Test ID:	1.3.6.1.4.1.25623.1.0.105481
Category:	F5 Local Security Checks
Title:	F5 BIG-IP - Linux kernel vulnerability CVE-2015-7613
Summary:	The remote host is missing a security patch.
Description:	Summary: The remote host is missing a security patch. Vulnerability Insight: Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. Vulnerability Impact: Exploitation of this issue requires shell access, and a non-standard and unsupported configuration (such as modifications to Linux configuration files) may expose this issue further. F5 does not recommend manually editing Linux configuration files. There is no remote access vector or data plane exposure. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-7613 BugTraq ID: 76977 http://www.securityfocus.com/bid/76977 Debian Security Information: DSA-3372 (Google Search) http://www.debian.org/security/2015/dsa-3372 http://www.openwall.com/lists/oss-security/2015/10/01/8 RedHat Security Advisories: RHSA-2015:2636 http://rhn.redhat.com/errata/RHSA-2015-2636.html http://www.securitytracker.com/id/1034094 http://www.securitytracker.com/id/1034592 SuSE Security Announcement: SUSE-SU-2015:1727 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html SuSE Security Announcement: SUSE-SU-2015:2084 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00026.html SuSE Security Announcement: SUSE-SU-2015:2085 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00027.html SuSE Security Announcement: SUSE-SU-2015:2086 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00028.html SuSE Security Announcement: SUSE-SU-2015:2087 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00029.html SuSE Security Announcement: SUSE-SU-2015:2089 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00030.html SuSE Security Announcement: SUSE-SU-2015:2090 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00031.html SuSE Security Announcement: SUSE-SU-2015:2091 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00032.html http://www.ubuntu.com/usn/USN-2761-1 http://www.ubuntu.com/usn/USN-2762-1 http://www.ubuntu.com/usn/USN-2763-1 http://www.ubuntu.com/usn/USN-2764-1 http://www.ubuntu.com/usn/USN-2765-1 http://www.ubuntu.com/usn/USN-2792-1
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.