Ubuntu security notices
USN-3581-3: Linux kernel (Raspberry Pi 2) vulnerabilities
USN-3581-3: Linux kernel (Raspberry Pi 2) vulnerabilities Ubuntu Security Notice USN-3581-3 23rd February, 2018 linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Summary Several security issues were fixed in the Linux kernel. Software description linux-raspi2 – Linux kernel for Raspberry Pi 2 Details Mohamed Ghannam discovered that the IPv4 raw socket implementation in theLinux kernel contained a race condition leading to uninitialized pointerusage. A local attacker could use this to cause a denial of service orpossibly execute arbitrary code. (CVE-2017-17712) ChunYu Wang discovered that a use-after-free vulnerability existed in theSCTP protocol implementation in the Linux kernel. A local attacker coulduse this to cause a denial of service (system crash) or possibly executearbitrary code, (CVE-2017-15115) Mohamed Ghannam discovered a use-after-free vulnerability in the DCCPprotocol implementation in the Linux kernel. A local attacker could usethis [ more… ]