Ubuntu security notices

USN-2888-1: Linux kernel (Utopic HWE) vulnerabilities
Ubuntu Security Notice USN-2888-1 1st February, 2016 linux-lts-utopic vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-utopic – Linux hardware enablement kernel from Utopic Details It was discovered that a use-after-free vulnerability existed in theAF_UNIX implementation in the Linux kernel. A local attacker could usecrafted epoll_ctl calls to cause a denial of service (system crash) orexpose sensitive information. (CVE-2013-7446) It was discovered that the KVM implementation in the Linux kernel did notproperly restore the values of the Programmable Interrupt Timer (PIT). Auser-assisted attacker in a KVM guest could cause a denial of service inthe host (system crash). (CVE-2015-7513) It was discovered that the Linux kernel keyring subsystem contained a racebetween read and revoke operations. A local attacker could use this tocause a [ more… ]