USN-3162-1: Linux kernel vulnerabilities
USN-3162-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3162-1 20th December, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details CAI Qian discovered that shared bind mounts in a mount namespaceexponentially added entries without restriction to the Linux kernel's mounttable. A local attacker could use this to cause a denial of service (systemcrash). (CVE-2016-6213) It was discovered that the KVM implementation for x86/x86_64 in the Linuxkernel could dereference a null pointer. An attacker in a guest virtualmachine could use this to cause a denial of service (system crash) in theKVM host. (CVE-2016-8630) Eyal Itkin discovered that the IP over IEEE 1394 (FireWire) implementationin the Linux kernel contained a buffer overflow when handling fragmentedpackets. A remote attacker could use [ more… ]