SECURITY

Ubuntu Security Notice USN-2849-1 19th December, 2015 linux-lts-utopic vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-utopic – Linux hardware enablement kernel from Utopic Details Felix Wilhelm discovered a race condition in the Xen paravirtualizeddrivers which can cause double fetch vulnerabilities. An attacker in theparavirtualized guest could exploit this flaw to cause a denial of service(crash the host) or potentially execute arbitrary code on the host.(CVE-2015-8550) Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does notperform sanity checks on the device's state. An attacker could exploit thisflaw to cause a denial of service (NULL dereference) on the host.(CVE-2015-8551) Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does notperform sanity checks on the device's state. An attacker could exploit thisflaw to [ more… ]

Ubuntu Security Notice USN-2848-1 19th December, 2015 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Felix Wilhelm discovered a race condition in the Xen paravirtualizeddrivers which can cause double fetch vulnerabilities. An attacker in theparavirtualized guest could exploit this flaw to cause a denial of service(crash the host) or potentially execute arbitrary code on the host.(CVE-2015-8550) Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does notperform sanity checks on the device's state. An attacker could exploit thisflaw to cause a denial of service (NULL dereference) on the host.(CVE-2015-8551) Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does notperform sanity checks on the device's state. An attacker could exploit thisflaw to cause a denial of [ more… ]

Ubuntu Security Notice USN-2847-1 19th December, 2015 linux-lts-trusty vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-trusty – Linux hardware enablement kernel from Trusty Details Felix Wilhelm discovered a race condition in the Xen paravirtualizeddrivers which can cause double fetch vulnerabilities. An attacker in theparavirtualized guest could exploit this flaw to cause a denial of service(crash the host) or potentially execute arbitrary code on the host.(CVE-2015-8550) Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does notperform sanity checks on the device's state. An attacker could exploit thisflaw to cause a denial of service (NULL dereference) on the host.(CVE-2015-8551) Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does notperform sanity checks on the device's state. An attacker could exploit thisflaw to [ more… ]