USN-2971-1: Linux kernel vulnerabilities
USN-2971-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-2971-1 9th May, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Zach Riggle discovered that the Linux kernel's list poison feature did nottake into account the mmap_min_addr value. A local attacker could use thisto bypass the kernel's poison-pointer protection mechanism while attemptingto exploit an existing kernel vulnerability. (CVE-2016-0821) Ralf Spenneberg discovered that the USB sound subsystem in the Linux kerneldid not properly validate USB device descriptors. An attacker with physicalaccess could use this [ more… ]