No Image

USN-2967-1: Linux kernel vulnerabilities

2016-05-10 KENNETH 0

USN-2967-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-2967-1 9th May, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details It was discovered that the Linux kernel did not properly enforce rlimitsfor file descriptors sent over UNIX domain sockets. A local attacker coulduse this to cause a denial of service. (CVE-2013-4312) Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Ralf Spenneberg discovered that the USB driver for Clie devices in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause [ more… ]

No Image

USN-2969-1: Linux kernel (Utopic HWE) vulnerabilities

2016-05-10 KENNETH 0

USN-2969-1: Linux kernel (Utopic HWE) vulnerabilities Ubuntu Security Notice USN-2969-1 9th May, 2016 linux-lts-utopic vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-utopic – Linux hardware enablement kernel from Utopic for Trusty Details Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Ben Hawkes discovered that the Linux kernel's AIO interface allowed singlewrites greater than 2GB, which could cause an integer overflow when writingto certain filesystems, socket or device types. A local attacker could thisto cause a denial of service (system crash) or possibly execute arbitrarycode. (CVE-2015-8830) Zach Riggle discovered that the Linux kernel's list [ more… ]

No Image

USN-2968-2: Linux kernel (Trusty HWE) vulnerabilities

2016-05-10 KENNETH 0

USN-2968-2: Linux kernel (Trusty HWE) vulnerabilities Ubuntu Security Notice USN-2968-2 9th May, 2016 linux-lts-trusty vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-trusty – Linux hardware enablement kernel from Trusty for Precise Details USN-2968-1 fixed vulnerabilities in the Linux kernel for Ubuntu14.04 LTS. This update provides the corresponding updates for theLinux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS forUbuntu 12.04 LTS. Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Ben Hawkes discovered that the Linux kernel's AIO interface allowed singlewrites greater than 2GB, which could cause an integer overflow when writingto certain filesystems, [ more… ]

No Image

USN-2968-1: Linux kernel vulnerabilities

2016-05-10 KENNETH 0

USN-2968-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-2968-1 9th May, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Ben Hawkes discovered that the Linux kernel's AIO interface allowed singlewrites greater than 2GB, which could cause an integer overflow when writingto certain filesystems, socket or device types. A local attacker could thisto cause a denial of service (system crash) or possibly execute arbitrarycode. (CVE-2015-8830) It was discovered that the Linux kernel did not keep accurate track of pipebuffer details when [ more… ]

No Image

USN-2971-2: Linux kernel (Wily HWE) vulnerabilities

2016-05-10 KENNETH 0

USN-2971-2: Linux kernel (Wily HWE) vulnerabilities Ubuntu Security Notice USN-2971-2 9th May, 2016 linux-lts-wily vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-wily – Linux hardware enablement kernel from Wily for Trusty Details USN-2971-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10.This update provides the corresponding updates for the Linux HardwareEnablement (HWE) kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Zach Riggle discovered that the Linux kernel's list poison feature did nottake into account the mmap_min_addr value. A local attacker could use thisto bypass the [ more… ]