Ubuntu Security Notice 2620-1 - A flaw was discovered in the Linux kernel's IPv4 networking when using TCP fast open to initiate a connection. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).
edd5f480421b210b457c2499a531a190bccab8ba2c8fbe7e2e7ed8ac17fa7415
Ubuntu Security Notice 2619-1 - A flaw was discovered in the Linux kernel's IPv4 networking when using TCP fast open to initiate a connection. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).
3ef6936a70c7ad0d26493e6f0c68650c10610d099531f5352d1c0c438fb0cef7
Fuse (fusermount) suffers from a local privilege escalation vulnerability. This is a proof of concept for Ubuntu.
b50e101f0fd8a29c70f51dd4db578306c1a77f5520e6a8b981293987baf4ba67
The named pipe, \SUPipeServer, can be accessed by normal users to interact with the System update service. The service provides the possibility to execute arbitrary commands as SYSTEM if a valid security token is provided. This token can be generated by calling the GetSystemInfoData function in the DLL tvsutil.dll. Please, note that the System Update is stopped by default but can be started/stopped calling the Executable ConfigService.exe.
a1b4e2c233f7b4436e33e4531fa6f85ed939d5f69470091600ce9b27ca87965a