Ubuntu: Security Advisory for 'linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon' package
Reporter | Title | Published | Views | Family All 151 |
---|---|---|---|---|
Cloud Foundry | USN-3234-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry | 31 Mar 201700:00 | – | cloudfoundry |
Tenable Nessus | Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3234-2) | 16 Mar 201700:00 | – | nessus |
Tenable Nessus | Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3234-1) | 16 Mar 201700:00 | – | nessus |
Tenable Nessus | RHEL 7 : kernel-rt (RHSA-2017:1298) | 26 May 201700:00 | – | nessus |
Tenable Nessus | RHEL 6 : MRG (RHSA-2017:1297) | 26 May 201700:00 | – | nessus |
Tenable Nessus | RHEL 7 : kernel (RHSA-2017:1308) | 26 May 201700:00 | – | nessus |
Tenable Nessus | Oracle Linux 7 : ELSA-2017-1308-1: / kernel (ELSA-2017-13081) | 7 Sep 202300:00 | – | nessus |
Tenable Nessus | CentOS 7 : kernel (CESA-2017:1308) | 26 May 201700:00 | – | nessus |
Tenable Nessus | Scientific Linux Security Update : kernel on SL7.x x86_64 (20170525) | 26 May 201700:00 | – | nessus |
Tenable Nessus | Virtuozzo 7 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-1308) | 13 Jul 201700:00 | – | nessus |
Source | Link |
---|---|
ubuntu | www.ubuntu.com/security/notices/USN-3234-1 |
# SPDX-FileCopyrightText: 2017 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.843096");
script_cve_id("CVE-2016-10208", "CVE-2017-5551");
script_tag(name:"creation_date", value:"2017-03-16 08:11:33 +0000 (Thu, 16 Mar 2017)");
script_version("2024-02-02T05:06:06+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:06 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"4.9");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2017-02-09 21:53:12 +0000 (Thu, 09 Feb 2017)");
script_name("Ubuntu: Security Advisory (USN-3234-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2017 Greenbone AG");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU16\.04\ LTS");
script_xref(name:"Advisory-ID", value:"USN-3234-1");
script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-3234-1");
script_tag(name:"summary", value:"The remote host is missing an update for the 'linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon' package(s) announced via the USN-3234-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel
did not properly validate meta block groups. An attacker with physical
access could use this to specially craft an ext4 image that causes a denial
of service (system crash). (CVE-2016-10208)
It was discovered that the Linux kernel did not clear the setgid bit during
a setxattr call on a tmpfs filesystem. A local attacker could use this to
gain elevated group privileges. (CVE-2017-5551)");
script_tag(name:"affected", value:"'linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon' package(s) on Ubuntu 16.04.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "UBUNTU16.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.4.0-1006-gke", ver:"4.4.0-1006.6", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.4.0-1009-aws", ver:"4.4.0-1009.18", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.4.0-1048-raspi2", ver:"4.4.0-1048.55", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.4.0-1051-snapdragon", ver:"4.4.0-1051.55", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.4.0-67-generic", ver:"4.4.0-67.88", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.4.0-67-generic-lpae", ver:"4.4.0-67.88", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.4.0-67-lowlatency", ver:"4.4.0-67.88", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.4.0-67-powerpc-e500mc", ver:"4.4.0-67.88", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.4.0-67-powerpc-smp", ver:"4.4.0-67.88", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.4.0-67-powerpc64-emb", ver:"4.4.0-67.88", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.4.0-67-powerpc64-smp", ver:"4.4.0-67.88", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-aws", ver:"4.4.0.1009.11", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic", ver:"4.4.0.67.72", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-lpae", ver:"4.4.0.67.72", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-gke", ver:"4.4.0.1006.7", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency", ver:"4.4.0.67.72", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-powerpc-e500mc", ver:"4.4.0.67.72", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-powerpc-smp", ver:"4.4.0.67.72", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-powerpc64-emb", ver:"4.4.0.67.72", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-powerpc64-smp", ver:"4.4.0.67.72", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-raspi2", ver:"4.4.0.1048.48", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-snapdragon", ver:"4.4.0.1051.44", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo