1st February, 2016<\/em><\/p>\n A security issue affects these releases of Ubuntu and its Several security issues were fixed in the kernel.\n<\/p>\n It was discovered that a use-after-free vulnerability existed in the It was discovered that the KVM implementation in the Linux kernel did not \u90ed\u6c38\u521a discovered that the ppp implementation in the Linux kernel did Sasha Levin discovered that the Reliable Datagram Sockets (RDS) It was discovered that the Btrfs implementation in the Linux kernel \u90ed\u6c38\u521a discovered that the Linux kernel networking implementation did Dmitry Vyukov discovered that the pptp implementation in the Linux kernel David Miller discovered that the Bluetooth implementation in the Linux It was discovered that the Linux kernel's Filesystem in Userspace (FUSE) The problem can be corrected by updating your system to the following To update your system, please follow these instructions: After a standard system update you need to reboot your computer to make ATTENTION: Due to an unavoidable ABI change the kernel updates have CVE-2013-7446<\/a>, <\/p>\n CVE-2015-7513<\/a>, <\/p>\n CVE-2015-7799<\/a>, <\/p>\n CVE-2015-7990<\/a>, <\/p>\n CVE-2015-8374<\/a>, <\/p>\n CVE-2015-8543<\/a>, <\/p>\n CVE-2015-8569<\/a>, <\/p>\n CVE-2015-8575<\/a>, <\/p>\n CVE-2015-8785<\/a><\/p>\n Source: ubuntu-usn<\/p>\n","protected":false},"excerpt":{"rendered":" Ubuntu Security Notice USN-2886-1 1st February, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details It was discovered that a use-after-free vulnerability existed in theAF_UNIX implementation in the Linux kernel. A local attacker could usecrafted epoll_ctl calls to cause a denial of service (system crash) orexpose sensitive information. (CVE-2013-7446) It was discovered that the KVM implementation in the Linux kernel did notproperly restore the values of the Programmable Interrupt Timer (PIT). Auser-assisted attacker in a KVM guest could cause a denial of service inthe host (system crash). (CVE-2015-7513) \u90ed\u6c38\u521a discovered that the ppp implementation in the Linux kernel didnot ensure that certain slot numbers are valid. A local attacker with theprivilege to call ioctl() on \/dev\/ppp [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-3333","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/3333","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=3333"}],"version-history":[{"count":0,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/3333\/revisions"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=3333"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=3333"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=3333"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}linux vulnerabilities<\/h3>\n
\n derivatives:<\/p>\n\n
Summary<\/h3>\n
Software description<\/h3>\n
\n
\n – Linux kernel<\/p>\n<\/li>\n<\/ul>\nDetails<\/h3>\n
AF_UNIX implementation in the Linux kernel. A local attacker could use
crafted epoll_ctl calls to cause a denial of service (system crash) or
expose sensitive information. (CVE-2013-7446<\/a>)<\/p>\n
properly restore the values of the Programmable Interrupt Timer (PIT). A
user-assisted attacker in a KVM guest could cause a denial of service in
the host (system crash). (CVE-2015-7513<\/a>)<\/p>\n
not ensure that certain slot numbers are valid. A local attacker with the
privilege to call ioctl() on \/dev\/ppp could cause a denial of service
(system crash). (CVE-2015-7799<\/a>)<\/p>\n
implementation in the Linux kernel had a race condition when checking
whether a socket was bound or not. A local attacker could use this to cause
a denial of service (system crash). (CVE-2015-7990<\/a>)<\/p>\n
incorrectly handled compressed inline extants on truncation. A local
attacker could use this to expose sensitive information. (CVE-2015-8374<\/a>)<\/p>\n
not validate protocol identifiers for certain protocol families, A local
attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2015-8543<\/a>)<\/p>\n
did not verify an address length when setting up a socket. A local attacker
could use this to craft an application that exposed sensitive information
from kernel memory. (CVE-2015-8569<\/a>)<\/p>\n
kernel did not properly validate the socket address length for Synchronous
Connection-Oriented (SCO) sockets. A local attacker could use this to
expose sensitive information. (CVE-2015-8575<\/a>)<\/p>\n
implementation did not handle initial zero length segments properly. A
local attacker could use this to cause a denial of service (unkillable
task). (CVE-2015-8785<\/a>)<\/p>\nUpdate instructions<\/h3>\n
\npackage version:<\/p>\n\n
\n
\n 3.2.0-98.138<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 3.2.0-98.138<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 3.2.0-98.138<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 3.2.0-98.138<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 3.2.0-98.138<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 3.2.0-98.138<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 3.2.0-98.138<\/a>
\n <\/span>\n <\/dd>\n<\/dl>\n
\nhttps:\/\/wiki.ubuntu.com\/Security\/Upgrades<\/a>.\n<\/p>\n
all the necessary changes.<\/p>\n
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.<\/p>\nReferences<\/h3>\n