[USN-2545-1] Linux kernel (Utopic HWE) vulnerabilities
Several security issues were fixed in the kernel.
A flaw was discovered in the automatic loading of modules in the crypto
subsystem of the Linux kernel. A local user could exploit this flaw to load
installed kernel modules, increasing the attack surface and potentially
using this to gain administrative privileges. (CVE-2013-7421)
A flaw was discovered in the crypto subsystem when screening module names
for automatic module loading if the name contained a valid crypto module
name, eg. vfat(aes). A local user could exploit this flaw to load installed
kernel modules, increasing the attack surface and potentially using this to
gain administrative privileges. (CVE-2014-9644)
Sun Baoliang discovered a use after free flaw in the Linux kernel's SCTP
(Stream Control Transmission Protocol) subsystem during INIT collisions. A
remote attacker could exploit this flaw to cause a denial of service
(system crash) or potentially escalate their privileges on the system.
(CVE-2015-1421)
Marcelo Leitner discovered a flaw in the Linux kernel's routing of packets
to too many different dsts/too fast. A remote attacker can exploit this
flaw to cause a denial of service (system crash). (CVE-2015-1465)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-extra-3.16.0-33-generic?distro=trusty | < 3.16.0-33.44~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-33-powerpc64-smp?distro=trusty | < 3.16.0-33.44~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-33-powerpc64-emb?distro=trusty | < 3.16.0-33.44~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-33-powerpc-smp?distro=trusty | < 3.16.0-33.44~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-33-powerpc-e500mc?distro=trusty | < 3.16.0-33.44~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-33-lowlatency?distro=trusty | < 3.16.0-33.44~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-33-generic?distro=trusty | < 3.16.0-33.44~14.04.1 |
pkg:deb/ubuntu/linux-image-3.16.0-33-generic-lpae?distro=trusty | < 3.16.0-33.44~14.04.1 |
- ID
- USN-2545-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-2545-1
- Published
-
2015-03-24T09:25:33
(9 years ago) - Modified
-
2015-03-24T09:25:33
(9 years ago) - Other Advisories
-
- DSA-3170-1
- ELSA-2015-0726
- ELSA-2015-0864
- ELSA-2015-2152
- ELSA-2015-3012
- ELSA-2015-3019
- ELSA-2015-3020
- ELSA-2015-3021
- ELSA-2016-3502
- ELSA-2016-3503
- ELSA-2017-3597
- FEDORA-2015-10678
- FEDORA-2015-12917
- FEDORA-2015-13391
- FEDORA-2015-1657
- FEDORA-2015-1672
- FEDORA-2015-3011
- FEDORA-2015-3594
- FEDORA-2015-4059
- FEDORA-2015-4457
- FEDORA-2015-5024
- FEDORA-2015-6294
- FEDORA-2015-6320
- FEDORA-2015-7736
- FEDORA-2015-8518
- FEDORA-2015-9127
- FEDORA-2015-9704
- RHSA-2015:0726
- RHSA-2015:0727
- RHSA-2015:0864
- RHSA-2015:2152
- RHSA-2015:2411
- SUSE-SU-2015:0581-1
- SUSE-SU-2015:0736-1
- SUSE-SU-2015:0832-1
- SUSE-SU-2015:1071-1
- SUSE-SU-2015:1174-1
- SUSE-SU-2015:1376-1
- SUSE-SU-2015:1478-1
- SUSE-SU-2015:1488-1
- SUSE-SU-2015:1489-1
- USN-2513-1
- USN-2514-1
- USN-2541-1
- USN-2542-1
- USN-2543-1
- USN-2544-1
- USN-2546-1
- USN-2562-1
- USN-2563-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-extra-3.16.0-33-generic?distro=trusty | ubuntu | linux-image-extra-3.16.0-33-generic | < 3.16.0-33.44~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-33-powerpc64-smp?distro=trusty | ubuntu | linux-image-3.16.0-33-powerpc64-smp | < 3.16.0-33.44~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-33-powerpc64-emb?distro=trusty | ubuntu | linux-image-3.16.0-33-powerpc64-emb | < 3.16.0-33.44~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-33-powerpc-smp?distro=trusty | ubuntu | linux-image-3.16.0-33-powerpc-smp | < 3.16.0-33.44~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-33-powerpc-e500mc?distro=trusty | ubuntu | linux-image-3.16.0-33-powerpc-e500mc | < 3.16.0-33.44~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-33-lowlatency?distro=trusty | ubuntu | linux-image-3.16.0-33-lowlatency | < 3.16.0-33.44~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-33-generic?distro=trusty | ubuntu | linux-image-3.16.0-33-generic | < 3.16.0-33.44~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-3.16.0-33-generic-lpae?distro=trusty | ubuntu | linux-image-3.16.0-33-generic-lpae | < 3.16.0-33.44~14.04.1 | trusty |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |