http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=613317bd212c585c20796c10afe5daaa95d4b0a1

USN-2946-1

USN-2946-2

USN-2947-1

USN-2947-2

USN-2947-3

USN-2948-1

USN-2948-2

USN-2949-1

https://bugzilla.redhat.com/show_bug.cgi?id=1324867

https://github.com/torvalds/linux/commit/613317bd212c585c20796c10afe5daaa95d4b0a1

https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2085.html

https://security-tracker.debian.org/tracker/CVE-2016-2085

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - The kernel package contains the Linux kernel (vmlinuz),     the core of any Linux operating system. The kernel     handles the basic functions of the operating system:
    memory allocation, process allocation, device input and     output, etc.Security Fix(es):** DISPUTED ** In     kernel/compat.c in the Linux kernel before 3.17, as     used in Google Chrome OS and other products, there is a     possible out-of-bounds read. restart_syscall uses     uninitialized data when restarting     compat_sys_nanosleep. NOTE: this is disputed because     the code path is unreachable.(CVE-2014-3180)A heap     overflow flaw was found in the Linux kernel, all     versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi     chip driver. The vulnerability allows a remote attacker     to cause a system crash, resulting in a denial of     service, or execute arbitrary code. The highest threat     with this vulnerability is with the availability of the     system. If code execution occurs, the code will run     with the permissions of root. This will affect both     confidentiality and integrity of files on the     system.(CVE-2019-14901)A heap-based buffer overflow     vulnerability was found in the Linux kernel, version     kernel-2.6.32, in Marvell WiFi chip driver. A remote     attacker could cause a denial of service (system crash)     or, possibly execute arbitrary code, when the     lbs_ibss_join_existing function is called after a STA     connects to an AP.(CVE-2019-14896)A memory leak in the     ath10k_usb_hif_tx_sg() function in drivers/     net/wireless/ath/ath10k/usb.c in the Linux kernel     through 5.3.11 allows attackers to cause a denial of     service (memory consumption) by triggering     usb_submit_urb() failures, aka     CID-b8d17e7d93d2.(CVE-2019-19078)A memory leak in the     mlx5_fpga_conn_create_cq() function in drivers/     net/ethernet/mellanox/mlx5/core/fpga/conn.c in the     Linux kernel before 5.3.11 allows attackers to cause a     denial of service (memory consumption) by triggering     mlx5_vector2eqn() failures, aka     CID-c8c2a057fdc7.(CVE-2019-19045)A stack-based buffer     overflow was found in the Linux kernel, version     kernel-2.6.32, in Marvell WiFi chip driver. An attacker     is able to cause a denial of service (system crash) or,     possibly execute arbitrary code, when a STA works in     IBSS mode (allows connecting stations together without     the use of an AP) and connects to another     STA.(CVE-2019-14897)An out-of-bounds memory write issue     was found in the Linux Kernel, version 3.13 through     5.4, in the way the Linux kernel's KVM hypervisor     handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request     to get CPUID features emulated by the KVM hypervisor. A     user or process able to access the '/dev/kvm' device     could use this flaw to crash the system, resulting in a     denial of service.(CVE-2019-19332)Improper invalidation     for page table updates by a virtual guest operating     system for multiple Intel(R) Processors may allow an     authenticated user to potentially enable denial of     service of the host system via local     access.(CVE-2018-12207)In the Android kernel in the     video driver there is a use after free due to a race     condition. This could lead to local escalation of     privilege with no additional execution privileges     needed. User interaction is not needed for     exploitation.(CVE-2019-9458)In the AppleTalk subsystem     in the Linux kernel before 5.1, there is a potential     NULL pointer dereference because register_snap_client     may return NULL. This will lead to denial of service in     net/appletalk/aarp.c and net/appletalk/ddp.c, as     demonstrated by unregister_snap_client, aka     CID-9804501fa122.(CVE-2019-19227)In the Linux kernel     5.0.21, mounting a crafted btrfs filesystem image,     performing some operations, and then making a syncfs     system call can lead to a use-after-free in
    __mutex_lock in kernel/locking/mutex.c. This is related     to mutex_can_spin_on_owner in kernel/locking/mutex.c,
    __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and     btrfs_insert_delayed_items in     fs/btrfs/delayed-inode.c.(CVE-2019-19813)In the Linux     kernel 5.4.0-rc2, there is a use-after-free (read) in     the __blk_add_trace function in kernel/trace/blktrace.c     (which is used to fill out a blk_io_trace structure and     place it in a per-cpu sub-buffer).(CVE-2019-19768)In     the Linux kernel before 5.0.6, there is a NULL pointer     dereference in drop_sysctl_table() in     fs/proc/proc_sysctl.c, related to put_links, aka     CID-23da9588037e.(CVE-2019-20054)In the Linux kernel     before 5.2.9, there is an info-leak bug that can be     caused by a malicious USB device in the drivers/     net/can/usb/peak_usb/pcan_usb_pro.c driver, aka     CID-ead16e53c2f0.(CVE-2019-19536)In the Linux kernel     before 5.3.11, there is an info-leak bug that can be     caused by a malicious USB device in the drivers/     net/can/usb/peak_usb/pcan_usb_core.c driver, aka     CID-f7a1337f0d29.(CVE-2019-19534)In the Linux kernel     before 5.3.6, there is a use-after-free bug that can be     caused by a malicious USB device in the drivers/     net/ieee802154/atusb.c driver, aka     CID-7fd25e6fc035.(CVE-2019-19525)Insufficient access     control in a subsystem for Intel (R) processor graphics     in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM)     Processor Families Intel(R) Pentium(R) Processor J, N,     Silver and Gold Series Intel(R) Celeron(R) Processor J,     N, G3900 and G4900 Series Intel(R) Atom(R) Processor A     and E3900 Series Intel(R) Xeon(R) Processor E3-1500 v5     and v6, E-2100 and E-2200 Processor Families Intel(R)     Graphics Driver for Windows before 26.20.100.6813 (DCH)     or 26.20.100.6812 and before 21.20.x.5077     (aka15.45.5077), i915 Linux Driver for Intel(R)     Processor Graphics before versions 5.4-rc7, 5.3.11,     4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an     authenticated user to potentially enable escalation of     privilege via local access.(CVE-2019-0155)Insufficient     input validation in Kernel Mode Driver in Intel(R) i915     Graphics for Linux before version 5.0 may allow an     authenticated user to potentially enable escalation of     privilege via local     access.(CVE-2019-11085)kernel/sched/fair.c in the Linux     kernel before 5.3.9, when cpu.cfs_quota_us is used     (e.g., with Kubernetes), allows attackers to cause a     denial of service against non-cpu-bound applications by     generating a workload that triggers unwanted slice     expiration, aka CID-de53fd7aedb1. (In other words,     although this slice expiration would typically be seen     with benign workloads, it is possible that an attacker     could calculate how many stray requests are required to     force an entire Kubernetes cluster into a     low-performance state caused by slice expiration, and     ensure that a DDoS attack sent that number of stray     requests. An attack does not affect the stability of     the kernel it only causes mismanagement of application     execution.)(CVE-2019-19922)The evm_verify_hmac function     in security/integrity/evm/evm_main.c in the Linux     kernel before 4.5 does not properly copy data, which     makes it easier for local users to forge MAC values via     a timing side-channel attack.(CVE-2016-2085)The     pcpu_embed_first_chunk function in mm/percpu.c in the     Linux kernel through 4.14.14 allows local users to     obtain sensitive address information by reading dmesg     data from a 'pages/cpu' printk call.(CVE-2018-5995)TSX     Asynchronous Abort condition on some CPUs utilizing     speculative execution may allow an authenticated user     to potentially enable information disclosure via a side     channel with local access.(CVE-2019-11135)An issue was     discovered in drivers/scsi/aacraid/commctrl.c in the     Linux kernel before 4.13. There is potential exposure     of kernel stack memory because aac_send_raw_srb does     not initialize the reply structure.(CVE-2017-18549)An     issue was discovered in drivers/scsi/aacraid/commctrl.c     in the Linux kernel before 4.13. There is potential     exposure of kernel stack memory because     aac_get_hba_info does not initialize the hbainfo     structure.(CVE-2017-18550)In the Linux kernel through     4.15.4, the floppy driver reveals the addresses of     kernel functions and global variables using printk     calls within the function show_floppy in     drivers/block/floppy.c. An attacker can read this     information from dmesg and use the addresses to find     the locations of kernel code and data and bypass kernel     security protections such as KASLR.(CVE-2018-7273)A     heap-based buffer overflow was discovered in the Linux     kernel, all versions 3.x.x and 4.x.x before 4.18.0, in     Marvell WiFi chip driver. The flaw could occur when the     station attempts a connection negotiation during the     handling of the remote devices country settings. This     could allow the remote device to cause a denial of     service (system crash) or possibly execute arbitrary     code.(CVE-2019-14895)The Linux kernel before 5.4.1 on     powerpc allows Information Exposure because the     Spectre-RSB mitigation is not in place for all     applicable CPUs, aka CID-39e72bf96f58. This is related     to arch/powerpc/kernel/entry_64.S and     arch/powerpc/kernel/security.c.(CVE-2019-18660)In the     Linux kernel 5.0.21, mounting a crafted ext4 filesystem     image, performing some operations, and unmounting can     lead to a use-after-free in ext4_put_super in     fs/ext4/super.c, related to dump_orphan_list in     fs/ext4/super.c.(CVE-2019-19447)In the Linux kernel     through 5.4.6, there is a NULL pointer dereference in     drivers/scsi/libsas/sas_discover.c because of     mishandling of port disconnection during discovery,     related to a PHY down race condition, aka     CID-f70267f379b5.(CVE-2019-19965)In the Linux kernel     before 5.1.6, there is a use-after-free in cpia2_exit()     in drivers/media/usb/cpia2/cpia2_v4l.c that will cause     denial of service, aka     CID-dea37a972655.(CVE-2019-19966)An exploitable     denial-of-service vulnerability exists in the Linux     kernel prior to mainline 5.3. An attacker could exploit     this vulnerability by triggering AP to send IAPP     location updates for stations before the required     authentication process has completed. This could lead     to different denial-of-service scenarios, either by     causing CAM table attacks, or by leading to traffic     flapping if faking already existing clients in other     nearby APs of the same wireless infrastructure. An     attacker can forge Authentication and Association     Request packets to trigger this     vulnerability.(CVE-2019-5108)mwifiex_tm_cmd in drivers/     net/wireless/marvell/mwifiex/cfg80211.c in the Linux     kernel before 5.1.6 has some error-handling cases that     did not free allocated hostcmd memory, aka     CID-003b686ace82. This will cause a memory leak and     denial of service.(CVE-2019-20095)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :

