[월:] 2015년 12월

Ubuntu Security Notice USN-2841-1 17th December, 2015 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Jan Beulich discovered that the KVM svm hypervisor implementation in theLinux kernel did not properly catch Debug exceptions on AMD processors. Anattacker in a guest virtual machine could use this to cause a denial ofservice (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp implementation in the Linux kernel didnot ensure that certain slot numbers are valid. A local attacker with theprivilege to call ioctl() on /dev/ppp could cause a denial of service(system crash). (CVE-2015-7799) It was discovered that the driver for Digi Neo and ClassicBoard devices didnot properly initialize data structures. A local attacker could use this [ more… ]

Ubuntu Security Notice USN-2841-2 17th December, 2015 linux-lts-trusty vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-trusty – Linux hardware enablement kernel from Trusty Details Jan Beulich discovered that the KVM svm hypervisor implementation in theLinux kernel did not properly catch Debug exceptions on AMD processors. Anattacker in a guest virtual machine could use this to cause a denial ofservice (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp implementation in the Linux kernel didnot ensure that certain slot numbers are valid. A local attacker with theprivilege to call ioctl() on /dev/ppp could cause a denial of service(system crash). (CVE-2015-7799) It was discovered that the driver for Digi Neo and ClassicBoard devices didnot properly initialize data structures. A local [ more… ]

Ubuntu Security Notice USN-2842-1 17th December, 2015 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.04 Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Jan Beulich discovered that the KVM svm hypervisor implementation in theLinux kernel did not properly catch Debug exceptions on AMD processors. Anattacker in a guest virtual machine could use this to cause a denial ofservice (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp implementation in the Linux kernel didnot ensure that certain slot numbers are valid. A local attacker with theprivilege to call ioctl() on /dev/ppp could cause a denial of service(system crash). (CVE-2015-7799) It was discovered that the virtual video osd test driver in the Linuxkernel did not properly initialize data structures. A local attacker coulduse this [ more… ]

Ubuntu Security Notice USN-2842-2 17th December, 2015 linux-lts-vivid vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-vivid – Linux hardware enablement kernel from Vivid Details Jan Beulich discovered that the KVM svm hypervisor implementation in theLinux kernel did not properly catch Debug exceptions on AMD processors. Anattacker in a guest virtual machine could use this to cause a denial ofservice (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp implementation in the Linux kernel didnot ensure that certain slot numbers are valid. A local attacker with theprivilege to call ioctl() on /dev/ppp could cause a denial of service(system crash). (CVE-2015-7799) It was discovered that the virtual video osd test driver in the Linuxkernel did not properly initialize data structures. [ more… ]

Ubuntu Security Notice USN-2843-1 17th December, 2015 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Jan Beulich discovered that the KVM svm hypervisor implementation in theLinux kernel did not properly catch Debug exceptions on AMD processors. Anattacker in a guest virtual machine could use this to cause a denial ofservice (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp implementation in the Linux kernel didnot ensure that certain slot numbers are valid. A local attacker with theprivilege to call ioctl() on /dev/ppp could cause a denial of service(system crash). (CVE-2015-7799) Dmitry Vyukov discovered that the Linux kernel's keyring handler attemptedto garbage collect incompletely instantiated keys. A local unprivilegedattacker could use this to cause a [ more… ]