SECURITY

USN-2971-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-2971-1 9th May, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Zach Riggle discovered that the Linux kernel's list poison feature did nottake into account the mmap_min_addr value. A local attacker could use thisto bypass the kernel's poison-pointer protection mechanism while attemptingto exploit an existing kernel vulnerability. (CVE-2016-0821) Ralf Spenneberg discovered that the USB sound subsystem in the Linux kerneldid not properly validate USB device descriptors. An attacker with physicalaccess could use this [ more… ]

USN-2970-1: Linux kernel (Vivid HWE) vulnerabilities Ubuntu Security Notice USN-2970-1 9th May, 2016 linux-lts-vivid vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-vivid – Linux hardware enablement kernel from Vivid for Trusty Details Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Ben Hawkes discovered that the Linux kernel's AIO interface allowed singlewrites greater than 2GB, which could cause an integer overflow when writingto certain filesystems, socket or device types. A local attacker could thisto cause a denial of service (system crash) or possibly execute arbitrarycode. (CVE-2015-8830) Zach Riggle discovered that the Linux kernel's list [ more… ]

USN-2971-3: Linux kernel (Raspberry Pi 2) vulnerabilities Ubuntu Security Notice USN-2971-3 9th May, 2016 linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Summary Several security issues were fixed in the kernel. Software description linux-raspi2 – Linux kernel for Raspberry Pi 2 Details Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Zach Riggle discovered that the Linux kernel's list poison feature did nottake into account the mmap_min_addr value. A local attacker could use thisto bypass the kernel's poison-pointer protection mechanism while attemptingto exploit an existing kernel vulnerability. (CVE-2016-0821) Ralf Spenneberg discovered that the USB sound subsystem in the Linux kerneldid not properly validate USB device descriptors. [ more… ]

USN-2966-1: OpenSSH vulnerabilities Ubuntu Security Notice USN-2966-1 9th May, 2016 openssh vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in OpenSSH. Software description openssh – secure shell (SSH) for secure access to remote machines Details Shayan Sadigh discovered that OpenSSH incorrectly handled environment fileswhen the UseLogin feature is enabled. A local attacker could use this issueto gain privileges. (CVE-2015-8325) Ben Hawkes discovered that OpenSSH incorrectly handled certain networktraffic. A remote attacker could possibly use this issue to cause OpenSSHto crash, resulting in a denial of service. This issue only applied toUbuntu 15.10. (CVE-2016-1907) Thomas Hoger discovered that OpenSSH incorrectly handled untrusted X11forwarding when the SECURITY extension is disabled. A connection configuredas being untrusted could get switched to trusted in certain scenarios,contrary to [ more… ]