  - An out-of-bounds memory access flaw was found in the     Linux kernel's system call auditing implementation. On     a system with existing audit rules defined, a local,     unprivileged user could use this flaw to leak kernel     memory to user space or, potentially, crash the     system.(CVE-2014-3917i1/4%0

  - The net/netfilter/nfnetlink_cthelper.c function in the     Linux kernel through 4.14.4 does not require the     CAP_NET_ADMIN capability for new, get, and del     operations. This allows local users to bypass intended     access restrictions because the nfnl_cthelper_list data     structure is shared across all net     namespaces.(CVE-2017-17448i1/4%0

  - A race condition flaw was found between the chown and     execve system calls. When changing the owner of a     setuid user binary to root, the race condition could     momentarily make the binary setuid root. A local,     unprivileged user could potentially use this flaw to     escalate their privileges on the     system.(CVE-2015-3339i1/4%0

  - Keberos 5 tickets being decoded when using the RXRPC     keys incorrectly assumes the size of a field. This     could lead to the size-remaining variable wrapping and     the data pointer going over the end of the buffer. This     could possibly lead to memory corruption and possible     privilege escalation.(CVE-2017-7482i1/4%0

  - The nfs_can_extend_write function in fs/nfs/write.c in     the Linux kernel before 3.13.3 relies on a write     delegation to extend a write operation without a     certain up-to-date verification, which allows local     users to obtain sensitive information from kernel     memory in opportunistic circumstances by writing to a     file in an NFS filesystem and then reading the same     file.(CVE-2014-2038i1/4%0

  - KVM in the Linux kernel before 4.8.12, when I/O APIC is     enabled, does not properly restrict the VCPU index,     which allows guest OS users to gain host OS privileges     or cause a denial of service (out-of-bounds array     access and host OS crash) via a crafted interrupt     request, related to arch/x86/kvm/ioapic.c and     arch/x86/kvm/ioapic.h.(CVE-2016-9777i1/4%0

  - The instruction decoder in arch/x86/kvm/emulate.c in     the KVM subsystem in the Linux kernel before 3.18-rc2     lacks intended decoder-table flags for certain     RIP-relative instructions, which allows guest OS users     to cause a denial of service (NULL pointer dereference     and host OS crash) via a crafted     application.(CVE-2014-8480i1/4%0

  - arch/x86/kernel/entry_32.S in the Linux kernel through     3.15.1 on 32-bit x86 platforms, when syscall auditing     is enabled and the sep CPU feature flag is set, allows     local users to cause a denial of service (OOPS and     system crash) via an invalid syscall number, as     demonstrated by number 1000.(CVE-2014-4508i1/4%0

  - The overlayfs implementation in the Linux kernel     through 4.5.2 does not properly restrict the mount     namespace, which allows local users to gain privileges     by mounting an overlayfs filesystem on top of a FUSE     filesystem, and then executing a crafted setuid     program.(CVE-2016-1576i1/4%0

  - A use-after-free vulnerability was found when issuing     an ioctl to a sound device. This could allow a user to     exploit a race condition and create memory corruption     or possibly privilege escalation.(CVE-2017-15265i1/4%0

  - The drivers/uwb/uwbd.c in the Linux kernel, before     4.13.6, allows local users to cause a denial of service     (general protection fault and system crash) or possibly     have unspecified other impact via a crafted USB     device.(CVE-2017-16526i1/4%0

  - The Linux kernel was found vulnerable to a NULL pointer     dereference in the     drivers/net/phy/mdio-bcm-unimac.c:unimac_mdio_probe()     function caused by an unchecked return value from the     platform_get_resource() function. A successful flaw     exploitation can cause a system panic and a denial of     service. This flaw is believed not to be an attacker     triggerable as bad return value can be caused by     hardware misconfiguration.(CVE-2018-8043i1/4%0

  - A flaw was found in the Linux kernel SCSI subsystem,     which allowed a local user to gain privileges or cause     a denial of service (memory corruption and system     crash) by issuing an SG_IO ioctl call while a device     was being detached.(CVE-2015-8962i1/4%0

  - The xc2028_set_config function in     drivers/media/tuners/tuner-xc2028.c in the Linux kernel     before 4.6 allows local users to gain privileges or     cause a denial of service (use-after-free) via vectors     involving omission of the firmware name from a certain     data structure. Due to the nature of the flaw,     privilege escalation cannot be fully ruled out,     although we believe it is unlikely.(CVE-2016-7913i1/4%0

  - drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver     in the Linux kernel through 4.0.5 does not ensure that     certain length values are sufficiently large, which     allows remote attackers to cause a denial of service     (system crash or large loop) or possibly execute     arbitrary code via a crafted packet, related to the (1)     oz_usb_rx and (2) oz_usb_handle_ep_data     functions.(CVE-2015-4002i1/4%0

