Remote host missing update for 'linux-raspi2' package(s) announced via USN-2930-3 advisory. Various vulnerabilities discovered in the Linux kernel could lead to system crash or arbitrary code execution
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
Ubuntu | Linux kernel (Raspberry Pi 2) vulnerabilities | 16 Mar 201600:00 | – | ubuntu |
Ubuntu | Linux kernel vulnerabilities | 14 Mar 201600:00 | – | ubuntu |
Ubuntu | Linux kernel (Wily HWE) vulnerabilities | 14 Mar 201600:00 | – | ubuntu |
Ubuntu | Linux kernel vulnerabilities | 14 Mar 201600:00 | – | ubuntu |
Ubuntu | Linux kernel (Trusty HWE) vulnerabilities | 14 Mar 201600:00 | – | ubuntu |
Ubuntu | Linux kernel (Vivid HWE) vulnerabilities | 14 Mar 201600:00 | – | ubuntu |
Ubuntu | Linux kernel (Utopic HWE) vulnerabilities | 14 Mar 201600:00 | – | ubuntu |
Ubuntu | Linux kernel vulnerabilities | 9 May 201600:00 | – | ubuntu |
Ubuntu | Linux kernel (OMAP4) vulnerabilities | 9 May 201600:00 | – | ubuntu |
Ubuntu | Linux kernel (Utopic HWE) regression | 11 Apr 201600:00 | – | ubuntu |
Source | Link |
---|---|
ubuntu | www.ubuntu.com/security/notices/USN-2930-3 |
# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.842698");
script_cve_id("CVE-2015-7566", "CVE-2015-8767", "CVE-2016-0723", "CVE-2016-2384", "CVE-2016-2543", "CVE-2016-2544", "CVE-2016-2545", "CVE-2016-2546", "CVE-2016-2547", "CVE-2016-2548", "CVE-2016-2549", "CVE-2016-2782", "CVE-2016-3134", "CVE-2016-3135");
script_tag(name:"creation_date", value:"2016-03-17 04:11:14 +0000 (Thu, 17 Mar 2016)");
script_version("2024-02-02T05:06:05+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:05 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2016-05-09 18:08:19 +0000 (Mon, 09 May 2016)");
script_name("Ubuntu: Security Advisory (USN-2930-3)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2016 Greenbone AG");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU15\.10");
script_xref(name:"Advisory-ID", value:"USN-2930-3");
script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-2930-3");
script_tag(name:"summary", value:"The remote host is missing an update for the 'linux-raspi2' package(s) announced via the USN-2930-3 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Ben Hawkes discovered that the Linux netfilter implementation did not
correctly perform validation when handling IPT_SO_SET_REPLACE events. A
local unprivileged attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code with administrative
privileges. (CVE-2016-3134)
Ben Hawkes discovered an integer overflow in the Linux netfilter
implementation. On systems running 32 bit kernels, a local unprivileged
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code with administrative privileges.
(CVE-2016-3135)
Ralf Spenneberg discovered that the USB driver for Clie devices in the
Linux kernel did not properly validate the endpoints reported by the
device. An attacker with physical access could cause a denial of service
(system crash). (CVE-2015-7566)
It was discovered that a race condition existed when handling heartbeat-
timeout events in the SCTP implementation of the Linux kernel. A remote
attacker could use this to cause a denial of service. (CVE-2015-8767)
It was discovered that a race condition existed in the ioctl handler for
the TTY driver in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or expose sensitive information.
(CVE-2016-0723)
Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly
performed a double-free. A local attacker with physical access could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code with administrative privileges. (CVE-2016-2384)
Dmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA)
framework did not verify that a FIFO was attached to a client before
attempting to clear it. A local attacker could use this to cause a denial
of service (system crash). (CVE-2016-2543)
Dmitry Vyukov discovered that a race condition existed in the Advanced
Linux Sound Architecture (ALSA) framework between timer setup and closing
of the client, resulting in a use-after-free. A local attacker could use
this to cause a denial of service. (CVE-2016-2544)
Dmitry Vyukov discovered a race condition in the timer handling
implementation of the Advanced Linux Sound Architecture (ALSA) framework,
resulting in a use-after-free. A local attacker could use this to cause a
denial of service (system crash). (CVE-2016-2545)
Dmitry Vyukov discovered race conditions in the Advanced Linux Sound
Architecture (ALSA) framework's timer ioctls leading to a use-after-free. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2016-2546)
Dmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA)
framework's handling of high resolution timers did not properly manage its
data structures. A local attacker could use this to cause a denial of
service (system hang or crash) or possibly execute arbitrary ... [Please see the references for more information on the vulnerabilities]");
script_tag(name:"affected", value:"'linux-raspi2' package(s) on Ubuntu 15.10.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "UBUNTU15.10") {
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.2.0-1027-raspi2", ver:"4.2.0-1027.35", rls:"UBUNTU15.10"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo