHSA-2016:2584 http://rhn.redhat.com/errata/RHSA-2016-2584.html http://www.securitytracker.com/id/1034892 SuSE Security Announcement: SUSE-SU-2016:0911 (Google Search) SuSE Security Announcement: SUSE-SU-2016:1102 (Google Search) SuSE Security Announcement: SUSE-SU-2016:2074 (Google Search) http://www.ubuntu.com/usn/USN-2886-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-8575 BugTraq ID: 79724 http://www.securityfocus.com/bid/79724 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html http://www.openwall.com/lists/oss-security/2015/12/16/3
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.