English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.843249
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-3361-1)
Summary:The remote host is missing an update for the 'linux-hwe' package(s) announced via the USN-3361-1 advisory.
Description:Summary:
The remote host is missing an update for the 'linux-hwe' package(s) announced via the USN-3361-1 advisory.

Vulnerability Insight:
USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04.
This update provides the corresponding updates for the Linux Hardware
Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please
note that this update changes the Linux HWE kernel to the 4.10 based
kernel from Ubuntu 17.04, superseding the 4.8 based HWE kernel from
Ubuntu 16.10.

Ben Harris discovered that the Linux kernel would strip extended privilege
attributes of files when performing a failed unprivileged system call. A
local attacker could use this to cause a denial of service. (CVE-2015-1350)

Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel
did not properly validate meta block groups. An attacker with physical
access could use this to specially craft an ext4 image that causes a denial
of service (system crash). (CVE-2016-10208)

Peter Pi discovered that the colormap handling for frame buffer devices in
the Linux kernel contained an integer overflow. A local attacker could use
this to disclose sensitive information (kernel memory). (CVE-2016-8405)

It was discovered that an integer overflow existed in the InfiniBand RDMA
over ethernet (RXE) transport implementation in the Linux kernel. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2016-8636)

Vlad Tsyrklevich discovered an integer overflow vulnerability in the VFIO
PCI driver for the Linux kernel. A local attacker with access to a vfio PCI
device file could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2016-9083, CVE-2016-9084)

CAI Qian discovered that the sysctl implementation in the Linux kernel did
not properly perform reference counting in some situations. An unprivileged
attacker could use this to cause a denial of service (system hang).
(CVE-2016-9191)

It was discovered that the keyring implementation in the Linux kernel in
some situations did not prevent special internal keyrings from being joined
by userspace keyrings. A privileged local attacker could use this to bypass
module verification. (CVE-2016-9604)

Dmitry Vyukov, Andrey Konovalov, Florian Westphal, and Eric Dumazet
discovered that the netfiler subsystem in the Linux kernel mishandled IPv6
packet reassembly. A local user could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2016-9755)

Andy Lutomirski and Willy Tarreau discovered that the KVM implementation in
the Linux kernel did not properly emulate instructions on the SS segment
register. A local attacker in a guest virtual machine could use this to
cause a denial of service (guest OS crash) or possibly gain administrative
privileges in the guest OS. (CVE-2017-2583)

