Ubuntu Security Notice 3364-3 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture subsystem in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
52da26b53d8c3033579bdd0681b859c86afd51f1537e50195093a868a02ecc95It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). Jann Horn discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel could overflow reference counters on systems with more than 32GB of physical ram and with RLIMIT_MEMLOCK set to infinite. A local unprivileged attacker could use to create a use-after- free situation, causing a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
5ac8ab1044124a2f103555749966cf05ff7355548d25296503bbe9485eb0814cUbuntu Security Notice 3364-2 - USN-3364-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
7ab39edea8d33fac19ee690f5410d949caf2f5e5bf4c3d8797fa3459ba097f19Ubuntu Security Notice 3364-1 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture subsystem in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
8d4d1e11cb0c3c986ec4d3a563f90d8fb81893599073f102feea772fe215fc10Ubuntu Security Notice 3359-1 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. Dmitry Vyukov, Andrey Konovalov, Florian Westphal, and Eric Dumazet discovered that the netfiler subsystem in the Linux kernel mishandled IPv6 packet reassembly. A local user could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
4c2386596faece3a8190c5928d9c879c09f797743015282506baa7e3339d72ecUbuntu Security Notice 3345-1 - USN 3324-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. Various other issues were also addressed.
4fad8a2d68a376e72996bff518accee987d6531fbdbaade3e1a8aafe24ebd666Ubuntu Security Notice 3324-1 - It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. Various other issues were also addressed.
2c5ba59805eb07621c353113a2a21f38511aadfb5495a6ed18f4d144cfe959abUbuntu Security Notice 3325-1 - It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. Various other issues were also addressed.
426ec316fe236e8d4959114127b40493159b960d73bfac790d20f2dc4485a012
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed