1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-2614-1

[USN-2614-1] Linux kernel vulnerabilities

Severity Medium
Affected Packages 9
CVEs 4
Info Packages Vulnerabilities

Several security issues were fixed in the kernel.

Vincent Tondellier discovered an integer overflow in the Linux kernel's
netfilter connection tracking accounting of loaded extensions. An attacker
on the local area network (LAN) could potential exploit this flaw to cause
a denial of service (system crash of targeted system). (CVE-2014-9715)

Jan Beulich discovered the Xen virtual machine subsystem of the Linux
kernel did not properly restrict access to PCI command registers. A local
guest user could exploit this flaw to cause a denial of service (host
crash). (CVE-2015-2150)

A privilege escalation was discovered in the fork syscall via the int80 entry
on 64 bit kernels with 32 bit emulation support. An unprivileged local
attacker could exploit this flaw to increase their privileges on the
system. (CVE-2015-2830)

A memory corruption issue was discovered in AES decryption when using the
Intel AES-NI accelerated code path. A remote attacker could exploit this
flaw to cause a denial of service (system crash) or potentially escalate
privileges on Intel base machines with AEC-GCM mode IPSec security
association. (CVE-2015-3331)

Package Affected Version
pkg:deb/ubuntu/linux-image-extra-3.13.0-53-generic?distro=trusty < 3.13.0-53.88
pkg:deb/ubuntu/linux-image-3.13.0-53-powerpc64-smp?distro=trusty < 3.13.0-53.88
pkg:deb/ubuntu/linux-image-3.13.0-53-powerpc64-emb?distro=trusty < 3.13.0-53.88
pkg:deb/ubuntu/linux-image-3.13.0-53-powerpc-smp?distro=trusty < 3.13.0-53.88
pkg:deb/ubuntu/linux-image-3.13.0-53-powerpc-e500mc?distro=trusty < 3.13.0-53.88
pkg:deb/ubuntu/linux-image-3.13.0-53-powerpc-e500?distro=trusty < 3.13.0-53.88
pkg:deb/ubuntu/linux-image-3.13.0-53-lowlatency?distro=trusty < 3.13.0-53.88
pkg:deb/ubuntu/linux-image-3.13.0-53-generic?distro=trusty < 3.13.0-53.88
pkg:deb/ubuntu/linux-image-3.13.0-53-generic-lpae?distro=trusty < 3.13.0-53.88
ID
USN-2614-1
Severity
medium
URL
https://ubuntu.com/security/notices/USN-2614-1
Published
2015-05-20T11:28:12
(9 years ago)
Modified
2015-05-20T11:28:12
(9 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-extra-3.13.0-53-generic?distro=trusty ubuntu linux-image-extra-3.13.0-53-generic < 3.13.0-53.88 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-53-powerpc64-smp?distro=trusty ubuntu linux-image-3.13.0-53-powerpc64-smp < 3.13.0-53.88 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-53-powerpc64-emb?distro=trusty ubuntu linux-image-3.13.0-53-powerpc64-emb < 3.13.0-53.88 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-53-powerpc-smp?distro=trusty ubuntu linux-image-3.13.0-53-powerpc-smp < 3.13.0-53.88 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-53-powerpc-e500mc?distro=trusty ubuntu linux-image-3.13.0-53-powerpc-e500mc < 3.13.0-53.88 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-53-powerpc-e500?distro=trusty ubuntu linux-image-3.13.0-53-powerpc-e500 < 3.13.0-53.88 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-53-lowlatency?distro=trusty ubuntu linux-image-3.13.0-53-lowlatency < 3.13.0-53.88 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-53-generic?distro=trusty ubuntu linux-image-3.13.0-53-generic < 3.13.0-53.88 trusty
Affected pkg:deb/ubuntu/linux-image-3.13.0-53-generic-lpae?distro=trusty ubuntu linux-image-3.13.0-53-generic-lpae < 3.13.0-53.88 trusty
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date