지락문화예술공작단

USN-3070-2: Linux kernel (Raspberry Pi 2) vulnerabilities Ubuntu Security Notice USN-3070-2 30th August, 2016 linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-raspi2 – Linux kernel for Raspberry Pi 2 Details A missing permission check when settings ACLs was discovered in nfsd. Alocal user could exploit this flaw to gain access to any file by setting anACL. (CVE-2016-1237) Kangjie Lu discovered an information leak in the Reliable Datagram Sockets(RDS) implementation in the Linux kernel. A local attacker could use thisto obtain potentially sensitive information from kernel memory.(CVE-2016-5244) James Patrick-Evans discovered that the airspy USB device driver in theLinux kernel did not properly handle certain error conditions. An attackerwith physical access could use this to cause a denial of service (memoryconsumption). (CVE-2016-5400) [ more… ]

USN-3070-3: Linux kernel (Qualcomm Snapdragon) vulnerabilities Ubuntu Security Notice USN-3070-3 30th August, 2016 linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-snapdragon – Linux kernel for Snapdragon Processors Details A missing permission check when settings ACLs was discovered in nfsd. Alocal user could exploit this flaw to gain access to any file by setting anACL. (CVE-2016-1237) Kangjie Lu discovered an information leak in the Reliable Datagram Sockets(RDS) implementation in the Linux kernel. A local attacker could use thisto obtain potentially sensitive information from kernel memory.(CVE-2016-5244) James Patrick-Evans discovered that the airspy USB device driver in theLinux kernel did not properly handle certain error conditions. An attackerwith physical access could use this to cause a denial of service (memoryconsumption). (CVE-2016-5400) Yue Cao [ more… ]

USN-3070-4: Linux kernel (Xenial HWE) vulnerabilities Ubuntu Security Notice USN-3070-4 30th August, 2016 linux-lts-xenial vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-xenial – Linux hardware enablement kernel from Xenial for Trusty Details USN-3070-1 fixed vulnerabilities in the Linux kernel for Ubuntu16.04 LTS. This update provides the corresponding updates for theLinux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS forUbuntu 14.04 LTS. A missing permission check when settings ACLs was discovered in nfsd. Alocal user could exploit this flaw to gain access to any file by setting anACL. (CVE-2016-1237) Kangjie Lu discovered an information leak in the Reliable Datagram Sockets(RDS) implementation in the Linux kernel. A local attacker could use thisto obtain potentially sensitive information from kernel memory.(CVE-2016-5244) James Patrick-Evans discovered that [ more… ]