The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3071-1 advisory.

  - The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a     certain structure member, which allows remote attackers to obtain sensitive information from kernel stack     memory by reading an RDS message. (CVE-2016-5244)

  - net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK     segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
    (CVE-2016-5696)

  - Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the     Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a     denial of service (memory corruption and system crash) by changing a certain header, aka a double fetch     vulnerability. (CVE-2016-5728)

  - The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc     platforms mishandles transactional state, which allows local users to cause a denial of service (invalid     process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by     starting and suspending a transaction before an exec system call. (CVE-2016-5828)

  - Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in     the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified     other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call. (CVE-2016-5829)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3071-1)

high Nessus Plugin ID 93218

Version 2.8