 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.12.2024.6646.1 |
| Category: | Ubuntu Local Security Checks |
| Title: | Ubuntu: Security Advisory (USN-6646-1) |
| Summary: | The remote host is missing an update for the 'linux, linux-aws, linux-kvm, linux-lts-xenial' package(s) announced via the USN-6646-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'linux, linux-aws, linux-kvm, linux-lts-xenial' package(s) announced via the USN-6646-1 advisory. Vulnerability Insight: It was discovered that a race condition existed in the ATM (Asynchronous Transfer Mode) subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51780) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2023-7192) Affected Software/OS: 'linux, linux-aws, linux-kvm, linux-lts-xenial' package(s) on Ubuntu 14.04, Ubuntu 16.04. Solution: Please install the updated package(s). CVSS Score: 6.0 CVSS Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2023-51780 https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8 https://github.com/torvalds/linux/commit/24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2023-51782 https://github.com/torvalds/linux/commit/810c38a369a0a0ce625b5c12169abce1dd9ccd53 Common Vulnerability Exposure (CVE) ID: CVE-2023-7192 RHBZ#2256279 https://bugzilla.redhat.com/show_bug.cgi?id=2256279 RHSA-2024:0723 https://access.redhat.com/errata/RHSA-2024:0723 RHSA-2024:0725 https://access.redhat.com/errata/RHSA-2024:0725 RHSA-2024:1188 https://access.redhat.com/errata/RHSA-2024:1188 RHSA-2024:1250 https://access.redhat.com/errata/RHSA-2024:1250 RHSA-2024:1306 https://access.redhat.com/errata/RHSA-2024:1306 RHSA-2024:1367 https://access.redhat.com/errata/RHSA-2024:1367 RHSA-2024:1382 https://access.redhat.com/errata/RHSA-2024:1382 RHSA-2024:1404 https://access.redhat.com/errata/RHSA-2024:1404 RHSA-2024:2006 https://access.redhat.com/errata/RHSA-2024:2006 RHSA-2024:2008 https://access.redhat.com/errata/RHSA-2024:2008 https://access.redhat.com/security/cve/CVE-2023-7192 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=ac4893980bbe79ce383daf9a0885666a30fe4c83 |
| Copyright | Copyright (C) 2024 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |