 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.12.2017.3343.2 |
| Category: | Ubuntu Local Security Checks |
| Title: | Ubuntu: Security Advisory (USN-3343-2) |
| Summary: | The remote host is missing an update for the 'linux-lts-trusty' package(s) announced via the USN-3343-2 advisory. |
| Description: | Summary: The remote host is missing an update for the 'linux-lts-trusty' package(s) announced via the USN-3343-2 advisory. Vulnerability Insight: USN 3343-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. USN 3335-2 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free vulnerability in the core voltage regulator driver of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2014-9940) It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code. (CVE-2017-0605) Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. (CVE-2017-1000363) Li Qiang discovered that an integer overflow vulnerability existed in the Direct Rendering Manager (DRM) driver for VMWare devices in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7294) It was discovered that a double-free vulnerability existed in the IPv4 stack of the Linux kernel. An attacker could use this to cause a denial of service (system crash). (CVE-2017-8890) Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux kernel's IPv6 stack. A local attacker could cause a denial of service or potentially other unspecified problems. (CVE-2017-9074) Andrey Konovalov discovered a flaw in the handling of inheritance in the Linux kernel's IPv6 stack. A local user could exploit this issue to cause a denial of service or possibly other unspecified problems. (CVE-2017-9075) It was discovered that dccp v6 in the Linux kernel mishandled inheritance. A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9076) It was discovered that the transmission control protocol (tcp) v6 in the Linux kernel mishandled inheritance. A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9077) It was discovered that the IPv6 stack in the Linux kernel was performing its over write consistency check after the data was actually overwritten. A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2017-9242) Affected Software/OS: 'linux-lts-trusty' package(s) on Ubuntu 12.04. Solution: Please install the updated package(s). CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-9940 BugTraq ID: 98195 http://www.securityfocus.com/bid/98195 Debian Security Information: DSA-3945 (Google Search) http://www.debian.org/security/2017/dsa-3945 Common Vulnerability Exposure (CVE) ID: CVE-2017-0605 Common Vulnerability Exposure (CVE) ID: CVE-2017-1000363 BugTraq ID: 98651 http://www.securityfocus.com/bid/98651 https://alephsecurity.com/vulns/aleph-2017023 Common Vulnerability Exposure (CVE) ID: CVE-2017-7294 BugTraq ID: 97177 http://www.securityfocus.com/bid/97177 https://bugzilla.redhat.com/show_bug.cgi?id=1436798 https://lists.freedesktop.org/archives/dri-devel/2017-March/137094.html RedHat Security Advisories: RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676 RedHat Security Advisories: RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062 Common Vulnerability Exposure (CVE) ID: CVE-2017-8890 BugTraq ID: 98562 http://www.securityfocus.com/bid/98562 Debian Security Information: DSA-3886 (Google Search) http://www.debian.org/security/2017/dsa-3886 RedHat Security Advisories: RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842 RedHat Security Advisories: RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077 RedHat Security Advisories: RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2017:2669 RedHat Security Advisories: RHSA-2018:1854 https://access.redhat.com/errata/RHSA-2018:1854 Common Vulnerability Exposure (CVE) ID: CVE-2017-9074 BugTraq ID: 98577 http://www.securityfocus.com/bid/98577 RedHat Security Advisories: RHSA-2018:0169 https://access.redhat.com/errata/RHSA-2018:0169 Common Vulnerability Exposure (CVE) ID: CVE-2017-9075 BugTraq ID: 98597 http://www.securityfocus.com/bid/98597 Common Vulnerability Exposure (CVE) ID: CVE-2017-9076 BugTraq ID: 98586 http://www.securityfocus.com/bid/98586 Common Vulnerability Exposure (CVE) ID: CVE-2017-9077 BugTraq ID: 98583 http://www.securityfocus.com/bid/98583 Common Vulnerability Exposure (CVE) ID: CVE-2017-9242 BugTraq ID: 98731 http://www.securityfocus.com/bid/98731 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |