[USN-2616-1] Linux kernel vulnerabilities
Several security issues were fixed in the kernel.
Alexandre Oliva reported a race condition flaw in the btrfs file system's
handling of extended attributes (xattrs). A local attacker could exploit
this flaw to bypass ACLs and potentially escalate privileges.
(CVE-2014-9710)
A memory corruption issue was discovered in AES decryption when using the
Intel AES-NI accelerated code path. A remote attacker could exploit this
flaw to cause a denial of service (system crash) or potentially escalate
privileges on Intel base machines with AEC-GCM mode IPSec security
association. (CVE-2015-3331)
A flaw was discovered in the Linux kernel's IPv4 networking when using TCP
fast open to initiate a connection. An unprivileged local user could
exploit this flaw to cause a denial of service (system crash).
(CVE-2015-3332)
- ID
- USN-2616-1
- Severity
- high
- Severity from
- CVE-2015-3331
- URL
- https://ubuntu.com/security/notices/USN-2616-1
- Published
-
2015-05-20T11:34:40
(9 years ago) - Modified
-
2015-05-20T11:34:40
(9 years ago) - Other Advisories
-
-
ALAS-2015-523
-
DSA-3237-1
-
ELSA-2015-0987
-
ELSA-2015-1081
-
ELSA-2015-3035
-
ELSA-2015-3036
-
ELSA-2017-3597
-
RHSA-2015:0981
-
RHSA-2015:0987
-
RHSA-2015:1081
-
SUSE-SU-2015:0581-1
-
SUSE-SU-2015:0736-1
-
SUSE-SU-2015:1071-1
-
SUSE-SU-2015:1174-1
-
SUSE-SU-2015:1224-1
-
SUSE-SU-2015:1376-1
-
SUSE-SU-2015:1478-1
-
SUSE-SU-2015:1487-1
-
SUSE-SU-2015:1488-1
-
SUSE-SU-2015:1489-1
-
SUSE-SU-2015:1491-1
-
USN-2613-1
-
USN-2614-1
-
USN-2615-1
-
USN-2619-1
-
USN-2620-1
-
USN-2631-1
-
USN-2632-1
-
USN-2662-1
-
USN-2663-1
-
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |