Several security issues were fixed in the kernel. Andrey Konovalov discovered that the AF_PACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker could use this to cause a denial of service (system crash). Andrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
42b1d7e92d487c05901f19f08b2e6c9e119556985c2054e46a019c3a3bd7bf0dUbuntu Security Notice 3168-2 - USN-3168-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
9012cf3de066704f3448524d520c803cb2d915bc3249eb551d28620e06df1168Ubuntu Security Notice 3167-1 - Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
922ea0d9162703a020810b8d5d1a488748c45604a87976262aa7430a6ec25b49Ubuntu Security Notice 3170-1 - Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Andrey Konovalov discovered that signed integer overflows existed in the setsockopt system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service. Various other issues were also addressed.
8b5deb1e0f7e97d4868b245412489de596a91259b71ec62afa0324b5a3cfb218Ubuntu Security Notice 3169-2 - USN-3169-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
eec4c4078812efef1c4d5f58451bc04fdbbba03ff36f6b8f1101a3d55a08e61dUbuntu Security Notice 3169-1 - Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Andrey Konovalov discovered that signed integer overflows existed in the setsockopt system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service. Various other issues were also addressed.
b205b7bca26c5804b31607e4396a608147e37d7a7cf4e77f7c062bf109ca668eUbuntu Security Notice 3167-2 - Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
ab5af9a2f2c42659cad09d768a50e142036653809c6ba71792581da86a8b814bUbuntu Security Notice 3168-1 - Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment in certain error cases. A local attacker could use this to expose sensitive information. Andrey Konovalov discovered that signed integer overflows existed in the setsockopt system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service. Various other issues were also addressed.
6ae254d390465843f0520c113fcc5fac33d391e5003e4cab5a57c6df6966df42
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed