USN-3358-1: Linux kernel vulnerabilities
USN-3358-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3358-1 20th July, 2017 linux, linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Summary Several security issues were fixed in the Linux kernel. Software description linux – Linux kernel linux-raspi2 – Linux kernel for Raspberry Pi 2 Details It was discovered that the Linux kernel did not properly initialize a Wake-on-Lan data structure. A local attacker could use this to expose sensitiveinformation (kernel memory). (CVE-2014-9900) Alexander Potapenko discovered a race condition in the Advanced Linux SoundArchitecture (ALSA) subsystem in the Linux kernel. A local attacker coulduse this to expose sensitive information (kernel memory).(CVE-2017-1000380) Li Qiang discovered that the DRM driver for VMware Virtual GPUs in theLinux kernel did not properly validate some ioctl arguments. A localattacker could use this to cause a denial of service (system [ more… ]
