SECURITY

USN-3256-1: Linux kernel vulnerability Ubuntu Security Notice USN-3256-1 4th April, 2017 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon, linux-ti-omap4 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary The system could be made to crash under certain conditions. Software description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-gke – Linux kernel for Google Container Engine (GKE) systems linux-raspi2 – Linux kernel for Raspberry Pi 2 linux-snapdragon – Linux kernel for Snapdragon Processors linux-ti-omap4 – Linux kernel for OMAP4 Details Andrey Konovalov discovered that the AF_PACKET implementation in the Linuxkernel did not properly validate certain block-size data. A local attackercould use this to cause a denial of service (system crash). Update instructions The problem can be corrected by updating your system [ more… ]

USN-3256-2: Linux kernel (HWE) vulnerability Ubuntu Security Notice USN-3256-2 4th April, 2017 linux-hwe, linux-lts-trusty, linux-lts-xenial vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary The system could be made to crash under certain conditions. Software description linux-hwe – Linux hardware enablement (HWE) kernel linux-lts-trusty – Linux hardware enablement kernel from Trusty for Precise linux-lts-xenial – Linux hardware enablement kernel from Xenial for Trusty Details USN-3256-1 fixed vulnerabilities in the Linux kernel for Ubuntu14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. This update providesthe corresponding updates for the Linux Hardware Enablement (HWE)kernel for each of the respective prior Ubuntu LTS releases. Andrey Konovalov discovered that the AF_PACKET implementation in the Linuxkernel did not properly validate certain block-size data. A local attackercould use this to cause a denial of [ more… ]