SECURITY

USN-3097-2: Linux kernel (OMAP4) vulnerabilities Ubuntu Security Notice USN-3097-2 13th October, 2016 linux-ti-omap4 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-ti-omap4 – Linux kernel for OMAP4 Details Marco Grassi discovered a use-after-free condition could occur in the TCPretransmit queue handling code in the Linux kernel. A local attacker coulduse this to cause a denial of service (system crash) or possibly executearbitrary code. (CVE-2016-6828) Pengfei Wang discovered a race condition in the audit subsystem in theLinux kernel. A local attacker could use this to corrupt audit logs ordisrupt system-call auditing. (CVE-2016-6136) Pengfei Wang discovered a race condition in the Adaptec AAC RAID controllerdriver in the Linux kernel when handling ioctl()s. A local attacker coulduse this to cause a denial of service (system [ more… ]

USN-3103-1: DBD::mysql vulnerabilities Ubuntu Security Notice USN-3103-1 13th October, 2016 libdbd-mysql-perl vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary DBD::mysql could be made to crash or run programs if it received specially crafted input. Software description libdbd-mysql-perl – Perl5 database interface to the MySQL database Details It was discovered that DBD::mysql incorrectly handled certain memoryoperations. A remote attacker could use this issue to cause DBD::mysql tocrash, resulting in a denial of service, or possibly execute arbitrarycode. (CVE-2014-9906) Hanno Böck discovered that DBD::mysql incorrectly handled certain memoryoperations. A remote attacker could use this issue to cause DBD::mysql tocrash, resulting in a denial of service, or possibly execute arbitrarycode. (CVE-2015-8949) Pali Rohár discovered that DBD::mysql incorrectly handled certain usersupplied data. A remote attacker could use this issue to cause DBD::mysqlto crash, [ more… ]