  - Race condition in the environ_read() function in     'fs/proc/base.c' in the Linux kernel before 4.5.4     allows local users to obtain sensitive information from     kernel memory by reading a '/proc/*/environ' file     during a process-setup time interval in which     environment-variable copying is     incomplete.(CVE-2016-7916i1/4%0

  - Integer signedness error in the oz_hcd_get_desc_cnf     function in drivers/staging/ozwpan/ozhcd.c in the     OZWPAN driver in the Linux kernel through 4.0.5 allows     remote attackers to cause a denial of service (system     crash) or possibly execute arbitrary code via a crafted     packet.(CVE-2015-4001i1/4%0

  - A vulnerability was found in the Linux kernel when     peeling off an association to the socket in another     network namespace. All transports in this association     are not to be rehashed and keep using the old key in     hashtable, thus removing transports from hashtable when     closing the socket, all transports are being freed.
    Later on a use-after-free issue could be caused when     looking up an association and dereferencing the     transports.(CVE-2017-15115i1/4%0

  - The evm_verify_hmac function in     security/integrity/evm/evm_main.c in the Linux kernel     before 4.5 does not properly copy data, which makes it     easier for local users to forge MAC values via a timing     side-channel attack.(CVE-2016-2085i1/4%0

  - A flaw was discovered in processing setsockopt for 32     bit processes on 64 bit systems. This flaw will allow     attackers to alter arbitrary kernel memory when     unloading a kernel module. This action is usually     restricted to root-privileged users but can also be     leveraged if the kernel is compiled with CONFIG_USER_NS     and CONFIG_NET_NS and the user is granted elevated     privileges.(CVE-2016-4997i1/4%0

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2016-0100 for details.

The remote Oracle Linux host is missing a security update for the Unbreakable Enterprise kernel package(s).

USN-2948-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect reference counting fix in the radeon driver introduced a regression that could cause a system crash. This update fixes the problem.

We apologize for the inconvenience.

Ralf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7566)

Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)

Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2015-8812)

It was discovered that a race condition existed in the ioctl handler for the TTY driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-0723)

Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)

David Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)

Ralf Spenneberg discovered that the USB driver for Treo devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2016-2782)

It was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2847).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2015-8812)

Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)

David Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)

It was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).
(CVE-2016-2847).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Ralf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7566)

Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)

Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2015-8812)

It was discovered that a race condition existed in the ioctl handler for the TTY driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-0723)

Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)

David Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)

Ralf Spenneberg discovered that the USB driver for Treo devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2016-2782)

It was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).
(CVE-2016-2847).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)

Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2015-8812)

Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)

It was discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel did not correctly compute branch offsets for backward jumps after ctx expansion. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-2383)

David Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)

It was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).
(CVE-2016-2847).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
133913	EulerOS 2.0 SP5 : kernel (EulerOS-SA-2020-1112)	Nessus	Huawei Local Security Checks	critical
124981	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1528)	Nessus	Huawei Local Security Checks	high
93679	OracleVM 3.4 : Unbreakable / etc (OVMSA-2016-0100)	Nessus	OracleVM Local Security Checks	critical
93148	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3596)	Nessus	Oracle Linux Local Security Checks	critical
90507	Ubuntu 14.04 LTS : linux-lts-utopic regression (USN-2948-2)	Nessus	Ubuntu Local Security Checks	critical
90406	Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2949-1)	Nessus	Ubuntu Local Security Checks	critical
90405	Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2948-1)	Nessus	Ubuntu Local Security Checks	critical
90404	Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2947-3)	Nessus	Ubuntu Local Security Checks	critical
90403	Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2947-2)	Nessus	Ubuntu Local Security Checks	critical
90402	Ubuntu 15.10 : linux vulnerabilities (USN-2947-1)	Nessus	Ubuntu Local Security Checks	critical
90401	Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2946-2)	Nessus	Ubuntu Local Security Checks	critical
90400	Ubuntu 14.04 LTS : linux vulnerabilities (USN-2946-1)	Nessus	Ubuntu Local Security Checks	critical

CVE-2016-2085

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins