Test ID:	1.3.6.1.4.1.25623.1.0.71596
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-1531-1 (linux-image-2.6.38-15-generic)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to linux-image-2.6.38-15-generic announced via advisory USN-1531-1. Details: An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. (CVE-2012-2136) A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2372) An error was discovered in the Linux kernel's memory subsystem (hugetlb). An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2012-2390) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: linux-image-2.6.38-15-generic 2.6.38-15.65 linux-image-2.6.38-15-generic-pae 2.6.38-15.65 linux-image-2.6.38-15-omap 2.6.38-15.65 linux-image-2.6.38-15-powerpc 2.6.38-15.65 linux-image-2.6.38-15-powerpc-smp 2.6.38-15.65 linux-image-2.6.38-15-powerpc64-smp 2.6.38-15.65 linux-image-2.6.38-15-server 2.6.38-15.65 linux-image-2.6.38-15-versatile 2.6.38-15.65 linux-image-2.6.38-15-virtual 2.6.38-15.65 https://secure1.securityspace.com/smysecure/catid.html?in=USN-1531-1 CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:NR/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2136 50807 http://secunia.com/advisories/50807 53721 http://www.securityfocus.com/bid/53721 RHSA-2012:0743 http://rhn.redhat.com/errata/RHSA-2012-0743.html RHSA-2012:1087 http://rhn.redhat.com/errata/RHSA-2012-1087.html USN-1529-1 http://ubuntu.com/usn/usn-1529-1 USN-1535-1 http://www.ubuntu.com/usn/USN-1535-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5 https://bugzilla.redhat.com/show_bug.cgi?id=816289 https://github.com/torvalds/linux/commit/cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc Common Vulnerability Exposure (CVE) ID: CVE-2012-2372 54062 http://www.securityfocus.com/bid/54062 HPSBGN02970 http://marc.info/?l=bugtraq&m=139447903326211&w=2 RHSA-2012:1540 http://rhn.redhat.com/errata/RHSA-2012-1540.html SUSE-SU-2012:1679 https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html USN-1555-1 http://www.ubuntu.com/usn/USN-1555-1 USN-1556-1 http://www.ubuntu.com/usn/USN-1556-1 https://bugzilla.redhat.com/show_bug.cgi?id=822754 https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=c7b6a0a1d8d636852be130fa15fa8be10d4704e8 Common Vulnerability Exposure (CVE) ID: CVE-2012-2390 USN-1515-1 http://www.ubuntu.com/usn/USN-1515-1 [oss-security] 20120523 Re: CVE Request -- kernel: huge pages: memory leak on mmap failure http://www.openwall.com/lists/oss-security/2012/05/23/14 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c50ac050811d6485616a193eb0f37bfbd191cc89 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.2 https://bugzilla.redhat.com/show_bug.cgi?id=824345 https://github.com/torvalds/linux/commit/c50ac050811d6485616a193eb0f37bfbd191cc89
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.