Ubuntu Security Notice (C) 2014 Canonical, Inc. / NASL script (C) 2014 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
Stephan Mueller reported an error in the Linux kernel's ansi cprng
random number generator. This flaw makes it easier for a local
attacker to break cryptographic protections. (CVE-2013-4345)
Nico Golde and Fabian Yamaguchi reported buffer underflow errors in
the implementation of the XFS filesystem in the Linux kernel. A local
user with CAP_SYS_ADMIN could exploit these flaw to cause a denial of
service (memory corruption) or possibly other unspecified issues.
An information leak was discovered in the Linux kernel when built with
the NetFilter Connection Tracking (NF_CONNTRACK) support for IRC
protocol (NF_NAT_IRC). A remote attacker could exploit this flaw to
obtain potentially sensitive kernel information when communicating
over a client- to-client IRC connection(/dcc) via a NAT-ed network.
Update the affected linux-image-3.8.0-38-generic package.
Risk factor :
Medium / CVSS Base Score : 5.8
CVSS Temporal Score : 5.0
Public Exploit Available : false
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 73288 ()
Bugtraq ID: 627406388965180
CVE ID: CVE-2013-4345CVE-2013-6382CVE-2014-1690
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.