Lucene search
Copyright (C) 2017 Greenbone Networks GmbHOPENVAS:1361412562310843075HistoryMar 08, 2017 - 12:00 a.m.
Ubuntu Update for linux-hwe USN-3221-2
2017-03-0800:00:00
Copyright (C) 2017 Greenbone Networks GmbH
plugins.openvas.org
116
0.0004 Low
EPSS
Percentile
8.6%
The remote host is missing an update for the
###############################################################################
# OpenVAS Vulnerability Test
#
# Ubuntu Update for linux-hwe USN-3221-2
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.843075");
script_version("$Revision: 14140 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $");
script_tag(name:"creation_date", value:"2017-03-08 05:53:14 +0100 (Wed, 08 Mar 2017)");
script_cve_id("CVE-2017-2636");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"qod_type", value:"package");
script_name("Ubuntu Update for linux-hwe USN-3221-2");
script_tag(name:"summary", value:"The remote host is missing an update for the 'linux-hwe'
package(s) announced via the referenced advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"USN-3221-1 fixed vulnerabilities in the
Linux kernel for Ubuntu 16.10. This update provides the corresponding updates
for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.10 for Ubuntu
16.04 LTS. Alexander Popov discovered that the N_HDLC line discipline
implementation in the Linux kernel contained a double-free vulnerability. A
local attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2017-2636)");
script_tag(name:"affected", value:"linux-hwe on Ubuntu 16.04 LTS");
script_tag(name:"solution", value:"Please Install the Updated Packages.");
script_xref(name:"USN", value:"3221-2");
script_xref(name:"URL", value:"http://www.ubuntu.com/usn/usn-3221-2/");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2017 Greenbone Networks GmbH");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU16\.04 LTS");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "UBUNTU16.04 LTS")
{
if ((res = isdpkgvuln(pkg:"linux-image-4.8.0-41-generic", ver:"4.8.0-41.44~16.04.1", rls:"UBUNTU16.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-4.8.0-41-generic-lpae", ver:"4.8.0-41.44~16.04.1", rls:"UBUNTU16.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-4.8.0-41-lowlatency", ver:"4.8.0-41.44~16.04.1", rls:"UBUNTU16.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-4.8.0-41-powerpc-e500mc", ver:"4.8.0-41.44~16.04.1", rls:"UBUNTU16.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-4.8.0-41-powerpc-smp", ver:"4.8.0-41.44~16.04.1", rls:"UBUNTU16.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-4.8.0-41-powerpc64-emb", ver:"4.8.0-41.44~16.04.1", rls:"UBUNTU16.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-generic-hwe-16.04", ver:"4.8.0.41.12", rls:"UBUNTU16.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-generic-lpae-hwe-16.04", ver:"4.8.0.41.12", rls:"UBUNTU16.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-lowlatency-hwe-16.04", ver:"4.8.0.41.12", rls:"UBUNTU16.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}References
Related
nessus
nessus
Ubuntu 16.10 : linux, linux-raspi2 vulnerability (USN-3221-1)
2017-03-08 00:00:00
RHEL 6 : kernel (RHSA-2017:1233)
2017-05-17 00:00:00
Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerability (USN-3220-2)
2017-03-08 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1066)
2020-01-23 00:00:00
Ubuntu Update for linux USN-3218-1
2017-03-08 00:00:00
Ubuntu Update for linux-lts-xenial USN-3220-2
2017-03-08 00:00:00
redhatcve
redhatcve
CVE-2017-2636
2019-11-03 16:23:08
suse
suse
Security update for the Linux Kernel (important)
2017-04-03 21:09:21
Security update for the Linux Kernel (important)
2017-04-03 21:08:52
Security update for the Linux Kernel (important)
2017-03-30 06:10:44
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:17:04
redhat
redhat
(RHSA-2017:1126) Important: kernel security update
2017-04-25 09:21:16
(RHSA-2017:1233) Important: kernel security update
2017-05-16 09:06:20
(RHSA-2017:1232) Important: kernel security update
2017-05-16 09:05:54
archlinux
archlinux
[ASA-201703-8] linux: privilege escalation
2017-03-14 00:00:00
[ASA-201703-6] linux-lts: privilege escalation
2017-03-12 00:00:00
[ASA-201703-7] linux-grsec: privilege escalation
2017-03-13 00:00:00
thn
thn
Linux Kernel Gets Patch For Years-Old Serious Vulnerability
2017-03-16 04:54:00
ubuntu
ubuntu
Linux kernel vulnerability
2017-03-07 00:00:00
Linux kernel (Trusty HWE) vulnerability
2017-03-08 00:00:00
Linux kernel (HWE) vulnerability
2017-03-08 00:00:00
ubuntucve
ubuntucve
CVE-2017-2636
2017-03-07 00:00:00
prion
prion
Race condition
2017-03-07 22:59:00
cloudfoundry
cloudfoundry
USN-3220-2: Linux kernel (Xenial HWE) vulnerability | Cloud Foundry
2017-03-09 00:00:00
virtuozzo
virtuozzo
cve
cve
CVE-2017-2636
2017-03-07 22:59:00
avleonov
avleonov
Why you canβt update it all at once?
2017-04-22 20:25:16
f5
f5
K18015201 : Linux kernel vulnerability CVE-2017-2636
2017-03-28 00:00:00
ptsecurity
ptsecurity
PT-2017-06: Race Condition in Linux
2017-02-28 00:00:00
debiancve
debiancve
CVE-2017-2636
2017-03-07 22:59:00
centos
centos
kernel, perf, python security update
2017-04-12 12:56:09
kernel, perf, python security update
2017-04-13 11:00:48
photon
photon
Important Photon OS Security Update - PHSA-2017-0031
2017-03-28 00:00:00
Critical Photon OS Security Update - PHSA-2018-0031
2018-03-29 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2017-04-11 00:00:00
kernel security, bug fix, and enhancement update
2017-04-13 00:00:00
kernel security, bug fix, and enhancement update
2017-04-12 00:00:00
seebug
seebug
Linux kernel local privilege escalation flaw in n_hdlcοΌCVE-2017-2636οΌ
2017-03-09 00:00:00
mageia
mageia
Updated kernel-tmb packages fixes security vulnerabilities
2017-03-25 23:15:34
Updated kernel packages fixes security vulnerabilities
2017-03-25 23:15:34
Updated kernel-linus packages fixes security vulnerabilities
2017-03-25 23:15:34
debian
debian
[SECURITY] [DSA 3804-1] linux security update
2017-03-08 16:59:59
[SECURITY] [DLA 849-1] linux security update
2017-03-09 12:06:12
[SECURITY] [DSA 3804-1] linux security update
2017-03-08 16:59:59
osv
osv
linux - security update
2017-03-08 00:00:00
linux - security update
2017-03-08 00:00:00
