Ubuntu security

Ubuntu security notices

No Image

USN-3070-2: Linux kernel (Raspberry Pi 2) vulnerabilities

2016-08-31 KENNETH 0

USN-3070-2: Linux kernel (Raspberry Pi 2) vulnerabilities Ubuntu Security Notice USN-3070-2 30th August, 2016 linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-raspi2 – Linux kernel for Raspberry Pi 2 Details A missing permission check when settings ACLs was discovered in nfsd. Alocal user could exploit this flaw to gain access to any file by setting anACL. (CVE-2016-1237) Kangjie Lu discovered an information leak in the Reliable Datagram Sockets(RDS) implementation in the Linux kernel. A local attacker could use thisto obtain potentially sensitive information from kernel memory.(CVE-2016-5244) James Patrick-Evans discovered that the airspy USB device driver in theLinux kernel did not properly handle certain error conditions. An attackerwith physical access could use this to cause a denial of service (memoryconsumption). (CVE-2016-5400) [ more… ]

No Image

USN-3072-2: Linux kernel (OMAP4) vulnerabilities

2016-08-30 KENNETH 0

USN-3072-2: Linux kernel (OMAP4) vulnerabilities Ubuntu Security Notice USN-3072-2 29th August, 2016 linux-ti-omap4 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-ti-omap4 – Linux kernel for OMAP4 Details Kangjie Lu discovered an information leak in the Reliable Datagram Sockets(RDS) implementation in the Linux kernel. A local attacker could use thisto obtain potentially sensitive information from kernel memory.(CVE-2016-5244) Yue Cao et al discovered a flaw in the TCP implementation's handling ofchallenge acks in the Linux kernel. A remote attacker could use this tocause a denial of service (reset connection) or inject content into an TCPstream. (CVE-2016-5696) It was discovered that a heap based buffer overflow existed in the USB HIDdriver in the Linux kernel. A local attacker could use this cause a denialof [ more… ]

No Image

USN-3072-1: Linux kernel vulnerabilities

2016-08-30 KENNETH 0

USN-3072-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3072-1 29th August, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Kangjie Lu discovered an information leak in the Reliable Datagram Sockets(RDS) implementation in the Linux kernel. A local attacker could use thisto obtain potentially sensitive information from kernel memory.(CVE-2016-5244) Yue Cao et al discovered a flaw in the TCP implementation's handling ofchallenge acks in the Linux kernel. A remote attacker could use this tocause a denial of service (reset connection) or inject content into an TCPstream. (CVE-2016-5696) It was discovered that a heap based buffer overflow existed in the USB HIDdriver in the Linux kernel. A local attacker could use this cause a denialof service (system crash) [ more… ]

No Image

USN-3071-2: Linux kernel (Trusty HWE) vulnerabilities

2016-08-30 KENNETH 0

USN-3071-2: Linux kernel (Trusty HWE) vulnerabilities Ubuntu Security Notice USN-3071-2 29th August, 2016 linux-lts-trusty vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-trusty – Linux hardware enablement kernel from Trusty for Precise Details USN-3071-1 fixed vulnerabilities in the Linux kernel for Ubuntu14.04 LTS. This update provides the corresponding updates for theLinux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS forUbuntu 12.04 LTS. Kangjie Lu discovered an information leak in the Reliable Datagram Sockets(RDS) implementation in the Linux kernel. A local attacker could use thisto obtain potentially sensitive information from kernel memory.(CVE-2016-5244) Yue Cao et al discovered a flaw in the TCP implementation's handling ofchallenge acks in the Linux kernel. A remote attacker could use this tocause a denial of service (reset connection) [ more… ]

No Image

USN-3071-1: Linux kernel vulnerabilities

2016-08-30 KENNETH 0

USN-3071-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3071-1 29th August, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Kangjie Lu discovered an information leak in the Reliable Datagram Sockets(RDS) implementation in the Linux kernel. A local attacker could use thisto obtain potentially sensitive information from kernel memory.(CVE-2016-5244) Yue Cao et al discovered a flaw in the TCP implementation's handling ofchallenge acks in the Linux kernel. A remote attacker could use this tocause a denial of service (reset connection) or inject content into an TCPstream. (CVE-2016-5696) Pengfei Wang discovered a race condition in the MIC VOP driver in the Linuxkernel. A local attacker could use this to cause a denial of service(system crash) or obtain potentially [ more… ]