Ubuntu 16.04 LTS : linux, linux-aws, linux-gke, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-3420-1) (BlueBorne)

Ubuntu Security Notice (C) 2017 Canonical, Inc. / NASL script (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related
patches.

Description :

It was discovered that a buffer overflow existed in the Bluetooth
stack of the Linux kernel when handling L2CAP configuration responses.
A physically proximate attacker could use this to cause a denial of
service (system crash). (CVE-2017-1000251)

It was discovered that the Flash-Friendly File System (f2fs)
implementation in the Linux kernel did not properly validate
superblock metadata. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-10663)

It was discovered that a buffer overflow existed in the ioctl handling
code in the ISDN subsystem of the Linux kernel. A local attacker could
use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2017-12762)

Pengfei Wang discovered that a race condition existed in the NXP
SAA7164 TV Decoder driver for the Linux kernel. A local attacker could
use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2017-8831).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 103323 ()

Bugtraq ID:

CVE ID: CVE-2017-1000251
CVE-2017-10663
CVE-2017-12762
CVE-2017-8831

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now