지락문화예술공작단

USN-3083-2: Linux kernel (Trusty HWE) vulnerabilities Ubuntu Security Notice USN-3083-2 19th September, 2016 linux-lts-trusty vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-trusty – Linux hardware enablement kernel from Trusty for Precise Details USN-3083-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04LTS. This update provides the corresponding updates for the LinuxHardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu12.04 LTS. Dmitry Vyukov discovered that the IPv6 implementation in the Linux kerneldid not properly handle options data, including a use-after-free. A localattacker could use this to cause a denial of service (system crash) orpossibly execute arbitrary code. (CVE-2016-3841) It was discovered that a race condition existed when handling heartbeat-timeout events in the SCTP implementation of the Linux kernel. A remoteattacker could [ more… ]

USN-3084-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3084-1 19th September, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Pengfei Wang discovered a race condition in the audit subsystem in theLinux kernel. A local attacker could use this to corrupt audit logs ordisrupt system-call auditing. (CVE-2016-6136) It was discovered that the powerpc and powerpc64 hypervisor-mode KVMimplementation in the Linux kernel for did not properly maintain stateabout transactional memory. An unprivileged attacker in a guest could causea denial of service (CPU lockup) in the host OS. (CVE-2016-5412) Pengfei Wang discovered a race condition in the Chrome OS embeddedcontroller device driver in the Linux kernel. A local attacker could usethis to cause a denial of service (system crash). [ more… ]

USN-3084-2: Linux kernel (Xenial HWE) vulnerabilities Ubuntu Security Notice USN-3084-2 19th September, 2016 linux-lts-xenial vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-xenial – Linux hardware enablement kernel from Xenial for Trusty Details USN-3084-1 fixed vulnerabilities in the Linux kernel for Ubuntu16.04 LTS. This update provides the corresponding updates for theLinux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS forUbuntu 14.04 LTS. Pengfei Wang discovered a race condition in the audit subsystem in theLinux kernel. A local attacker could use this to corrupt audit logs ordisrupt system-call auditing. (CVE-2016-6136) It was discovered that the powerpc and powerpc64 hypervisor-mode KVMimplementation in the Linux kernel for did not properly maintain stateabout transactional memory. An unprivileged attacker in a guest could causea denial of service [ more… ]

USN-3084-3: Linux kernel (Raspberry Pi 2) vulnerabilities Ubuntu Security Notice USN-3084-3 19th September, 2016 linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-raspi2 – Linux kernel for Raspberry Pi 2 Details Pengfei Wang discovered a race condition in the audit subsystem in theLinux kernel. A local attacker could use this to corrupt audit logs ordisrupt system-call auditing. (CVE-2016-6136) It was discovered that the powerpc and powerpc64 hypervisor-mode KVMimplementation in the Linux kernel for did not properly maintain stateabout transactional memory. An unprivileged attacker in a guest could causea denial of service (CPU lockup) in the host OS. (CVE-2016-5412) Pengfei Wang discovered a race condition in the Chrome OS embeddedcontroller device driver in the Linux kernel. A local attacker could usethis to [ more… ]

USN-3084-4: Linux kernel (Qualcomm Snapdragon) vulnerabilities Ubuntu Security Notice USN-3084-4 19th September, 2016 linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-snapdragon – Linux kernel for Snapdragon Processors Details Pengfei Wang discovered a race condition in the audit subsystem in theLinux kernel. A local attacker could use this to corrupt audit logs ordisrupt system-call auditing. (CVE-2016-6136) It was discovered that the powerpc and powerpc64 hypervisor-mode KVMimplementation in the Linux kernel for did not properly maintain stateabout transactional memory. An unprivileged attacker in a guest could causea denial of service (CPU lockup) in the host OS. (CVE-2016-5412) Pengfei Wang discovered a race condition in the Chrome OS embeddedcontroller device driver in the Linux kernel. A local attacker could usethis to cause a [ more… ]