Test Kennung:	1.3.6.1.4.1.25623.1.0.842145
Kategorie:	Ubuntu Local Security Checks
Titel:	Ubuntu Update for linux-lts-trusty USN-2543-1
Zusammenfassung:	The remote host is missing an update for the 'linux-lts-trusty'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'linux-lts-trusty' package(s) announced via the referenced advisory. Vulnerability Insight: Eric Windisch discovered flaw in how the Linux kernel's XFS file system replaces remote attributes. A local access with access to an XFS file system could exploit this flaw to escalate their privileges. (CVE-2015-0274) A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. (CVE-2013-7421) The Linux kernel's splice system call did not correctly validate its parameters. A local, unprivileged user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-7822) A flaw was discovered in the crypto subsystem when screening module names for automatic module loading if the name contained a valid crypto module name, eg. vfat(aes). A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. (CVE-2014-9644) Affected Software/OS: linux-lts-trusty on Ubuntu 12.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0274 RedHat Security Advisories: RHSA-2015:0290 http://rhn.redhat.com/errata/RHSA-2015-0290.html RedHat Security Advisories: RHSA-2015:0694 http://rhn.redhat.com/errata/RHSA-2015-0694.html http://www.securitytracker.com/id/1031853 http://www.ubuntu.com/usn/USN-2543-1 http://www.ubuntu.com/usn/USN-2544-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-7421 BugTraq ID: 72322 http://www.securityfocus.com/bid/72322 Debian Security Information: DSA-3170 (Google Search) http://www.debian.org/security/2015/dsa-3170 http://www.mandriva.com/security/advisories?name=MDVSA-2015:057 http://www.mandriva.com/security/advisories?name=MDVSA-2015:058 https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu https://lkml.org/lkml/2013/3/4/70 http://www.openwall.com/lists/oss-security/2015/01/24/4 RedHat Security Advisories: RHSA-2016:0068 http://rhn.redhat.com/errata/RHSA-2016-0068.html http://www.ubuntu.com/usn/USN-2513-1 http://www.ubuntu.com/usn/USN-2514-1 http://www.ubuntu.com/usn/USN-2545-1 http://www.ubuntu.com/usn/USN-2546-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-7822 BugTraq ID: 72347 http://www.securityfocus.com/bid/72347 https://www.exploit-db.com/exploits/36743/ http://www.osvdb.org/117810 RedHat Security Advisories: RHSA-2015:0102 http://rhn.redhat.com/errata/RHSA-2015-0102.html RedHat Security Advisories: RHSA-2015:0164 http://rhn.redhat.com/errata/RHSA-2015-0164.html RedHat Security Advisories: RHSA-2015:0674 http://rhn.redhat.com/errata/RHSA-2015-0674.html SuSE Security Announcement: SUSE-SU-2015:0529 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SuSE Security Announcement: SUSE-SU-2015:1488 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html SuSE Security Announcement: SUSE-SU-2015:1489 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html SuSE Security Announcement: openSUSE-SU-2015:0714 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html http://www.ubuntu.com/usn/USN-2541-1 http://www.ubuntu.com/usn/USN-2542-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-9644 BugTraq ID: 72320 http://www.securityfocus.com/bid/72320
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.