USN-3249-1: Linux kernel vulnerability Ubuntu Security Notice USN-3249-1 29th March, 2017 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary The system could be made to crash or run programs as an administrator. Software description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-gke – Linux kernel for Google Container Engine (GKE) systems linux-raspi2 – Linux kernel for Raspberry Pi 2 linux-snapdragon – Linux kernel for Snapdragon Processors Details It was discovered that the xfrm framework for transforming packets in theLinux kernel did not properly validate data received from user space. Alocal attacker could use this to cause a denial of service (system crash)or execute arbitrary code with administrative privileges. Update instructions The problem can be corrected by updating your system to [ more… ]