Debian DSA-3329-1 : linux - security update

high Nessus Plugin ID 85281
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

- CVE-2015-1333 Colin Ian King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user can exploit this flaw to cause a denial of service due to memory exhaustion.

- CVE-2015-3212 Ji Jianwen of Red Hat Engineering discovered a flaw in the handling of the SCTPs automatic handling of dynamic multi-homed connections. A local attacker could use this flaw to cause a crash or potentially for privilege escalation.

- CVE-2015-4692 A NULL pointer dereference flaw was found in the kvm_apic_has_events function in the KVM subsystem. A unprivileged local user could exploit this flaw to crash the system kernel resulting in denial of service.

- CVE-2015-4700 Daniel Borkmann discovered a flaw in the Linux kernel implementation of the Berkeley Packet Filter which can be used by a local user to crash the system.

- CVE-2015-5364 It was discovered that the Linux kernel does not properly handle invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums.

- CVE-2015-5366 It was discovered that the Linux kernel does not properly handle invalid UDP checksums. A remote attacker can cause a denial of service against applications that use epoll by injecting a single packet with an invalid checksum.

- CVE-2015-5697 A flaw was discovered in the md driver in the Linux kernel leading to an information leak.

- CVE-2015-5706 An user triggerable use-after-free vulnerability in path lookup in the Linux kernel could potentially lead to privilege escalation.

- CVE-2015-5707 An integer overflow in the SCSI generic driver in the Linux kernel was discovered. A local user with write permission on a SCSI generic device could potentially exploit this flaw for privilege escalation.

Solution

Upgrade the linux packages.

For the oldstable distribution (wheezy), these problems have been fixed in version 3.2.68-1+deb7u3. CVE-2015-1333, CVE-2015-4692 and CVE-2015-5706 do not affect the wheezy distribution.

For the stable distribution (jessie), these problems have been fixed in version 3.16.7-ckt11-1+deb8u3, except CVE-2015-5364 and CVE-2015-5366 which were fixed already in DSA-3313-1.

See Also

https://security-tracker.debian.org/tracker/CVE-2015-1333

https://security-tracker.debian.org/tracker/CVE-2015-3212

https://security-tracker.debian.org/tracker/CVE-2015-4692

https://security-tracker.debian.org/tracker/CVE-2015-4700

https://security-tracker.debian.org/tracker/CVE-2015-5364

https://security-tracker.debian.org/tracker/CVE-2015-5366

https://security-tracker.debian.org/tracker/CVE-2015-5697

https://security-tracker.debian.org/tracker/CVE-2015-5706

https://security-tracker.debian.org/tracker/CVE-2015-5707

https://security-tracker.debian.org/tracker/CVE-2015-1333

https://security-tracker.debian.org/tracker/CVE-2015-4692

https://security-tracker.debian.org/tracker/CVE-2015-5706

https://security-tracker.debian.org/tracker/CVE-2015-5364

https://security-tracker.debian.org/tracker/CVE-2015-5366

https://packages.debian.org/source/jessie/linux

https://www.debian.org/security/2015/dsa-3329

Plugin Details

Severity: High

ID: 85281

File Name: debian_DSA-3329.nasl

Version: 2.8

Type: local

Agent: unix

Published: 8/10/2015

Updated: 1/11/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:linux, cpe:/o:debian:debian_linux:7.0, cpe:/o:debian:debian_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 8/7/2015

Vulnerability Publication Date: 7/27/2015

Reference Information

CVE: CVE-2015-1333, CVE-2015-3212, CVE-2015-4692, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366, CVE-2015-5697, CVE-2015-5706, CVE-2015-5707

DSA: 3329