Ubuntu Security Notice (C) 2014-2015 Canonical, Inc. / NASL script (C) 2014-2015 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
Sasha Levin reported a flaw in the Linux kernel's point-to-point
protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP).
A local user could exploit this flaw to gain administrative
Michael S. Tsirkin discovered an information leak in the Linux
kernel's segmentation of skbs when using the zerocopy feature of
vhost-net. A local attacker could exploit this flaw to gain
potentially sensitive information from kernel memory. (CVE-2014-0131)
Don Bailey discovered a flaw in the LZO decompress algorithm used by
the Linux kernel. An attacker could exploit this flaw to cause a
denial of service (memory corruption or OOPS). (CVE-2014-4608).
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 6.0
Public Exploit Available : true