Red Hat Security Advisory 2017-2669-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotify_handle_event() and vfs_rename() while running the rename operation against the same file. As a result of the race the next slab data or the slab's free list pointer can be corrupted with attacker-controlled data, which may lead to the privilege escalation.
e48d45b3299e25794baf01efaba70783d2cc37c96df4e1cb6cd794ff41e25ad0
Red Hat Security Advisory 2017-1842-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system. A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.
5ca025049a9aeac274477f25b1f88d0c0690dadc0caf736cba30c2ebc58771e8
Red Hat Security Advisory 2017-2077-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system. A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.
d2c3180ea8e30c9c7a99dd568d556248785dfe383295b24d599dcc9aae61ff25
Ubuntu Security Notice 3290-1 - Marco Grassi discovered that the TCP implementation in the Linux kernel mishandles socket buffer truncation. A local attacker could use this to cause a denial of service.
563dfece3f8a1381536c36b79fbc4030397cf159f54546dca4e75ff220374ea6
Ubuntu Security Notice 3162-2 - CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service. Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. Various other issues were also addressed.
1a152ec0d19bda232ea06ae996e6b93187b6b85c72aaa3e85cc3d929ae530758
Ubuntu Security Notice 3162-1 - CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service. It was discovered that the KVM implementation for x86/x86_64 in the Linux kernel could dereference a null pointer. An attacker in a guest virtual machine could use this to cause a denial of service in the KVM host. Various other issues were also addressed.
4a32c8e86f3b8ceeef4be6f5af7b05191500a3c31de769c0f518689e552db28c
Ubuntu Security Notice 3161-4 - Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information. It was discovered that the Video For Linux Two implementation in the Linux kernel did not properly handle multiple planes when processing a VIDIOC_DQBUF ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
09cffad9b41759532941fa035fb7aeb597e6fa782bb0de514b160c4fbc83e328
Ubuntu Security Notice 3161-3 - Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information. It was discovered that the Video For Linux Two implementation in the Linux kernel did not properly handle multiple planes when processing a VIDIOC_DQBUF ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
3b72c509222788127c3449442ce79d5f2bb6a03e63fee7e3522725b77a66b344
Ubuntu Security Notice 3161-2 - USN-3161-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
f967f95be34ef9e42707f6f9d05fc2a0295cb3fa848e8c2db2a69175405727d6
Ubuntu Security Notice 3161-1 - Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information. It was discovered that the Video For Linux Two implementation in the Linux kernel did not properly handle multiple planes when processing a VIDIOC_DQBUF ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
d02ed1312a4662e3772b03a3dd3c24630bbaf9000053e2e30980817c514b43e8