Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian LTS Advisory ([SECURITY] [DLA 1715-1] linux-4.9 security update)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-18249 A race condition was discovered in the disk space allocator of F2FS. A user with access to an F2FS volume could use this to cause a denial of service or other security impact. CVE-2018-1128, CVE-2018-1129 The cephx authentication protocol used by Ceph was susceptible to replay attacks, and calculated signatures incorrectly. These vulnerabilities in the server required changes to authentication that are incompatible with existing clients. The kernel's client code has now been updated to be compatible with the fixed server. Description truncated. Please see the references for more information.
Affected Software
Affected Software
linux-4.9 on Debian Linux
Detection Method
Detection Method
This check tests the installed software version using the apt package manager.
Solution
Solution
For Debian 8 'Jessie', these problems have been fixed in version 4.9.144-3.1~deb8u1. This version also includes fixes for Debian bugs #890034, #896911, #907581, #915229, #915231 and other fixes included in upstream stable updates. We recommend that you upgrade your linux-4.9 packages.
Common Vulnerabilities and Exposures (CVE)
- CVE-2017-18249
- CVE-2018-1128
- CVE-2018-1129
- CVE-2018-12896
- CVE-2018-13053
- CVE-2018-13096
- CVE-2018-13097
- CVE-2018-13100
- CVE-2018-13406
- CVE-2018-14610
- CVE-2018-14611
- CVE-2018-14612
- CVE-2018-14613
- CVE-2018-14614
- CVE-2018-14616
- CVE-2018-15471
- CVE-2018-16862
- CVE-2018-17972
- CVE-2018-18281
- CVE-2018-18690
- CVE-2018-18710
- CVE-2018-19407
- CVE-2018-3639
- CVE-2018-5391
- CVE-2018-5848
- CVE-2018-6554