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel
improperly emulated certain instructions. A local attacker could use this
to obtain ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'linux-hwe' package(s) on Ubuntu 16.04.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-1350
BugTraq ID: 76075
http://www.securityfocus.com/bid/76075
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492
http://marc.info/?l=linux-kernel&m=142153722930533&w=2
http://www.openwall.com/lists/oss-security/2015/01/24/5
Common Vulnerability Exposure (CVE) ID: CVE-2016-10208
BugTraq ID: 94354
http://www.securityfocus.com/bid/94354
http://seclists.org/fulldisclosure/2016/Nov/75
https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html
http://www.openwall.com/lists/oss-security/2017/02/05/3
RedHat Security Advisories: RHSA-2017:1297
https://access.redhat.com/errata/RHSA-2017:1297
RedHat Security Advisories: RHSA-2017:1298
https://access.redhat.com/errata/RHSA-2017:1298
RedHat Security Advisories: RHSA-2017:1308
https://access.redhat.com/errata/RHSA-2017:1308
https://usn.ubuntu.com/3754-1/
Common Vulnerability Exposure (CVE) ID: CVE-2016-8405
BugTraq ID: 94686
http://www.securityfocus.com/bid/94686
Debian Security Information: DSA-3791 (Google Search)
http://www.debian.org/security/2017/dsa-3791
Common Vulnerability Exposure (CVE) ID: CVE-2016-8636
96189
http://www.securityfocus.com/bid/96189
[oss-security] 20170211 CVE publication request - CVE 2016-8636
http://www.openwall.com/lists/oss-security/2017/02/11/9
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=647bf3d8a8e5777319da92af672289b2a6c4dc66
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.10
https://bugzilla.redhat.com/show_bug.cgi?id=1421981
https://eyalitkin.wordpress.com/2017/02/11/cve-publication-cve-2016-8636/
https://github.com/torvalds/linux/commit/647bf3d8a8e5777319da92af672289b2a6c4dc66
Common Vulnerability Exposure (CVE) ID: CVE-2016-9083
BugTraq ID: 93929
http://www.securityfocus.com/bid/93929
http://www.openwall.com/lists/oss-security/2016/10/26/11
RedHat Security Advisories: RHSA-2017:0386
http://rhn.redhat.com/errata/RHSA-2017-0386.html
RedHat Security Advisories: RHSA-2017:0387
http://rhn.redhat.com/errata/RHSA-2017-0387.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9084
BugTraq ID: 93930
http://www.securityfocus.com/bid/93930
Common Vulnerability Exposure (CVE) ID: CVE-2016-9191
BugTraq ID: 94129
http://www.securityfocus.com/bid/94129
http://www.openwall.com/lists/oss-security/2016/11/05/4
Common Vulnerability Exposure (CVE) ID: CVE-2016-9604
BugTraq ID: 102135
http://www.securityfocus.com/bid/102135
RedHat Security Advisories: RHSA-2017:1842
https://access.redhat.com/errata/RHSA-2017:1842
RedHat Security Advisories: RHSA-2017:2077
https://access.redhat.com/errata/RHSA-2017:2077
RedHat Security Advisories: RHSA-2017:2669
https://access.redhat.com/errata/RHSA-2017:2669
Common Vulnerability Exposure (CVE) ID: CVE-2016-9755
BugTraq ID: 94626
http://www.securityfocus.com/bid/94626
https://www.spinics.net/lists/netdev/msg407525.html
http://www.openwall.com/lists/oss-security/2016/12/01/10
Common Vulnerability Exposure (CVE) ID: CVE-2017-2583
95673
http://www.securityfocus.com/bid/95673
DSA-3791
RHSA-2017:1615
https://access.redhat.com/errata/RHSA-2017:1615
RHSA-2017:1616
https://access.redhat.com/errata/RHSA-2017:1616
USN-3754-1
[oss-security] 20170119 CVE-2017-2583 Kernel: Kvm: vmx/svm potential privilege escalation inside guest
http://www.openwall.com/lists/oss-security/2017/01/19/2
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33ab91103b3415e12457e3104f0e4517ce12d0f3
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5
https://bugzilla.redhat.com/show_bug.cgi?id=1414735
https://github.com/torvalds/linux/commit/33ab91103b3415e12457e3104f0e4517ce12d0f3
Common Vulnerability Exposure (CVE) ID: CVE-2017-2584
BugTraq ID: 95430
http://www.securityfocus.com/bid/95430
http://www.openwall.com/lists/oss-security/2017/01/13/7
http://www.securitytracker.com/id/1037603
Common Vulnerability Exposure (CVE) ID: CVE-2017-2596
95878
http://www.securityfocus.com/bid/95878
RHSA-2017:1842
RHSA-2017:2077
[oss-security] 20170131 CVE-2017-2596 Kernel: kvm: page reference leakage in handle_vmon
http://www.openwall.com/lists/oss-security/2017/01/31/4
