Lucene search
Ubuntu: Security Advisory (USN-3523-1)
🗓️ 10 Jan 2018 00:00:00Reported by Copyright (C) 2018 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 78 Views
The 'linux' package on Ubuntu 17.10 is missing important security updates which could lead to unauthorized memory reads and execution of arbitrary code. Update to the latest package(s)
Show more
| Reporter | Title | Published | Views | Family All 199 |
|---|---|---|---|---|
 | Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3523-2) | 11 Jan 201800:00 | – | nessus |
| Ubuntu 17.10 : linux vulnerabilities (USN-3523-1) (Meltdown) | 10 Jan 201800:00 | – | nessus |
| Ubuntu 17.10 : linux-raspi2 vulnerabilities (USN-3523-3) | 11 Jan 201800:00 | – | nessus |
| Ubuntu 16.04 LTS : Linux kernel (Intel Euclid) vulnerability (USN-3633-1) | 24 Apr 201800:00 | – | nessus |
| Fedora 26 : kernel (2018-8ed5eff2c0) | 5 Jan 201800:00 | – | nessus |
| Fedora 27 : kernel (2018-22d5fa8a90) | 15 Jan 201800:00 | – | nessus |
| Photon OS 1.0: Linux PHSA-2018-1.0-0097 (deprecated) | 17 Aug 201800:00 | – | nessus |
| Photon OS 1.0: Linux PHSA-2018-1.0-0097 | 7 Feb 201900:00 | – | nessus |
| Ubuntu 14.04 LTS : Linux kernel vulnerability (USN-3524-1) | 10 Jan 201800:00 | – | nessus |
| Ubuntu 16.04 LTS : Linux kernel vulnerability (USN-3522-1) | 10 Jan 201800:00 | – | nessus |
10
| Source | Link |
|---|---|
| ubuntu | www.ubuntu.com/security/notices/USN-3523-1 |
# SPDX-FileCopyrightText: 2018 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.843409");
script_cve_id("CVE-2017-16995", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-5754");
script_tag(name:"creation_date", value:"2018-01-10 06:39:53 +0000 (Wed, 10 Jan 2018)");
script_version("2024-02-02T05:06:06+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:06 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2018-01-09 16:08:21 +0000 (Tue, 09 Jan 2018)");
script_name("Ubuntu: Security Advisory (USN-3523-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2018 Greenbone AG");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU17\.10");
script_xref(name:"Advisory-ID", value:"USN-3523-1");
script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-3523-1");
script_tag(name:"summary", value:"The remote host is missing an update for the 'linux' package(s) announced via the USN-3523-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Jann Horn discovered that microprocessors utilizing speculative execution
and indirect branch prediction may allow unauthorized memory reads via
sidechannel attacks. This flaw is known as Meltdown. A local attacker could
use this to expose sensitive information, including kernel memory.
(CVE-2017-5754)
Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel did not properly check the relationship between pointer
values and the BPF stack. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-17863)
Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel improperly performed sign extension in some situations.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2017-16995)
Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF)
implementation in the Linux kernel contained a branch-pruning logic issue
around unreachable code. A local attacker could use this to cause a denial
of service. (CVE-2017-17862)
Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation
in the Linux kernel mishandled pointer data values in some situations. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2017-17864)");
script_tag(name:"affected", value:"'linux' package(s) on Ubuntu 17.10.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "UBUNTU17.10") {
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.13.0-25-generic", ver:"4.13.0-25.29", rls:"UBUNTU17.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.13.0-25-lowlatency", ver:"4.13.0-25.29", rls:"UBUNTU17.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic", ver:"4.13.0.25.26", rls:"UBUNTU17.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency", ver:"4.13.0.25.26", rls:"UBUNTU17.10"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo10 Jan 2018 00:00Current
7.3High risk
Vulners AI Score7.3
CVSS27.2
CVSS37.8
EPSS0.92857