[월:] 2016년 08월

USN-3072-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3072-1 29th August, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Kangjie Lu discovered an information leak in the Reliable Datagram Sockets(RDS) implementation in the Linux kernel. A local attacker could use thisto obtain potentially sensitive information from kernel memory.(CVE-2016-5244) Yue Cao et al discovered a flaw in the TCP implementation's handling ofchallenge acks in the Linux kernel. A remote attacker could use this tocause a denial of service (reset connection) or inject content into an TCPstream. (CVE-2016-5696) It was discovered that a heap based buffer overflow existed in the USB HIDdriver in the Linux kernel. A local attacker could use this cause a denialof service (system crash) [ more… ]

USN-3072-2: Linux kernel (OMAP4) vulnerabilities Ubuntu Security Notice USN-3072-2 29th August, 2016 linux-ti-omap4 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-ti-omap4 – Linux kernel for OMAP4 Details Kangjie Lu discovered an information leak in the Reliable Datagram Sockets(RDS) implementation in the Linux kernel. A local attacker could use thisto obtain potentially sensitive information from kernel memory.(CVE-2016-5244) Yue Cao et al discovered a flaw in the TCP implementation's handling ofchallenge acks in the Linux kernel. A remote attacker could use this tocause a denial of service (reset connection) or inject content into an TCPstream. (CVE-2016-5696) It was discovered that a heap based buffer overflow existed in the USB HIDdriver in the Linux kernel. A local attacker could use this cause a denialof [ more… ]