https://bugzilla.redhat.com/show_bug.cgi?id=1417812
Common Vulnerability Exposure (CVE) ID: CVE-2017-2618
96272
http://www.securityfocus.com/bid/96272
https://www.debian.org/security/2017/dsa-3791
RHSA-2017:0931
https://access.redhat.com/errata/RHSA-2017:0931
RHSA-2017:0932
https://access.redhat.com/errata/RHSA-2017:0932
RHSA-2017:0933
https://access.redhat.com/errata/RHSA-2017:0933
[selinux] 20170131 [PATCH] selinux: fix off-by-one in setprocattr
https://marc.info/?l=selinux&m=148588165923772&w=2
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2618
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=0c461cb727d146c9ef2d3e86214f498b78b7d125
Common Vulnerability Exposure (CVE) ID: CVE-2017-2671
42135
https://www.exploit-db.com/exploits/42135/
97407
http://www.securityfocus.com/bid/97407
RHSA-2017:2669
RHSA-2018:1854
https://access.redhat.com/errata/RHSA-2018:1854
[oss-security] 20170404 Re: Linux kernel ping socket / AF_LLC connect() sin_family race
http://openwall.com/lists/oss-security/2017/04/04/8
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/net/ipv4/ping.c?id=43a6684519ab0a6c52024b5e25322476cabad893
https://github.com/danieljiang0415/android_kernel_crash_poc
https://github.com/torvalds/linux/commit/43a6684519ab0a6c52024b5e25322476cabad893
https://twitter.com/danieljiang0415/status/845116665184497664
Common Vulnerability Exposure (CVE) ID: CVE-2017-5546
BugTraq ID: 95711
http://www.securityfocus.com/bid/95711
http://www.openwall.com/lists/oss-security/2017/01/21/3
Common Vulnerability Exposure (CVE) ID: CVE-2017-5549
BugTraq ID: 95715
http://www.securityfocus.com/bid/95715
Common Vulnerability Exposure (CVE) ID: CVE-2017-5550
BugTraq ID: 95716
http://www.securityfocus.com/bid/95716
Common Vulnerability Exposure (CVE) ID: CVE-2017-5551
BugTraq ID: 95717
http://www.securityfocus.com/bid/95717
http://www.securitytracker.com/id/1038053
Common Vulnerability Exposure (CVE) ID: CVE-2017-5576
BugTraq ID: 95767
http://www.securityfocus.com/bid/95767
https://lkml.org/lkml/2017/1/17/761
http://www.openwall.com/lists/oss-security/2017/01/21/7
Common Vulnerability Exposure (CVE) ID: CVE-2017-5669
BugTraq ID: 96754
http://www.securityfocus.com/bid/96754
Debian Security Information: DSA-3804 (Google Search)
http://www.debian.org/security/2017/dsa-3804
https://bugzilla.kernel.org/show_bug.cgi?id=192931
https://github.com/torvalds/linux/commit/95e91b831f87ac8e1f8ed50c14d709089b4e01b8
https://github.com/torvalds/linux/commit/e1d35d4dc7f089e6c9c080d556feedf9c706f0c7
http://www.securitytracker.com/id/1037918
https://usn.ubuntu.com/3583-1/
https://usn.ubuntu.com/3583-2/
Common Vulnerability Exposure (CVE) ID: CVE-2017-5897
BugTraq ID: 96037
http://www.securityfocus.com/bid/96037
http://www.openwall.com/lists/oss-security/2017/02/07/2
http://www.securitytracker.com/id/1037794
Common Vulnerability Exposure (CVE) ID: CVE-2017-5970
BugTraq ID: 96233
http://www.securityfocus.com/bid/96233
http://www.openwall.com/lists/oss-security/2017/02/12/3
Common Vulnerability Exposure (CVE) ID: CVE-2017-6001
BugTraq ID: 96264
http://www.securityfocus.com/bid/96264
http://www.openwall.com/lists/oss-security/2017/02/16/1
RedHat Security Advisories: RHSA-2018:1854
Common Vulnerability Exposure (CVE) ID: CVE-2017-6214
BugTraq ID: 96421
http://www.securityfocus.com/bid/96421
RedHat Security Advisories: RHSA-2017:1372
https://access.redhat.com/errata/RHSA-2017:1372
RedHat Security Advisories: RHSA-2017:1615
RedHat Security Advisories: RHSA-2017:1616
RedHat Security Advisories: RHSA-2017:1647
https://access.redhat.com/errata/RHSA-2017:1647
http://www.securitytracker.com/id/1037897
Common Vulnerability Exposure (CVE) ID: CVE-2017-6345
BugTraq ID: 96510
http://www.securityfocus.com/bid/96510
http://www.openwall.com/lists/oss-security/2017/02/28/7
Common Vulnerability Exposure (CVE) ID: CVE-2017-6346
BugTraq ID: 96508
http://www.securityfocus.com/bid/96508
http://www.openwall.com/lists/oss-security/2017/02/28/6
Common Vulnerability Exposure (CVE) ID: CVE-2017-6347
BugTraq ID: 96487
http://www.securityfocus.com/bid/96487
http://www.openwall.com/lists/oss-security/2017/02/28/5
Common Vulnerability Exposure (CVE) ID: CVE-2017-6348
BugTraq ID: 96483
http://www.securityfocus.com/bid/96483
http://www.openwall.com/lists/oss-security/2017/02/28/4
Common Vulnerability Exposure (CVE) ID: CVE-2017-7187
BugTraq ID: 96989
http://www.securityfocus.com/bid/96989
https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b
https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes&id=bf33f87dd04c371ea33feb821b60d63d754e3124
http://www.securitytracker.com/id/1038086
Common Vulnerability Exposure (CVE) ID: CVE-2017-7261
BugTraq ID: 97096
http://www.securityfocus.com/bid/97096
http://marc.info/?t=149037004200005&r=1&w=2
https://bugzilla.redhat.com/show_bug.cgi?id=1435719
https://lists.freedesktop.org/archives/dri-devel/2017-March/136814.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-7273
BugTraq ID: 97190
http://www.securityfocus.com/bid/97190
Common Vulnerability Exposure (CVE) ID: CVE-2017-7472
1038471
http://www.securitytracker.com/id/1038471
42136
https://www.exploit-db.com/exploits/42136/
98422
http://www.securityfocus.com/bid/98422
RHSA-2018:0151
https://access.redhat.com/errata/RHSA-2018:0151
RHSA-2018:0152
https://access.redhat.com/errata/RHSA-2018:0152
RHSA-2018:0181
https://access.redhat.com/errata/RHSA-2018:0181
SUSE-SU-2018:0011
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c9f838d104fed6f2f61d68164712e3204bf5271b
http://openwall.com/lists/oss-security/2017/05/11/1
https://bugzilla.novell.com/show_bug.cgi?id=1034862
https://bugzilla.redhat.com/show_bug.cgi?id=1442086
https://github.com/torvalds/linux/commit/c9f838d104fed6f2f61d68164712e3204bf5271b
https://lkml.org/lkml/2017/4/1/235
https://lkml.org/lkml/2017/4/3/724
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.13
Common Vulnerability Exposure (CVE) ID: CVE-2017-7616
BugTraq ID: 97527
http://www.securityfocus.com/bid/97527
http://www.securitytracker.com/id/1038503
Common Vulnerability Exposure (CVE) ID: CVE-2017-7618
BugTraq ID: 97534
http://www.securityfocus.com/bid/97534
http://marc.info/?l=linux-crypto-vger&m=149181655623850&w=2
Common Vulnerability Exposure (CVE) ID: CVE-2017-7645
BugTraq ID: 97950
http://www.securityfocus.com/bid/97950
Debian Security Information: DSA-3886 (Google Search)
http://www.debian.org/security/2017/dsa-3886
https://marc.info/?l=linux-nfs&m=149218228327497&w=2
https://marc.info/?l=linux-nfs&m=149247516212924&w=2
RedHat Security Advisories: RHSA-2018:1319
https://access.redhat.com/errata/RHSA-2018:1319
Common Vulnerability Exposure (CVE) ID: CVE-2017-7889
BugTraq ID: 97690
http://www.securityfocus.com/bid/97690
Debian Security Information: DSA-3945 (Google Search)
http://www.debian.org/security/2017/dsa-3945
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94
http://www.openwall.com/lists/oss-security/2017/04/16/4
https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94
Common Vulnerability Exposure (CVE) ID: CVE-2017-7895
BugTraq ID: 98085
http://www.securityfocus.com/bid/98085
RedHat Security Advisories: RHSA-2017:1715
https://access.redhat.com/errata/RHSA-2017:1715
RedHat Security Advisories: RHSA-2017:1723
https://access.redhat.com/errata/RHSA-2017:1723
RedHat Security Advisories: RHSA-2017:1766
https://access.redhat.com/errata/RHSA-2017:1766
RedHat Security Advisories: RHSA-2017:1798
https://access.redhat.com/errata/RHSA-2017:1798
RedHat Security Advisories: RHSA-2017:2412
https://access.redhat.com/errata/RHSA-2017:2412
RedHat Security Advisories: RHSA-2017:2428
https://access.redhat.com/errata/RHSA-2017:2428
RedHat Security Advisories: RHSA-2017:2429
https://access.redhat.com/errata/RHSA-2017:2429
RedHat Security Advisories: RHSA-2017:2472
https://access.redhat.com/errata/RHSA-2017:2472
RedHat Security Advisories: RHSA-2017:2732
https://access.redhat.com/errata/RHSA-2017:2732
Common Vulnerability Exposure (CVE) ID: CVE-2017-8924
BugTraq ID: 98451
http://www.securityfocus.com/bid/98451
Common Vulnerability Exposure (CVE) ID: CVE-2017-8925
BugTraq ID: 98462
http://www.securityfocus.com/bid/98462
Common Vulnerability Exposure (CVE) ID: CVE-2017-9150
BugTraq ID: 98635
http://www.securityfocus.com/bid/98635
https://www.exploit-db.com/exploits/42048/
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0d0e57697f162da4aa218b5feafe614fb666db07
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.1
https://bugs.chromium.org/p/project-zero/issues/detail?id=1251
https://github.com/torvalds/linux/commit/0d0e57697f162da4aa218b5feafe614fb666db07
CopyrightCopyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.